AIUC-1 — The emerging "SOC 2 for AI agents."
Six domains — Data & Privacy, Security, Safety, Reliability, Accountability, Society — re-tested quarterly. AIUC-1 complements (but does not replace) SOC 2 and ISO 27001.
The obligations.
Six control domains
Data & Privacy, Security, Safety, Reliability, Accountability, Society.
Quarterly re-testing
Controls are re-assessed every quarter, not annually.
Agent-aware controls
Built for autonomous and tool-using AI, not just models.
Accredited assessment
Independent third-party assessors confirm conformance.
Classification, documentation, control mapping, and continuous evidence.
Hydrus is the governance and audit-evidence layer — not a runtime enforcement tool.
Domain-level mapping
Controls and evidence pre-mapped across all six domains.
Quarterly cadence built-in
Continuous evidence keeps you assessor-ready, not scrambling.
Agent & MCP coverage
Tool-call accountability, audit logs, and impact assessments for agents.
Complements SOC 2 / ISO 27001
AIUC-1 layered alongside your existing security certifications.
See how Hydrus turns compliance work into evidence.
Walk through AI governance, sustainability reporting, or the shared platform layer with a Hydrus specialist.
AI governance · Sustainability reporting · Audit evidence