Traceability
Every autonomous action can be reconstructed end-to-end. Trigger → execution → outcome, all logged, all auditable.
Command Console · Operator-Authenticated
ICA IMPERIUM™
When velocity exceeds control, the system is not fast. It is exposed.
L4 ComplianceALL SEALED
L5 OTS Seals1207
L6 Remediation0/24h
Sentinel10/14 green
Public AnchorPending
Verified. Vaulted. Victorious.
ICA Certifications
0
▲ new
Certified
0
▲ ICA-2026-0003
In Progress
0
— idle
Avg Compliance
0%
▲ +3 (24h)
IAC Agents
0
▲ +2 (24h)
Agents Certified
0
▲ +1 (24h)
Live Platform State · ICA · Last 24 Hours live · --:--
IAC Assessments0total runs (14 unique agents)
L7 Receipts—ED25519 signed
Public Seals—opentimestamps
Sentinel Packs—frameworks live
Capture Sessions—AI surfaces watched
CCM Scheduler—runs / hr · 0 failing
Continuous Governance · Posture · Spend · Cert Review
Org Posture—7-layer · continuous
Provider Spend—provider ledger · 7d
Cert Review—advisory · auto-flagged
Agent Tier Distribution
The ICA Constitution
Operator-level governance doctrine · enforced at runtime in every Aleeth-certified system
“ICA is not a collection of best practices. It is a strict architectural doctrine. These are the laws that govern systems operating under extreme pressure.”
The Five Foundational Laws
The Three Non-Negotiable Constraints
Containment
No agent exceeds its explicit operational boundary. Capability is bounded by design — if no control surface exists, the capability does not deploy.
Reversibility
Every autonomous action has a defined and tested reversal mechanism. If the rollback path is unnamed, the action is not permitted.
Standards Comparison
How ICA relates to NIST, ISO, EU AI Act, SOC 2, and existing governance products
Every other framework tells you what governed AI should look like. Every other product monitors whether you're getting close.
ICA is the system that defines the standard, certifies you against it, ships a runtime SDK · ica-guard · in private alpha to enforce it, and produces the audit evidence as a byproduct of normal operation.
ICA is the control layer that makes all of them true at once.
| Framework | What it is | What it gives you | How ICA closes the gap | Coverage |
|---|
Certified Registry
Organizations holding active ICA certification · internal command center only
Trust Index · Operator Roll-up
Every cert sorted by verification depth · same 0–100 score the public /trust/:cert_num page renders
Fleet Verification DepthAvg 85 / 100
Attestation
Telemetry
Provenance
Discovery
Critical
Certs Tracked0— stable
Avg Depth0— stable
Four-Source Verified0— stable
Attestation Only0— stable
Open Critical0clean
| Cert ID | Organization | Status | Depth | Tier | ATT | TEL | PROV | DISC | CRIT | Share |
|---|
ICA Certification
Guided 7-layer institutional governance assessment
The 5-Stage Certification Lifecycle
Every ICA certification runs this exact process. The Sustain stage is the differentiator — continuous compliance vs. the static annual snapshots SOC 2 and ISO 42001 produce.
| Cert ID | Organization | Type | Stage | Owner | Progress | Score | Status | Action |
|---|
IAC Agent Assessment
9-domain individual agent certification evaluation
Fleet Domain Heatmap
14 agents × 9 governance domains · cell color = current score · click any cell to drill into evidence.
| IAC ID | Agent | Model | Domains | Score | Tier | Status | Action |
|---|
Agent Registry
IAC-certified agents housed, deployed, and governed by ICA™
14Registered
12Available
8Deployed
52Skills Trained
AI Workforce Intelligence · Cross-Customer Fleet
Per-customer rollups of AI workforce leverage, spend, and waste detection. Metadata-only telemetry · no prompts, no responses, no source code · enforced at the schema layer.
WORKFORCE
Usage is cheap signal. Leverage is the command layer.
