Skip to content

ISO/IEC 42001 AIMS Alignment

This document describes how DvalinCode aligns its project governance with ISO/IEC 42001, the AI management system standard. It is an internal control map and evidence plan, not a claim of ISO certification.

References

Scope

The AI management system scope covers:

  • DvalinCode source code, build workflows, release artifacts, and security docs.
  • Agent behavior exposed through Chat, Cowork, Code, terminal, web, and server interfaces.
  • Model/provider integrations, prompts, tool execution, audit logs, local data, and policy enforcement.
  • Governance evidence for maintainers and users evaluating enterprise adoption.

Out of scope:

  • The internal controls of third-party model providers.
  • A user's private prompts, repositories, API keys, and local runtime configuration after installation.
  • Formal ISO certification activities performed by an accredited certification body.

AI Policy

DvalinCode's AI policy is:

  1. Keep the user or organization in control of model, tool, file, shell, and network permissions.
  2. Treat model output as untrusted input.
  3. Minimize data captured in audit records and never store prompt bodies, provider bodies, API keys, or file contents in audit logs.
  4. Make AI behavior reviewable through open source code, tests, policy files, and tamper-evident run logs.
  5. Preserve local-first operation and avoid hidden vendor lock-in.
  6. Record material AI behavior changes through a pull request checklist and, for higher-risk changes, an AI change impact assessment.

Roles

RoleResponsibilityEvidence
AIMS ownerMaintains this control map and review cadenceThis document
Security ownerMaintains Scorecard, CodeQL, security policy, and release checksSECURITY.md, .github/workflows/
Release ownerVerifies build outputs, checksums, and release notesrelease.yml, scripts/build-release.sh
AI behavior ownerReviews prompts, tools, policy enforcement, provider changes, and mode behaviorPR checklist, tests
Incident ownerCoordinates security or AI behavior incidentsSECURITY.md, issue template

For this public repository, these roles may be held by the same maintainer. For enterprise forks, assign named people or teams.

Control Map

Management-system needDvalinCode implementationEvidence
Context and interested partiesEnterprise approval goal and threat models are documenteddocs/APPROVABILITY-PLAN.md, docs/EGRESS-THREAT-MODEL.md
Leadership and policyAI policy and security expectations are documentedThis document, SECURITY.md
Risk planningAI risks are tracked with controls and review triggersRisk register below, impact assessment template
Support and competenceContributor expectations and PR checklist guide maintainersCONTRIBUTING.md, PR template
OperationTool permissions, policies, audit logs, and release workflows govern behaviorsrc/core/, src/audit/, .github/workflows/
Data governanceAudit data minimization and local-first storage are documenteddocs/AUDIT-TRAIL.md, docs/EGRESS-THREAT-MODEL.md
Supplier and model governanceProvider changes require impact reviewPR template, impact assessment template
Performance evaluationCI, tests, Scorecard, CodeQL, and release verification provide recurring checks.github/workflows/
ImprovementIssues, incidents, and Scorecard findings feed back into docs, tests, and policyIssue template, Scorecard doc

Risk Register

RiskImpactBaseline controlReview trigger
Prompt injection causes unauthorized write or commandUser code or data may be changed unexpectedlyApproval modes, diff preview, policy engine, audit trailAny tool permission or mode change
Sensitive data reaches a model providerConfidential data may leave the workspace or machineLocal-first design, .dvalincodeignore, audit minimization, egress policyNew provider, file selection, or context ingestion change
Provider or model behavior changes unexpectedlyAgent quality, privacy, or safety posture may changeProvider profiles, local model support, impact assessmentNew provider, default model, endpoint, or prompt policy
Supply-chain compromise in build or CIRelease artifacts may be untrustedPinned Actions, CodeQL, Dependabot, release checksumsWorkflow, dependency, or release script change
Audit evidence is incomplete or misleadingUsers cannot reconstruct agent behaviorHash-chained logs and report verificationAudit schema, minimization, or report change
Users overestimate ISO/Scorecard meaningMisplaced trust or compliance claimsClear non-certification languageREADME, release, or marketing claim change

AI Change Classification

Use this lightweight classification in pull requests:

ClassExamplesRequired evidence
A0 documentation-onlyREADME typo, screenshotsNormal review
A1 low-risk implementationUI styling, test-only changesTests or rationale
A2 behavior-affecting AI changePrompt, mode behavior, provider config, context selectionTests plus PR governance checklist
A3 high-risk AI/system changePermission model, shell/file/network tools, audit, release, default providerAI impact assessment plus maintainer review

Use docs/governance/AI-CHANGE-IMPACT-ASSESSMENT.md for A3 changes and for any A2 change where data exposure, autonomy, or user approval behavior is uncertain.

Required Records

Keep these records in git or GitHub:

  • Pull requests and reviews for security or AI behavior changes.
  • Completed AI impact assessments for A3 changes.
  • Scorecard and CodeQL run history.
  • Release notes, checksums, and build logs.
  • Security incidents and corrective actions.
  • Exceptions where a control is knowingly deferred, including owner and review date.

Review Cadence

  • Review this AIMS document every quarter or after any A3 change.
  • Review Scorecard and CodeQL findings weekly via scheduled workflows.
  • Review the risk register before each major release.
  • Review incidents within seven days of closure and capture corrective actions.

Certification Note

ISO/IEC 42001 certification requires a formal audit against the full standard and organizational evidence beyond this repository. This repository provides implementation evidence and operating procedures that can support such an audit, but it does not by itself establish certification.

Released under the MIT License. Not affiliated with any AI vendor.