DDAI INSIGHT

Evidence every artificial-intelligence system should produce

An organisation cannot govern what it cannot reconstruct. The minimum useful record should connect the system, its intended purpose, the evidence reviewed, the people who approved it and the changes made after approval.

A practical evidence baseline includes:

Identity

  • system, deployment and release;
  • owner and operator;
  • supplier, model and service dependencies;
  • intended purpose and excluded uses.

Design and data

  • workflow and architecture;
  • data sources and access;
  • permissions and external actions;
  • human-oversight design.

Evaluation

  • acceptance criteria;
  • test cases and results;
  • known limitations;
  • unresolved risks and remediation.

Decisions

  • reviewers and approvers;
  • exceptions and risk acceptance;
  • publication or deployment decision;
  • evidence scope and exclusions.

Operation

  • monitoring and incident route;
  • material changes;
  • supplier and model updates;
  • reassessment and successor record.

Evidence does not require indiscriminate retention of prompts, outputs or personal data. A good evidence model records the information needed for accountability while minimising sensitive content, using structured metadata, controlled source references and digests where appropriate.

DDAI view: evidence should be created by the delivery workflow, not reconstructed when procurement or audit begins.