Example record format

What a governance evidence record looks like.

The site describes governance evidence. This page shows its format: the fields a record carries, the states its exception field can hold, and how a counterparty reads it. Every value here is an illustrative placeholder. It is a template, not a client and not a result.

Format specimen · no client data · no score issued

Assertion, then evidence

The same obligations, asserted once and evidenced continuously.

Before · the assertion

"The board confirms that the firm's risk management and internal control systems are effective."

Signed once, at the reporting date. Point-in-time. Nothing behind it a counterparty can read.

After · the evidence record (format)

Obligation	Evidence source	Observation	Exception state	Verified
Third-party access control	Helpdesk access logs	Continuous	Open	Signed
Privileged-access review	IAM change log	Event-triggered	Clear	Signed
Model-override governance	Override log, risk-committee minutes	Monthly review	In review	Signed
Incident notification	Regulator-of-record filing	On event	In progress	Filed
Board protocol adherence	Decision log vs protocol	Monthly	Within bounds	Signed

Illustrative format. The exception-state field can hold open, in-review, in-progress or clear; the states shown are placeholders, not a client's record. This is not a pass mark and no score is issued. The point is that the field exists and is populated against each obligation.

The record

The eight observable fields, and what each holds.

Field 01

Counterparty

Who reads and prices. Example: a D&O underwriter at renewal.

Field 02

Decision being priced

The capital moment. Example: renewal of management liability cover for a firm running automated pricing models.

Field 03

Risk if misrepresented

What goes wrong if the evidence is wrong. Example: avoidance; model-risk exclusion bite at claim.

Field 04

Evidence primitives

The observable atoms. Model-override events, HITL decisions, risk-committee minutes, audit logs, with counts and timestamps per period. Not summaries.

Field 05

Temporal cadence

At what frequency each primitive is observed. Continuous, event-triggered, or periodic.

Field 06

Provenance

Where each primitive came from. Source system to engine to signing key, chain of custody preserved.

Field 07

Verification mode

How it was verified. Cryptographic signature, regulator-of-record filing, third-party attestation, or self-declared and flagged.

Field 08

Maturity calibration with trajectory

A maturity level with its direction of travel. Example: Foundational, rising to Established over the period (DRMA). Trajectory, not score.

The read

How a counterparty reads the primitives.

Override frequency

Override events are logged and signed, not asserted. As the committee tightens thresholds the rate falls. The read: the control is being exercised, not just documented.

Escalation discipline

HITL decisions are routed to the named accountable role within the protocol window, recorded against the obligation with timestamps. The read: the human decision is on the record.

Board oversight

Risk-committee minutes show the model risk reviewed and acted on, not noted. The read: the protocol the board authored is live, not shelfware.

Trajectory

Maturity rising on the record over the period. The read: an improving firm being priced, not a static snapshot.

The decision the format supports

The same risk, read two ways.

Read against the evidence record

Affirmative AI cover offered, rather than left silent.
The model-risk exclusion narrowed to the residual the evidence does not cover.
Cover continued at renewal, with the trajectory on the file.
At a later claim, the contemporaneous record answers the rescission question.

Read against a procurement file

Governance asserted in a questionnaire, signed once at inception.
Silent AI exposure left in the wording, priced as unknown or excluded.
Deterioration invisible until a claim surfaces it.
At claim, the representation is contested with no record to read.

Illustrative contrast. No premium figure is shown, and no score is issued from the schema. The counterparty reads the primitives and prices its own risk.

What this specimen is. A format, populated with example states, not a client record and not a result. The figures, obligations and exception states are placeholders chosen to show the shape a record takes; none are drawn from any engagement. No governance score is produced. A worked walkthrough, and in time a real anonymised record from a live engagement, is available to qualified counterparties under NDA. This page shows the form so a reader knows what to ask for.