AIFC-082: Certification Model

Status: Draft 0.1 Standard: AI-First Community Standard Abbreviation: AIFC Builds on:

• AIFC-000 Manifest of an AI-First Community
• AIFC-001 Core Concepts
• AIFC-002 Community Model
• AIFC-003 Values and Purpose
• AIFC-004 Feedback and Change Proposals
• AIFC-010 Knowledge Structure
• AIFC-011 Operational DNA
• AIFC-020 Human-Managed AI
• AIFC-022 AI-NDA Boundary
• AIFC-024 Human Capability Reserve
• AIFC-030 AI Capacity Planning
• AIFC-034 AI Lock-in and Exit Strategy
• AIFC-040 AI Retrospective
• AIFC-043 Skill Evolution
• AIFC-050 Community Interface
• AIFC-060 Knowledge Security
• AIFC-061 Access Control
• AIFC-062 Agent Permissions
• AIFC-063 Auditability
• AIFC-064 Data Classification
• AIFC-073 Digital Company and Ghost AI Company Risk
• AIFC-080 Compliance Levels
• AIFC-081 Minimal AIFC Compliance

Purpose of this document: To define the Certification Model as a way for a community, company, product, workflow, AI agent, or Company as Product to demonstrate conformance with the AIFC standard. The document describes self-assessment, internal review, external review, certification review, certification scope, evidence, exceptions, validity, recertification, public claims, and protection against certification theater.

1. Purpose of this document

This document defines the AIFC Certification Model.

AIFC compliance should be evidence-based.

It is not enough to say:

We are AI-first.
We use AI responsibly.
We are AIFC-compliant.

The community must show scope, claimed compliance level, existing artefacts, owner, reviewer, gaps, accepted exceptions, assessment date, next review, and whether the claim is self-assessed or independently reviewed.

The Certification Model defines how AIFC compliance can be verified transparently and credibly.

2. Core principle

The core principle of this document is:

Certification must verify governed capability, not polished claims.

AIFC states:

No certification without scope.
No claim without evidence.
No maturity without review.

Certification should not be a marketing label. It should be a trustworthy signal that the community has real artefacts, rules, responsibility, and capability.

3. Definition

AIFC Certification Model is a governed model for verifying conformance with the AIFC standard according to defined scope, compliance level, evidence, review process, exceptions, validity, and recertification.

The Certification Model may be used for a community, company, team, product, project, workflow, AI agent, AI governance model, source of truth, Company as Product package, generated company, vendor relationship, or public-facing Digital Company.

Minimum requirement

Every AIFC certification claim must state scope, level, assessment type, evidence basis, and validity.

4. Certification is not the standard

Certification is not the standard.

The standard defines requirements. Certification verifies whether the requirements are met within a defined scope.

AIFC must be usable without formal certification for self-improvement, internal governance, AI readiness, risk reduction, knowledge transformation, company design, and vendor evaluation.

Certification is an optional trust mechanism.

Minimum requirement

AIFC compliance practices must be usable without formal certification.

5. Certification scope

Scope is critical.

Certification of a whole company is different from certification of one workflow.

Possible scopes:

whole community
whole company
department
team
product
project
workflow
AI agent
AI governance model
source of truth
Human Cockpit Layer
Company as Product package
generated company
vendor AI engagement
public customer interface

Without scope, a certification claim is misleading.

Minimum requirement

Certification must define exact scope and exclusions.

6. Certification level

Certification must state the level.

Recommended AIFC levels:

Level 0 - Unmanaged AI Use
Level 1 - AI-Aware Community
Level 2 - AIFC Minimum
Level 3 - Governed AI-First Community
Level 4 - AI-Operable Human-Managed Community
Level 5 - Continuously Learning AI-First Community

Level 0 is not certifiable as AIFC-compliant. Level 1 may be marked as AI-aware, but not as AIFC-compliant. AIFC-compliant claims begin at Level 2.

Minimum requirement

A public AIFC-compliant claim must be Level 2 or higher.

7. Certification types

AIFC distinguishes several verification types:

self-assessment
internal review
external review
certification review
continuous assurance

Self-assessment

The community assesses itself.

Internal review

Review is performed by internal governance, audit, or security roles.

