Frameworks — AIUC-1

Build trust for your AI agents in the enterprise. 

AIUC-1 is the emerging security, safety, and reliability standard for AI agents, backed by independent audits and quarterly adversarial testing. If your company builds or deploys agentic AI — especially in customer-facing or high-risk workflows — AIUC-1 certification helps you win enterprise trust and unblock deals. 

Subscribe to our newsletter and never skip a step in your AIUC-1 journey.

Trusted by teams worldwide

Trusted by teams worldwide

Trusted by teams worldwide

Trusted by teams worldwide

In the Spotlight

Start your AIUC-1 certification journey with DSALTA's complete checklist.

AIUC-1 is the first security, safety, and reliability standard purpose-built for AI agents, developed with input from Stanford, MIT, MITRE, and the Cloud Security Alliance. Certification requires independent auditing plus quarterly technical testing — not just a governance policy on paper. 

AIUC-1 can feel dense with its 51 requirements and 130 controls across six risk pillars, but DSALTA® makes it manageable. With automated evidence collection, continuous monitoring, and AI-driven risk insights, you can maintain certification without drowning in manual work. Use this checklist to guide your AIUC-1 journey. 

Why AIUC-1 certification matters? 

Earning AIUC-1 certification is more than a checkbox exercise. It shows enterprise buyers, procurement teams, and your board that your AI agents have been independently tested against real-world adversarial risk — not just described in a policy document. In return, it builds long-term trust, especially with security-conscious customers in fintech, healthtech, SaaS, and enterprise software.
Failing to address agent-specific risk can result in: 

Data leaks and IP exposure 

Loss of enterprise customer trust 

Legal and reputational exposure from agent misuse 

Deals stalled or lost in security review 

Easily accessible AI agent security for growing teams. 

Many companies delay AI agent security work because of complexity. But it doesn't have to be overwhelming. With tools like DSALTA, AIUC-1 becomes easier to manage — especially for lean, fast-moving AI teams. By using automation and a proactive approach, you can: 

Save time and third-party audit costs 

Make informed decisions using real-time risk dashboards 

Reduce manual evidence-gathering and focus on shipping product 

Key steps to AIUC-1 certification 

Here's how to get AIUC-1 certified while keeping your AI agents shipping fast. 

01

01

Scope your AI agent and kick off the audit

AIUC-1 certification applies to a specific product or agent, not your whole organization by default. This includes: 

  • Defining which product or agent is in scope for certification 

  • Assigning key team members and setting up environment and config 

  • Identifying initial evidence and gaps with your accredited auditor 

Applies whether your agent is customer-facing, internal automation, or embedded in another product. 

02

02

Map data & privacy controls

AIUC-1's Data & Privacy pillar covers how your agent handles input, output, and cross-tenant data. This includes: 

  • Establishing input and output data use policies 

  • Limiting AI agent data access with contextual, least-privilege safeguards

  • Preventing cross-customer data exposure and PII leakage 

03

03

Test security & safety

Unlike paper-based frameworks, AIUC-1 requires evidence your agent has been adversarially tested. This includes: 

  • Commissioning third-party adversarial robustness and jailbreak testing 

  • Implementing real-time input filtering and access controls 

  • Testing for harmful outputs, hallucinations, and unsafe tool calls 

04

04

Document accountability & governance

Maintaining AIUC-1 requires clear ownership and auditable records. Automate where possible: 

  • Building AI failure response plans for breaches, harmful outputs, and hallucinations

  • Assigning accountability and establishing an AI acceptable use policy 

  • Logging AI system activity and conducting vendor due diligence 

05

05

Address societal risk

AIUC-1's Society pillar looks beyond the enterprise to broader misuse risk. This includes: 

  • Guarding against AI cyber misuse and catastrophic misuse scenarios 

  • Aligning with adjacent frameworks like ISO 42001, NIST AI RMF, and the EU AI Act 

06

06

Maintain certification quarter over quarter 

AIUC-1 updates faster than annual frameworks, so certification is never a one-and-done. This includes: 

  • Re-running technical evals quarterly — hallucinations, unsafe tool calls, adversarial attacks

  • Re-auditing technical, operational, and legal controls annually

  • Keeping your AIUC-1 report and trust badge current for enterprise buyers 

Get it faster with DSALTA.

Get AIUC-1 certified in no time with DSALTA. 

Fast, simple, auditable.