Customers Tracked0with workforce telemetry
Total Operators0enrolled across fleet
Events Last 30D0metadata-only rows
Fleet Spend (30D)$0usd across customers
Cache Savings$0reuse-driven avoidance
Outcomes (30D)0commits + PRs + ships
Per-Customer RollupEach ICA Live tenant's workforce metrics · respects anonymization floor of 2 customers per industry
| Customer | Operators | Events (30D) | Spend (30D) | Top Leverage | Open Recs | Status |
|---|
ICA™ Command Center
Live governance monitoring · post-certification compliance · incident management
Live Compliance Monitors
Governance Coverage Matrix
Eight-lane operating posture · inventory, lineage, quality, security, access, oversight, compliance, audit
Fleet Auto-Tick Orchestrator
Capture Governance Auto-Tick Runner
Customer Install Verifier
SIEM Export Delivery
SCIM Identity Provisioning
Capture Coverage Assurance
Security Evidence Lane
Compliance-To-Evidence Control Map
Control Closure Workbench
Data Quality Monitor
Human Oversight Workbench
Access Review Campaigns
Autonomous Closure Proof Console
Live proof that ICA can assign, mark fixed, verify, settle receipts, and return to monitor-only without Command Center dependency.
Security Finding Closure Campaign
Security Closure SLA Queue
Agent Control · Rail Guard
The kill switch. Halt any agent in real time; its steps are quarantined at ingest (forensic record only, no governed evidence, no receipts) until an operator releases it. Every halt and release is Ed25519-signed onto the chain.
Security Closure Native Closeout
Verified Closure Rollup
Security Closure Auto-Wave Controller
Security Closure Auto-Drain Controller
Security Closure Scheduler
Scheduler Exception Inbox + Operator Intervention
Scheduler Recovery Policy Engine
ICA Live ↔ Imperium Control Plane
Access Review Workbench
Data Lineage Graph
AI System Ownership
Governance Evidence Export Package
ICA Monitoring · MCP Sentinel · Cross-Customer Fleet
Every MCP server enrolled by every customer · current tool inventory · open findings (drift + poison + risky-schema-keys). Findings table is append-only via DB trigger · core fields immutable. Universal ICA feature · no tier.
MCP SENTINEL
Every tool call in the agentic AI stack · inventoried · diffed · governed.
Customers Enrolled0with MCP sentinel
Active Servers0MCP endpoints across fleet
Tools Tracked0unique tool surfaces
Tools At Risk0risky schema keys
Open Findings0across fleet
Critical0severity tier
Per-Customer RollupEach customer's MCP server fleet · open finding counts by severity
| Customer | Servers | Tools | At Risk | Open | Critical | Status |
|---|
ICA Aegis · Vector Sentinel · Cross-Customer Fleet
Every Pinecone · Weaviate · Qdrant · Chroma · Milvus store enrolled · collection sensitivity classification · open PII/PHI/PCI/secret findings. Access events append-only via DB trigger · vector values + document text + query text blocked at the schema layer. Universal ICA feature · no tier.
VECTOR SENTINEL
Every embedding in the RAG stack · classified · governed · proof-sealed.
Customers Enrolled0with vector sentinel
Active Stores0vector DBs across fleet
Collections Tracked0indexes across fleet
Restricted+0restricted · PCI · PHI
Open Findings0PII · PHI · PCI · secret
Critical0severity tier
Per-Customer RollupEach customer's vector DB fleet · open finding counts by severity
| Customer | Stores | Collections | Restricted+ | Open | Critical | Status |
|---|
ICA Aegis · Prompt Sentinel · Cross-Customer Fleet
Every probe surface registered · direct + indirect injection · jailbreak · exfil · data-leak detections. Detections append-only via DB trigger · prompt text, model responses, and source code blocked at the schema layer. Universal ICA feature · no tier.
PROMPT SENTINEL
Every input lane in the AI stack · scanned · classified · redacted by design.