External review

Review is performed by an external partner, auditor, customer, or peer reviewer.

Certification review

Review is performed by a recognized certification mechanism.

Continuous assurance

Selected requirements are continuously verified through validation rules, audits, or monitoring.

Minimum requirement

Assessment type must be clearly stated.

8. Self-assessment

Self-assessment is the first and most accessible form.

It is suitable for starting communities, internal roadmaps, Level 1/2, low-risk AI use, and preparation for internal or external review.

Self-assessment must be honest. It must include scope, claimed level, evidence, gaps, accepted risks, improvement roadmap, owner, and next review.

Minimum requirement

Self-assessment must not be presented as independent certification.

9. Internal review

Internal review is performed by a role inside the organization, such as security, compliance, internal audit, AI governance owner, knowledge owner, risk owner, or leadership review board.

Internal review is stronger than self-assessment but is still not independent external certification.

Minimum requirement

Internal review must identify reviewer role, evidence reviewed, gaps, and approval basis.

10. External review

External review is performed by a party outside the assessed community, such as customer, partner, external auditor, expert, peer community, vendor assessor, or investor due diligence reviewer.

External review can increase trust, but its quality depends on reviewer competence.

Minimum requirement

External review must disclose reviewer type and independence level.

11. Certification review

Certification review is formal verification against the AIFC standard.

It should include review scope, review level, evidence sampling, artefact inspection, interview or owner confirmation, risk assessment, exception handling, report, validity period, and recertification triggers.

Certification review should not only read policy documents. It must verify real use.

Minimum requirement

Certification review must verify artefacts and operational evidence, not only declarations.

12. Continuous assurance

In advanced communities, part of compliance may run continuously.

Validation rules may check that every AI agent has an owner, every restricted artefact has classification, every critical workflow has fallback, every public claim has review, every Operational DNA artefact has access control, every critical AI output has review status, and every active decision record has an owner.

Continuous assurance does not replace human review, but it reduces compliance drift.

Minimum requirement

Continuous assurance checks must be traceable to AIFC requirements.

13. Evidence model

Certification must be evidence-based.

Evidence may include purpose statement, values and non-negotiables, source of truth structure, classification policy, access control rules, AI-NDA Boundary, AI use inventory, agent permissions, audit logs, decision records, fallback procedures, Human Capability Reserve evidence, AI retrospective notes, skills, workflow conversion records, feedback logs, incident records, ghost risk assessment, and public transparency statement.

Minimum requirement

Evidence must be specific, dated, owned, and linked to requirements.

14. Evidence quality

Not all evidence has the same quality.

Weak evidence includes general presentations, marketing text, unused policy, screenshots without context, outdated documents, AI-generated text without review, and claims without owner.

Stronger evidence includes active source of truth, decision records, audit logs, approved policies, recent review, workflow usage, access logs, agent permission records, incident postmortems, retrospective outputs, and validation reports.

Minimum requirement

Certification must prefer active and operational evidence over static declarations.

15. Evidence sampling

Large communities cannot review everything.

Sampling may be used, but it must be risk-oriented. Higher priority belongs to restricted data, Operational DNA, AI agents, public claims, customer-facing AI, high-autonomy workflows, vendor AI processing, critical decisions, incidents, and fallback procedures.

Minimum requirement

Evidence sampling must focus on high-risk and high-impact areas.

16. Exceptions

A community may have exceptions.

An exception means a requirement is not met in part of the scope.

Exceptions must be explicit, justified, risk-assessed, time-limited or accepted, owned, and visible in the claim if material.

Minimum requirement

Material exceptions must be documented and included in certification report or claim.

17. Accepted risks

Sometimes a community consciously accepts risk.

Accepted risk must contain description, acceptance rationale, owner, validity period, mitigations, review trigger, and impact on compliance level.

Accepted risk is not a way to bypass the standard without responsibility.

Minimum requirement

Accepted risks must have owner, expiry or review, and rationale.

18. Nonconformities

Nonconformity is a mismatch with a requirement.

It may be minor, major, or critical.

Minor

Low-impact nonconformity.

Major

Nonconformity that threatens credibility of compliance in a given area.

