Open standards & artifacts for accountable systems.

Evidence pack

Permanent link /evidence-packs/std-02

STD-02 Evidence Pack

Tiered evidence requirements for contestability, review, and remedy obligations in STD-02.

Proof-carrying compliance

Evidence bundles for contestability

STD-02 evidence packs show who reviews decisions, how fast, and how remedies land.

Tiered evidence model

Tier 0 to Tier 2 minimum

Begin with Tier 0 to prove access, then move up to resilience evidence.

  • Tier 0 (minimum): Proof the contestation path exists and is reachable in-product. UI links, receipt payloads, and appeal intake records.
  • Tier 1 (operational): Proof that appeals are reviewed and clocks are honored. Reviewer rosters, appeal outcomes, and clock compliance dashboards.
  • Tier 2 (resilient): Proof that contestation survives scale, incident load, and exceptions. Postmortems, exception audits, and throughput stress tests.

Receipt payloads should conform to the Agent Receipt schema for audit-ready evidence packs.

Clause evidence list

Evidence packs per clause

Minimum bundles for each STD-02 clause.

  • STD-02.1.1 (§1.1) — disclose that automated decisioning occurred when automation materially affects a person.
    Evidence: ui_notice, policy
  • STD-02.1.2 (§1.2) — state what changed and why it matters when automation changes status, access, or resources.
    Evidence: ui_notice, decision_log
  • STD-02.1.3 (§1.3) — provide a review/appeal path with timelines when person receives an adverse or consequential outcome.
    Evidence: appeal_policy, ui_copy
  • STD-02.2.1 (§2.1) — maintain a record of tool calls and state changes when system takes an action or decision.
    Evidence: action_log, audit_trail
  • STD-02.2.2 (§2.2) — include reason codes and key inputs (redacted as needed) when receipt is generated for an action.
    Evidence: receipt_template, policy
  • STD-02.2.3 (§2.3) — identify accountable operator and contact channel when receipt is issued.
    Evidence: receipt_template, contact_directory
  • STD-02.3.1 (§3.1) — grant standing regardless of status or credentials when person is materially affected.
    Evidence: policy, appeal_workflow
  • STD-02.3.2 (§3.2) — avoid retaliation or punitive impacts when a contestation is filed.
    Evidence: policy, case_log
  • STD-02.3.3 (§3.3) — offer contestation in the same channel when decision is delivered via a channel.
    Evidence: ui_state, journey_map
  • STD-02.4.1 (§4.1) — publish timelines for acknowledgment, review, resolution when appeals are accepted.
    Evidence: sla_doc, ui_copy
  • STD-02.4.2 (§4.2) — provide transparent status updates and expected resolution when review concerns high-stakes domains.
    Evidence: status_updates, queue_metrics
  • STD-02.4.3 (§4.3) — escalate to higher-authority or trigger failsafe remedy when review deadlines are missed.
    Evidence: escalation_policy, event_log
  • STD-02.5.1 (§5.1) — support undo/rollback without extraordinary effort when harm is reversible.
    Evidence: remedy_policy, ui_state
  • STD-02.5.2 (§5.2) — provide a defined compensation pathway when harm is irreversible.
    Evidence: remedy_policy, case_log
  • STD-02.5.3 (§5.3) — assign authority to named humans when remedy is issued.
    Evidence: org_chart, authority_matrix
  • STD-02.6.1 (§6.1) — offer human review on request when automated denial or action occurs.
    Evidence: review_policy, support_workflow
  • STD-02.6.2 (§6.2) — avoid incentives that bias against remedies when reviewers are evaluated.
    Evidence: performance_policy, incentive_plan
  • STD-02.6.3 (§6.3) — retain tamper-evident records long enough for investigation when logs support review or redress.
    Evidence: audit_trail, retention_policy
  • STD-02.7.1 (§7.1) — operator accepts liability for harms when automation causes errors or latency.
    Evidence: policy, governance_record
  • STD-02.7.2 (§7.2) — operators still guarantee access and remedy when vendors manage logs or controls.
    Evidence: vendor_contract, access_policy
  • STD-02.7.3 (§7.3) — fund review capacity proportional to actions when automation throughput increases.
    Evidence: capacity_plan, case_volume_metrics

Anti-weaponization evidence

Evidence requirements for AW-01 through AW-04

Treat anti-weaponization clauses as enforceable contestability obligations.

  • AW-01: Burden remediation plan tied to contestability metrics.
  • AW-02: Appeal path regression tests + public replacement notice.
  • AW-03: Receipts + clock compliance for automated downgrades.
  • AW-04: Assisted channel logs with escalation outcomes.

Pair this with diagnostics checks to validate AW compliance.

How teams fake this

Common compliance theater patterns

Spot and prevent adversarial compliance behaviors.

  • Appeal links exist but lead to dead ends or generic inboxes.
  • Review clocks are defined but not visible to impacted people.
  • Manual review happens, but there is no audit trail of outcomes or reversals.
  • Exception paths are used to avoid remedies without any expiry or review cadence.

What auditors ask

Audit questions to prepare for

Provide clause-linked evidence and decision logs in response.

  • Show appeal outcomes for the last quarter and the median review time.
  • Demonstrate how many remedies were delivered within the remedy clock.
  • Provide evidence that exception classes are time-bounded and reviewed.
  • Show how decision logs reference evidence packs for contested decisions.

Referenced by

Where STD-02 evidence is enforced

Cross-links keep evidence packs, examples, and bindings aligned.

Used in examples

Required by bindings

Verified by evidence packs

Search IDs: STD-02 v0.9, STD-02.2.1, STD-02.3.1, AW-01, AW-02, AW-03, AW-04, VAL-02, VAL-03.