Customers Enrolled0with prompt sentinel
Active Surfaces0probe lanes across fleet
Open Detections0awaiting triage
Critical0severity tier
Jailbreak0category count
Indirect (RAG)0rag-borne · tool-poison
Per-Customer RollupEach customer's probe fleet · open detection counts by severity
| Customer | Surfaces | Open | Critical | Jailbreak | Indirect | Status |
|---|
Closed-Loop Stream · Compass Receipt Lane
Imperium view of the live Compass IAC evidence chain: customer review register, agent receipts, score posture, public issuance lock, and Security Closure DAG controller state.
Closed-Loop Compliance Pulse
Read-only. ICA Live + ICA Imperium only. Public cert issuance remains locked unless Shane explicitly approves the issue payload.
Receipt Pass
IdleLatest runNo new pass in this session.
Compass/Bauer P1 Lane
Production laneWaiting for P1 check.
Liability prewireCounsel gate not loaded.
Enterprise Onboarding Control Loop
Onboarding loopWaiting for live read-back.
OwnersNo owner assignment loaded.
Evidence checklistNo checklist loaded.
EscalationsNo escalation view loaded.
Enterprise Launch Factory
Launch templateNo template loaded.
OwnersNo owner template loaded.
EvidenceNo evidence template loaded.
EscalationsNo escalation template loaded.
Enterprise Evidence Intake
Evidence intakeNo payload preview loaded.
PayloadsNo payload hashes loaded.
Review manifestNo manifest hash loaded.
Mint lockPublic mint locked.
Customer Lane Dry-Run
Lane dry-runNo customer lane simulation loaded.
Simulated rowsNo preview rows loaded.
Evidence reconciliationNo evidence checklist reconciled.
Receipt prerequisitesNo receipt prerequisites loaded.
Ledger readinessNo ledger readiness loaded.
Instantiation lockPreview-only. Public mint locked.
Trust Event Control Tower
Control towerWaiting for evidence room.
Pre-mint lanesNo lane read-back loaded.
Ratification previewNo payload hash loaded.
Counsel Binder
BinderNo counsel binder loaded.
FilesNo export files prepared.
Export receiptNo binder export receipt recorded.
Public IAC Issue Gate
GateApproval required.
Audit proofNo approval receipt recorded.
Counsel Packet
Counsel packetWaiting for operator read-back.
Approver registerNo register loaded.
Liability receiptPending issue-time acknowledgement.
Approver payloadNo reviewed hash.
Counsel payloadNo reviewed hash.
Registration Ledger
Registration ledgerWaiting for review read-back.
Pre-mint receiptsNo receipt history loaded.
Event trailNo operator events loaded.
Public Verify Readiness
Verify laneWaiting for readiness check.
Generated URLsNo preview loaded.
Ratification Packet
PacketWaiting for final gated pass readback.
Approval payloadNo packet loaded.
ICA Live Instances · Feeding Into ICA Imperium
Every certified ICA Live deployment streams compliance, evidence, and incident telemetry up to ICA Imperium in real time. One row per customer instance · seven-layer health · last heartbeat · alert count.
Aggregate Health
Live Instances
Governed Workflow Runs
DAG-driven ICA automation history, gate posture, dry-run receipts, and guarded operator execution. ICA Live acts; ICA Imperium records and supervises.
Run Control Surface
Conformity DAG and Security Closure Auto-Wave run from existing ICA-only paths with receipts stored in operator events.
Trust Page · ICA-2026-000
The Schreck Method · Founding Self-Attestation
100verification depth
StatusACTIVE
TierFour-Source Verified
Certified5/22/2026
Renewal5/22/2027
Verification Sources
ATTESTATIONSigned by Aleeth · operator-authenticated1
TELEMETRYContinuous L1–L7 stream from ICA Live instance451 ev/hr
PROVENANCEED25519 receipts, OTS anchored1078
DISCOVERYICA Sentinel passive sweep1
7-Layer Health
L1
L2
L3
L4
L5
L6
L7
Verified. Vaulted. Victorious. · Anchored on the Bitcoin blockchain via OpenTimestamps · Standard ICA™ v1.0