Critical

Nonconformity that invalidates the claimed level or creates significant risk.

Minimum requirement

Certification report must classify nonconformities by severity.

19. Corrective action plan

Nonconformities must lead to correction.

Corrective action plan states the problem, what will change, owner, deadline, required evidence, verification method, whether level must be reduced, and whether AI intensity must be limited.

Minimum requirement

Major and critical nonconformities require corrective action plan.

20. Certification validity

Certification must have validity.

Validity may depend on level, scope, risk, pace of change, AI intensity, agent autonomy, vendor dependency, and incident history.

Example:

Level 2: 12 months
Level 3: 12 months with mid-cycle review for high-risk scope
Level 4: 6-12 months depending on AI autonomy
Level 5: continuous assurance plus periodic review

Minimum requirement

Certification claim must include validity period or review date.

21. Recertification triggers

Recertification or review is needed after significant changes such as new AI vendor, new AI agent, increased autonomy, new restricted data, public launch, customer-facing AI, security incident, AI-NDA Boundary change, Operational DNA exposure, merger or acquisition, major source of truth migration, major product change, major regulatory change, or increased ghost risk.

Minimum requirement

Certification model must define recertification triggers.

22. Scope expansion

If scope expands, certification does not automatically expand.

For example, a certified product team is not the whole company, a certified internal AI workflow is not customer-facing AI, a certified source of truth is not vendor integration, and a certified Company as Product package is not every local instance.

Minimum requirement

Certification cannot be used outside its approved scope without review.

23. Public certification claim

Public claims must be precise.

Good claim:

The customer support knowledge workflow for Product X has been self-assessed as AIFC Level 2 for the scope described in Assessment A-123, valid until 2027-01-31.

Bad claim:

We are fully AIFC certified.

Minimum requirement

Public certification claim must state level, scope, assessment type, validity, and material exceptions.

24. Certification mark

If AIFC uses a certification mark, it must have rules.

The mark must not be used without scope, after expiry, for other products, for other entities, after critical nonconformity, for self-assessment as certification, or in a way that misleads customers.

Minimum requirement

Certification mark usage must be governed and revocable.

25. Certification registry

AIFC may have a certification registry.

The registry may contain entity name, scope, level, assessment type, reviewer, validity, status, material exceptions, public report link, and certification mark status.

The registry increases trust but must protect sensitive information.

Minimum requirement

A public registry, if used, must disclose enough for trust without exposing Operational DNA.

26. Confidential certification evidence

Not all evidence can be public.

Evidence may contain Operational DNA, security rules, audit logs, agent permissions, customer data, internal incidents, vendor contracts, and AI-NDA Boundaries.

The Certification Model must support confidential evidence review, redacted public report, evidence vault, reviewer confidentiality, and data minimization.

Minimum requirement

Certification must protect sensitive evidence and Operational DNA.

27. Reviewer competence

The reviewer must understand AIFC principles.

Relevant competence areas include AI governance, knowledge management, security, access control, auditability, data classification, human-managed AI, human capability, organizational design, risk management, AI agents, source of truth, and compliance evidence.

Minimum requirement

Certification reviewers must meet competence requirements appropriate to scope and risk.

28. Reviewer independence

For higher-trust claims, independence matters.

Independence levels:

self
internal independent
external partner
external independent
accredited certification body

Not every scope requires full independence, but public high-risk claims should have stronger review.

Minimum requirement

Certification report must state reviewer independence level.

29. Conflict of interest

Reviewer conflict may occur when the reviewer certifies their own product, is paid for successful outcome, is the vendor of the assessed AI tool, reviews an implementation they delivered, or has a commercial interest in the claim.

A conflict does not always invalidate review, but it must be disclosed or managed.

Minimum requirement

Material reviewer conflicts of interest must be disclosed and managed.

30. Certification and vendors

The AIFC Certification Model may be used for vendors.

A vendor may certify an AI tool, AI workflow, agent platform, source of truth platform, Company as Product package, migration service, or consulting method.

Vendor certification does not mean that the customer is automatically AIFC-compliant.

Minimum requirement

Vendor certification must clearly distinguish vendor capability from customer or community compliance.

31. Certification and Company as Product

Company as Product may be certified as a package.

