Question 1

What is the ACE Governance Platform?

Accepted Answer

ACE is a runtime policy engine that gates every AI action, enforces human-in-the-loop on restricted operations, and produces audit-grade evidence for every decision. Unlike traditional AI tools that operate without guardrails, ACE uses the MAI classification system (MANDATORY, ADVISORY, INFORMATIONAL) to ensure the right level of human oversight is applied to every action based on its risk level.

Question 2

What is the MAI classification system?

Accepted Answer

MAI stands for MANDATORY, ADVISORY, and INFORMATIONAL — a risk-based governance framework for AI agents. MANDATORY actions (like authentication, final submissions, and decisions affecting benefits) require human approval before proceeding. ADVISORY actions (like evidence analysis and quality checks) are flagged for human review with auto-proceed after timeout. INFORMATIONAL actions (like data gathering and navigation) proceed automatically with full audit logging. Classification is declared at design time and enforced at runtime — no agent can bypass governance gates.

Question 3

How is ACE different from traditional RPA or AI agent frameworks?

Accepted Answer

Traditional RPA (like UiPath or Automation Anywhere) has no built-in governance and fails on dynamic pages. AI agent frameworks (like LangChain, AutoGPT, or CrewAI) provide zero compliance boundaries — agents run uncontrolled with no audit trails. ACE is different because governance is built into the runtime, not bolted on. Every action is classified by risk, gated by policy, and logged with tamper-evident hashing. ACE produces audit-grade evidence packs, not just logs.

Question 4

What industries does ACE support?

Accepted Answer

ACE is built for any regulated industry where AI acceleration is needed but accountability cannot be automated away. Current use cases include government procurement and RFP analysis, legal research and document review, compliance and audit evidence collection, healthcare claims processing and prior authorization, and HR screening with consent-gated workflows. The platform uses configurable playbooks and industry skill packs, so it adapts to specific regulatory requirements.

Question 5

What compliance frameworks does ACE align with?

Accepted Answer

ACE's architecture is designed to align with NIST AI Risk Management Framework (AI RMF 1.0), CMMC 2.0 requirements for controlled unclassified information, HIPAA requirements for healthcare data handling, and FedRAMP security controls. The MAI classification system maps directly to NIST AI RMF's GOVERN function, and the immutable audit trail with SHA-256 hashing provides the evidence chain required for compliance audits.

Question 6

What are AI evidence packs?

Accepted Answer

Evidence packs are audit-grade output bundles generated for every workflow execution. Each pack includes a complete timeline of actions taken, all extracted artifacts with provenance tracking, decisions made with reasoning and confidence scores, human approvals with timestamps and attestations, and a SHA-256 integrity hash for tamper detection. Evidence packs are designed to withstand audit scrutiny — they prove what was done, why, by whom, and whether it was authorized.

The governance layer Claude runs through.

Governance at every level of execution.

Decision Controls (MAI Gates)

Workflow Progression Control

LLM Resource Control (Kernel Hook)

ForensicLedger — SHA-256 immutable audit chain.

7 frameworks. One governance layer.

Ready to deploy GIA?