Conformance Checklists
Per-pillar verification criteria from the ACR Standard, three-level conformance requirements, and the Annex B minimum audit checklist. Use these to prepare for or conduct an ACR conformance assessment.
Conformance Levels
Conformance levels are cumulative. A system claiming Level 2 must satisfy both Level 1 and Level 2 requirements. A system claiming Level 3 must satisfy all three levels. The conformance claim must identify the evaluated system boundary, protected execution scope, agents and action classes covered, conformance level claimed, and the date and version of the evaluated implementation.
Required Capabilities
- Action logging
- Decision logging
- Correlation identifiers
- Agent identity and purpose records
- Policy decision records
- Audit export capability
- Minimum retention enforcement
Verification Criteria
- •Assessor can reconstruct request, decision, and outcome for every sampled action.
- •Sampled logs contain agent identity, purpose, timestamps, decision, and correlation identifiers.
- •Sampled high-risk events are identifiable by explicit field or classification.
- •Exported evidence is structurally consistent and complete for sampled events.
Audit Evidence
Required Capabilities
- Mandatory pre-execution control for in-scope protected actions
- Deny-by-default behavior
- Identity and purpose binding
- Policy enforcement at execution boundary
- Approval gating for escalated actions
- Executor-side verification of control-plane authority
- Containment capability with kill or shutdown path
Verification Criteria
- •A protected action without valid control-plane authorization fails.
- •Unauthorized tool, destination, and data access attempts are denied.
- •Escalated actions do not execute before approval.
- •The executor rejects replayed, tampered, and unauthorized execution requests.
- •Containment prevents further protected action execution after activation.
Audit Evidence
Required Capabilities
- All Level 2 capabilities
- Enforcement at Input, Execution, and Output Boundaries
- Full four-state decision model including MODIFY
- Drift detection with thresholded response
- Graduated containment
- Quarterly containment testing
- Tamper-evident or append-only high-risk logging
- Full STRIKE mapping to controls and evidence
- Formal escalation authority matrix
- Safe-state definitions for production agents
- Audit-ready evidence bundles
Verification Criteria
- •All four decision outcomes can be demonstrated in controlled tests.
- •Modified outputs or actions are transformed and logged correctly.
- •Drift conditions trigger the documented response tiers.
- •Quarterly kill-switch and safe-state tests have occurred on schedule.
- •Each STRIKE category appears in the STRIKE traceability matrix with linked controls and evidence.
- •Sampled incidents can be reconstructed end to end from exported evidence.
Audit Evidence
Per-Section Verification Criteria
Each section of the ACR Standard defines specific verification considerations. Click a section to expand its checklist. Check off items as you verify them during your assessment.
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
An assessor SHOULD confirm that:
Minimum Audit Checklist
An auditor evaluating Level 3 (Full Runtime Control Plane Compliance) should be able to answer "yes" to all of the following:
Supporting Materials
Downloadable schemas, audit logs, and policy templates
Score your current ACR maturity across 6 pillars
Detailed enforcement points and evaluation criteria
Map threats to controls for Level 3 compliance
Map ACR to ISO 27001, NIST CSF, and more
Full ACR Standard v1.0.1 PDF