Scope must state what the package contains, what is the core model, what is local adaptation, which parts are certified, which parts the customer must implement, how local ownership works, how Operational DNA is handled, how AI agents are handled, how fallback works, and how updates work.

Minimum requirement

Company as Product certification must not imply that every deployment instance is automatically compliant.

32. Certification and Company Generation

Company Generation may be reviewed.

Possible scopes include generation method, generated company package, launch readiness, ghost AI company risk assessment, security model, human ownership model, AI agent model, and public launch readiness.

A generated company must not be considered AIFC-compliant only because it was created by an AIFC-compatible method.

Minimum requirement

A generated company requires its own launch readiness and ownership review.

33. Certification and AI agents

An AI agent may have separate review.

Agent certification scope may include identity, owner, purpose, permissions, forbidden actions, tool access, data classification, AI-NDA Boundary, auditability, cost guardrails, fallback, revocation, and incident handling.

Minimum requirement

High-impact AI agents must be reviewed before certification of a higher-level scope that depends on them.

34. Certification and Human Capability Reserve

Certification must not ignore human capability.

The reviewer must verify that human skills exist, people can review AI, fallback exists, critical know-how is not only in AI memory, critical workflows are not fully dependent on token budget, and recovery path exists.

Minimum requirement

Level 3+ certification must verify Human Capability Reserve for critical workflows.

35. Certification and AI lock-in

Certification must assess lock-in.

Questions include: where is the source of truth, can skills, agent configurations, and audit logs be exported, where is agent memory, does replacement plan exist, does AI-off mode exist, and is vendor dependency transparent.

Minimum requirement

Level 3+ certification must verify lock-in assessment and exit strategy for critical dependencies.

36. Certification and ghost AI company risk

External-facing Digital Company must be assessed for ghost risk.

The reviewer must verify operator identity, owner, source of truth, public claims, AI transparency, support accountability, customer escalation, data handling, synthetic content, fallback, and operational reality.

Minimum requirement

External-facing certification must include ghost AI company risk review.

37. Certification report

Certification report should contain:

aifc_certification_report:
  id:
  entity:
  scope:
  exclusions:
  claimed_level:
  approved_level:
  assessment_type:
  reviewer:
  reviewer_independence_level:
  assessment_date:
  valid_until:
  evidence_summary:
  dimensions_reviewed:
  nonconformities:
  accepted_risks:
  material_exceptions:
  corrective_action_plan:
  public_claim_allowed:
  certification_mark_allowed:
  next_review:

Minimum requirement

Certification report must be sufficient to support or reject the public claim.

38. Public report

Public report may be a shortened version.

It may include entity, scope, level, assessment type, reviewer type, validity, summary, major exclusions, material exceptions, and statement on evidence protection.

It does not need to include sensitive details.

Minimum requirement

Public report must be truthful, scoped, and must not expose sensitive evidence.

39. Certification lifecycle

AIFC recommends this lifecycle:

request
-> scope_defined
-> evidence_collected
-> review_performed
-> findings_reported
-> corrective_actions
-> level_decision
-> claim_published
-> monitoring
-> recertification
-> expired / revoked / renewed

Minimum requirement

Certification must have lifecycle status.

40. Revocation

Certification must be revocable.

Reasons may include critical nonconformity, false public claim, major incident, refusal to correct, scope misuse, expired evidence, ghost AI company risk, unmanaged Operational DNA exposure, AI autonomy increase without review, or certification mark misuse.

Minimum requirement

Certification model must include revocation rules.

41. Certification drift

Certification drift occurs when certified state no longer matches reality.

Reasons include new AI workflow, new vendor, team change, source of truth change, scope expansion, lost owner, lost Human Capability Reserve, new public claims, security incident, and outdated skills.

Minimum requirement

Certification must monitor drift through review cycles and change triggers.

42. Certification and continuous improvement

Certification should not be the end. It should lead to improvement.

Certification review should produce gaps, risks, improvement roadmap, skill updates, workflow conversion candidates, security improvements, governance improvements, and compliance level target.

Minimum requirement

Certification should produce improvement roadmap, not only pass/fail result.

43. AI role in certification

AI may support certification.

