Doctrine, made enforceable.
The EDENA Standards Stack expresses the framework's twelve principles as conformance-testable requirements, written in the normative language of MUST, SHOULD, and MAY. A doctrine you can audit against, not merely agree with.
Principles become requirements you can test.
Ethics statements describe intentions. A standard describes obligations. Each EDENA standard converts a principle into requirements at three levels, so that conformance can be claimed, evaluated, and contested:
- MUST — an absolute requirement. A system that omits it is non-conformant.
- SHOULD — a recommended practice. Omission requires documented justification.
- MAY — an optional practice, permitted but not required.
The same five governance outcomes recur across the stack — ALLOW, REQUIRE_HUMAN, CONSTRAIN, THROTTLE, DENY — so that an action evaluated under one standard is recorded the same way as an action evaluated under another.
Conformance is declared per system, at one of three escalating levels. Higher-risk capabilities must claim higher levels.
Gated
Registration, action classification, and named-human gating for higher-tier actions, with basic logging.
Governed
Adds least-privilege controls, data-boundary governance, containment, and conformant evidence bundles.
Stewarded
Adds oversight-effectiveness auditing, continuous monitoring, and stop-the-line authority. Required for Orange- and Red-tier capabilities.
Six standards, one doctrine.
Two standards govern what AI is — agentic software and physical robots. Four govern how every governed action must behave — gated, evidenced, overseen, and recoverable.
Agentic Systems
Governs software that can act. Registers and tiers every capability, classifies and gates every consequential action, enforces least privilege, contains before scale, and answers the OWASP Agentic Top 10.
Read the standard EDENA-RS 1.0Robotic Systems
Extends the doctrine to AI that moves through the physical world. Tiers kinetic action by force, proximity, and irreversibility; mandates a physically reachable stop; inherits EDENA-AS for the software brain.
Read the standard Action-Gating 1.0Healthcare AI Action-Gating
Tiers and gates clinical AI actions before they reach patients. Turns documentation, alerting, medication, and discharge workflows into classified, authorized, recorded decisions rather than silent automation.
Read the standard Evidence Bundle 1.0Evidence Bundle
The auditable record every governed action must produce. Specifies the provenance, grounding, uncertainty, timestamps, and decision path that travel with a claim so that trust is traceable, not assumed.
Read the standard Human Oversight 1.0Human Oversight
Makes "human-in-the-loop" meaningful. Requires that the reviewer can understand, challenge, override, and stop an action — and actively counters automation bias, rubber-stamping, and clinical deskilling.
Read the standard Stop-the-Line 1.0AI Incident & Stop-the-Line
Governs detection, containment, reporting, and learning when an AI system exceeds its scope. Gives the steward authority to halt, mandates voluntary safety-event reporting, and closes the loop into governance.
Read the standardHow the stack maps to the world's governance regimes.
Independent authorities converged on the same architecture from four directions — a national agentic framework, binding law, a security taxonomy, and management-system standards. The EDENA stack is the nurse-led implementation that ties them to a named human and a stewarded environment.
| External framework | What it requires | EDENA standards |
|---|---|---|
| NIST AI RMF | Govern · Map · Measure · Manage | EDENA-AS & Action-Gating (Map), Evidence Bundle (Measure), Stop-the-Line & Human Oversight (Manage/Govern) |
| EU AI Act — Article 14 | Human oversight, override, and a stop button; awareness of automation bias | Human Oversight 1.0, Stop-the-Line 1.0 |
| EU AI Act — Article 15 | Accuracy, robustness, cybersecurity, and fallback behavior across the lifecycle | EDENA-AS, EDENA-RS, Evidence Bundle 1.0 |
| Singapore MGF for Agentic AI | Bound risk upfront · accountable humans · technical controls · end-user responsibility | EDENA-AS, Action-Gating, Human Oversight |
| ISO/IEC 42001 | An AI management system with declared controls and evidence | The full stack & declared conformance levels |
| OWASP Top 10 for Agentic Applications (2026) | Coverage of agentic threats — goal hijack, tool misuse, rogue agents, cascading failures | EDENA-AS 1.0 (§11 threat mapping) |
Mappings indicate substantive alignment, not certification by the referenced bodies. Each standard states its own conformance requirements; an organization declares the level it claims for each deployed system.
Choose your conformance level. Make the doctrine auditable.
Begin with an AI action inventory and a tiering workshop. We'll help you select the standards that apply, reach a declared conformance level, and stand up the evidence your auditors and regulators now require.