EU AI Act·NIST AI RMF·ISO 42001

AI governance doesn't mean policies.
It means proof.

35% of organisations lack evidence that AI governance controls are actually operating. Auricen captures, signs, and maps every AI interaction, oversight decision, and deployed system automatically.

No credit card required · AI Gov Mode included in every plan

The problem

AI regulators want evidence of operating controls. Nobody captures it.

EU AI Act Article 14 requires proof that human oversight mechanisms are actually functioning not just documented. NIST AI RMF MEASURE-2.6 requires evidence of human review decisions. ISO 42001 §8.4 requires an AI system inventory. Most organisations have policies. None have proof.

Policies ≠ proof

No audit trail

Shadow AI invisible

⚠️

Your chatbot may be a high-risk AI system

EU AI Act Article 6 applies to deployed AI systems including the chatbot marketing set up last quarter without governance review. Most organisations don't know what AI is running on their own websites.

📋

Human override decisions leave no trace

When a reviewer overrides an AI recommendation, there's no signed record it happened, who did it, or what the rationale was. Auditors need that trail.

🔐

Auricen captures what happened with proof

Every AI interaction, override decision, and deployed system is captured with cryptographic signing. Controls are auto-mapped. Auditors click a URL.

AI Governance Mode

8 interaction types. Every one mapped to controls.

The Auricen Chrome extension detects AI tools automatically and captures governance evidence for every interaction type regulators care about.

💬

Prompt & Response

MEASURE-2.5 ISO42-8.6

👁️

Human Review

MEASURE-2.6 ISO42-8.7 EU-AI-14

🚫

Human Override

MEASURE-2.6 MANAGE-1.3 EU-AI-14

⚖️

Risk Assessment

MAP-2.2 MEASURE-2.7 EU-AI-9

🔬

Model Evaluation

MEASURE-2.5 ISO42-9.1 EU-AI-17

📜

Policy Acknowledgement

GOVERN-1.1 ISO42-6.2 EU-AI-17

🗄️

Data Governance

MAP-1.1 MAP-2.2 EU-AI-10

🚨

Incident Report

MANAGE-1.3 ISO42-10.2 EU-AI-9

Controls auto-mapped across EU AI Act, NIST AI RMF, and ISO 42001 no manual tagging

New: Chatbot Discovery

Find the AI systems you don't know you have.

ISO 42001 §8.4 requires an AI system inventory. EU AI Act requires you to know which AI systems you've deployed. Most organisations can't answer that question because marketing deployed a chatbot six months ago and nobody told compliance.

Auricen's AI Governance Mode scans any page you navigate to and fingerprints chatbot vendors from script patterns instantly. Navigate to a client site and see exactly what AI systems they've deployed, pre-assigned with risk tiers.

Runs automatically when AI Gov Mode is activated

Detects on every page navigation not just the first page

High-risk vendors flagged automatically (Ada, Voiceflow, Genesys, Salesforce Chat)

Discovery sent as signed evidence, a starting point for ISO 42001 §8.4 inventory

25 vendors fingerprinted

Intercom

Drift

HubSpot Chat

Zendesk

Freshchat

Crisp

Tidio

LiveChat

Gorgias

Ada ⚠

Kustomer

Landbot

Chatbase

Voiceflow ⚠

Botpress ⚠

Genesys ⚠

Salesforce Chat ⚠

NICE CXone

Kommunicate

Olark

Pure Chat

Smartsupp

Chatra

Userlike

Tawk.to

⚠ = EU AI Act high-risk pre-classification

Framework coverage

Three frameworks. One evidence layer.

Evidence records are automatically mapped across EU AI Act, NIST AI RMF, and ISO 42001. Record once, satisfy all three.

NIST AI RMF

AI Risk Management Framework

The NIST AI RMF requires evidence that risk identification, measurement, and management controls are actually operating not just documented.

MAP-1.1 AI system inventory and classification

MAP-2.2 Risk identification documentation

MEASURE-2.5 AI performance monitoring evidence

MEASURE-2.6 Human oversight verification

MEASURE-2.7 Bias and fairness measurement

MANAGE-1.3 Override and incident records

GOVERN-1.1 Policy acknowledgement evidence

GOVERN-4.1 AI governance procedure records

EU AI Act

EU Artificial Intelligence Act

The EU AI Act requires providers and deployers of high-risk AI systems to maintain detailed technical documentation and proof of operating controls.

Art. 6 High-risk AI system classification

Art. 9 Risk management system evidence

Art. 10 Data governance documentation

Art. 14 Human oversight proof of operation

Art. 17 Quality management system records

ISO 42001

AI Management System Standard

ISO 42001 is the management system standard for AI requiring evidence that your AI governance program is operating effectively, not just designed.

§6.1 Risk and opportunity assessment records

§6.2 AI governance objective evidence

§8.4 AI system inventory (discovery)

§8.5 AI system development records

§8.6 AI use monitoring evidence

§8.7 Human oversight documentation

§9.1 Performance evaluation records

§10.2 Incident and corrective action records

How it works

From AI interaction to signed evidence in seconds

Activate AI Governance Mode

Open the Auricen Chrome extension and toggle AI Gov Mode. The extension immediately scans the current tab for deployed AI systems and activates interaction capture for 25 AI tool URLs.

Chatbot scan runs automatically

Capture the interaction

Use your AI tools normally. When a governance-relevant interaction occurs, a prompt, an override, a review decision, the extension surfaces a capture panel. Tag the interaction type, risk tier, and rationale. PII warnings are built in.

8 interaction types · full control mapping

Evidence is signed and mapped

The record flows through Auricen's signing pipeline. Controls are auto-tagged across EU AI Act, NIST AI RMF, and ISO 42001. Auditors receive a verify URL no system access required.

Cryptographically signed at capture

AI governance doesn't mean policies.It means proof.