For auditors · GRC, internal audit, compliance

Evidence without the archaeology.

Audit prep in days, not months. Auditors fetch a signed evidence pack from a URL — verifiable with public keys alone. 266 control mappings across 13 frameworks. KYE Compliance Mapping Rail binds runtime to obligation.

fact_check How it works policy EU AI Act 10 controls verified Evidence types science Try the Viewer
How it works

Fetch a URL. Verify offline. Map to controls.

KYE Protocol exports signed evidence packs that ride on the KYE Compliance Mapping Rail. 266 mappings across 13 horizontal frameworks plus sector overlays (HIPAA via the v1.1 healthcare profile). You fetch the pack from a URL and verify with public keys; you don’t schedule interviews.

SOC 2 · ISO 27001:2022 · PCI DSS 4.0 · PSD2/PSD3 · DORA · NIS2 · EU AI Act · ISO 42001 · NIST AI RMF · NIST 800-207 · NIST CSF · GDPR · FedRAMP
EU AI Act

10 controls. All on the rail.

  • KYE-EUAIACT-001 Entity accountability mapping
  • KYE-EUAIACT-002 AI system & AI agent registry
  • KYE-EUAIACT-003 Capability manifest + risk classification
  • KYE-EUAIACT-004 Human oversight decision gates
  • KYE-EUAIACT-005 Runtime authority decision logs
  • KYE-EUAIACT-006 Technical documentation evidence pack
  • KYE-EUAIACT-007 Corrective action & revocation trail
  • KYE-EUAIACT-008 Provider / deployer / operator role mapping
  • KYE-EUAIACT-009 High-risk workflow profile
  • KYE-EUAIACT-010 Post-market monitoring evidence hooks
Evidence types

Four signed projections, one verifiable chain.

  • Decision Map — per decision, a replayable graph of actor → principal → delegation → capability → authority → scope → state → policy → decision → audit → evidence.
  • Evidence Graph — decision ↔ authority grants ↔ capability manifests ↔ payloads ↔ audit events ↔ evidence packs.
  • Blast Radius Map — what breaks if a credential / capability / entity is compromised.
  • Compliance Map — projection from KYE objects to framework controls.
KYE Evidence Pack Viewer · for auditors & regulators

Replay decisions, verify signatures, map to controls.

Pick a sample evidence pack. Verify its signature offline against the publisher's published JWKS. Replay the bound Decision Map against the snapshot inputs. Walk the audit chain entries linked via audit_ref. Project the pack onto SOC 2, ISO 27001, EU AI Act, PSD3, or DORA controls via the KYE Compliance Mapping Rail. Evidence, not screenshots.

Need the conformance pack?

menu_book Whitepaper & controls play_circle Decision Map demo forum Talk to us

Ready to see your AI agents flagged?

Start in shadow mode. We’ll deliver your first Evidence Pack in 4–8 weeks.

rocket_launch Apply for pilot → science Try the sandbox →