It may collect evidence, map requirements, detect gaps, prepare report, check metadata, propose validation rules, summarize audit logs, find drift, and prepare improvement roadmap.

AI must not grant certification by itself without a responsible human or certification role.

Minimum requirement

AI-generated certification analysis must be reviewed by a responsible reviewer.

44. Anti-patterns

AIFC rejects the following anti-patterns.

44.1 Certification theater

The organization creates beautiful documents and claims, but real operation does not change.

44.2 Unscoped certification

The claim does not say what exactly is certified.

44.3 Self-assessment as certification

Self-assessment is presented as independent certification.

44.4 Tool certification as company certification

A certified tool is presented as a certified company.

44.5 Package certification as deployment certification

A certified Company as Product package is presented as automatically compliant local instance.

44.6 Evidence dump

The community submits many documents without mapping them to requirements.

44.7 Policy without practice

Policies exist but are not used.

44.8 Compliance without Human Capability Reserve

AI governance looks good on paper, but people cannot operate critical workflows without AI.

44.9 Certification hides exceptions

Material exceptions are not visible in the claim.

44.10 No recertification

Certification remains publicly valid even though the system changed.

44.11 AI certifies itself

AI evaluates and approves compliance without a human reviewer.

44.12 Certification mark misuse

The mark is used outside scope, after expiry, or for other products.

45. Minimal requirements

AIFC Certification Model must at minimum:

1. Require every claim to state scope, level, assessment type, evidence basis, and validity.
2. Keep AIFC practices usable without formal certification.
3. Define exact scope and exclusions.
4. Require public AIFC-compliant claims to be Level 2 or higher.
5. State assessment type clearly.
6. Prevent self-assessment from being presented as independent certification.
7. Require internal review to state reviewer role, evidence reviewed, gaps, and approval basis.
8. Require external review to state reviewer type and independence level.
9. Verify artefacts and operational evidence, not only declarations.
10. Trace continuous assurance checks to AIFC requirements.
11. Require evidence to be specific, dated, owned, and linked to requirements.
12. Prefer active and operational evidence over static declarations.
13. Focus evidence sampling on high-risk and high-impact areas.
14. Document material exceptions and include them in report or claim.
15. Give accepted risks owner, expiry or review, and rationale.
16. Classify nonconformities by severity.
17. Require corrective action plan for major and critical nonconformities.
18. Include validity period or review date in certification claim.
19. Define recertification triggers.
20. Prevent use outside approved scope without review.
21. Require public claims to state level, scope, assessment type, validity, and material exceptions.
22. Govern and allow revocation of certification mark usage.
23. Ensure any public registry does not expose Operational DNA.
24. Protect sensitive evidence and Operational DNA.
25. Require reviewer competence appropriate to scope and risk.
26. State reviewer independence level.
27. Disclose and manage reviewer conflicts of interest.
28. Distinguish vendor capability from customer or community compliance.
29. Ensure Company as Product certification does not imply automatic compliance of every instance.
30. Require generated company launch readiness and ownership review.
31. Review high-impact AI agents before certification of dependent higher-level scope.
32. Verify Human Capability Reserve for Level 3+ certification.
33. Verify lock-in assessment and exit strategy for Level 3+ certification.
34. Include ghost AI company risk review for external-facing certification.
35. Make certification report sufficient to support or reject a public claim.
36. Keep public report truthful, scoped, and protective of sensitive evidence.
37. Require certification lifecycle status.
38. Include revocation rules.
39. Monitor drift through review cycles and change triggers.
40. Produce improvement roadmap, not only pass/fail result.
41. Review AI-generated certification analysis by a responsible reviewer.

46. Summary

The AIFC Certification Model gives credibility to compliance claims.

Without a certification model, anyone can claim to be AI-first, responsible, human-managed, compliant, or safe.

AIFC states:

Show the scope.
Show the level.
Show the evidence.
Show the reviewer.
Show the gaps.
Show the responsibility.

Certification should protect trust. It must not create an illusion of maturity.

Good certification shows not only what the community satisfies, but also what it does not yet know, what it must improve, and who is accountable.

Certification Model turns AIFC compliance claims into scoped, evidence-based and reviewable trust.