[Upcoming Linkedin Live] AI Regulation Keeps Evolving. Your Governance Framework Should Adapt. | April 30th

Learn More
866.254.0000
Contact Us
Services
Services
View All Services
SOC & Attestations
SOC & Attestations
SOC 1 / SSAE 18 Examination
SOC 2 Examination
SOC 3 Examination
SOC for Supply Chain
SOC for Cybersecurity
SOC Essentials for Early-Stage Companies
C5 Attestation
CSA STAR Programs
Payment Card Assessments
Payment Card Assessments
PCI DSS Validation
PCI SSF
PCI P2PE Validation
PCI PIN Assessments
PCI 3DS Compliance
ISO Certifications
ISO Certifications
ISO 27001
ISO 42001
ISO 27701
ISO 9001
ISO 22301
ISO 20000-1
ISO 14001
ISO 45001
ISO 50001
Privacy Assessments
Privacy Assessments
Global CBPR & PRP Certification
GDPR Assessment
International Privacy Assessments
US State Privacy Assessments
Microsoft SSPA/DPR Assessment
FERPA Assessment
EU Cloud Code of Conduct
Federal Assessments
Federal Assessments
FedRAMP®
CMMC / NIST SP 800-171
FISMA/NIST
ITAR
CJIS
IRAP
FTC Consent Decrees
DoD IL6
Healthcare Assessments
Healthcare Assessments
HITRUST Certification
HIPAA Compliance
HIPAA Express
EPCS-DEA Audits
Health Data Host (HDS) Certification
Penetration Testing
Penetration Testing
Application
Network
Mobile
Red Teaming
Social Engineering
Cloud
Physical
Hardware and IoT
Advanced Services
AI Red Teaming
Cybersecurity Assessments
Cybersecurity Assessments
Cloud Configuration Assessments
Ransomware Assessments
NIST Cybersecurity Framework Assessments
Schellman Software Security Assessment (S3A)
TISAX®
SWIFT Customer Security Programme
Internal Audit Co-Sourcing
MTCS Certification
ENS Certification
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
Learning Center
About Us
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships
Certificate Directory
Contact Us

«  View All Posts

What is AIUC-1? Understanding The Framework Designed to Secure Agentic AI Systems
Joe Sigman

By: Joe Sigman

Print/Save as PDF

What is AIUC-1? Understanding The Framework Designed to Secure Agentic AI Systems

Artificial Intelligence

Published: Apr 29, 2026

Enterprise AI systems are no longer simply running models that predict or classify; they’re now deploying agents that plan, reason, and act autonomously. These agentic systems have the ability to browse the web, write and execute code, make purchasing decisions, and interact with other systems across your organization, often with minimal human oversight involved.

This shift toward more autonomous AI systems complicates the risk profile and system vulnerabilities within an enterprise environment. When a static model makes a mistake, you can fix the problem in a retrain cycle. When an AI agent autonomously takes a wrong action, whether that be assessing data it shouldn’t, triggering a downstream process, or making a decision that cascades across integration systems, these problems lead to a different category of exposure altogether.

Established AI governance frameworks were designed before agentic AI became a mainstream enterprise concern. Whereas AIUC-1 was purpose-built to address risks associated with agentic AI systems, offering a structured, independent standard to assess and govern AI use cases.

In this article, we’ll detail what AIUC-1 certification is, what controls it assesses, who it was designed for, and how it compliments ISO 42001 to offer robust AI governance.

What Makes Agentic AI Different?

Before we dive into what AIUC-1 is, it’s important to understand what drove its creation. Traditional AI governance frameworks focus on model accuracy, bias, and transparency, which are important concerns, but don’t cover the full picture for agentic systems.

Agentic AI operates differently than traditional models. An AI agent is given a goal, not just a prompt. It creates subtasks, decides how to accomplish each one, uses tools to take action, evaluates the results, and adjusts its approach. This typically involves hundreds of decision cycles before a human sees the output, if they see it at all.

This autonomy introduces governance gaps that most organizations haven’t fully mapped yet, including:

  • Accountability is diffused. When an agentic system makes a decision, it’s ambiguous as to who owns it.
  • Actions have real-world consequences. Unlike a model that produces a recommendation, an agent that takes that action creates facts that are difficult to reverse.
  • Oversight is compressed or absent. If an agent completes a complex workflow autonomously, traditional human in-the-loop governance simply doesn’t apply in the same way.
  • Risk is dynamic. An agent’s behavior can change based on context, tool availability, and the responses it receives from other systems, making static risk assessments insufficient.

As organizations scale agentic AI across customer service, operations, software development, and financial workflows, the need for an Agentic AI standard purpose-built for the security, safety, and reliability of autonomous systems has become concrete and urgent.

What is AIUC-1?

AIUC-1 is a standard for AI agent security, safety and reliability, designed to assess agentic AI systems against a structured set of controls and technical safeguards. AIUC-1 evaluates specific agent deployments to determine whether they are operating responsibly with appropriate controls, accountability structures, and oversight mechanisms in place.

AIUC-1 covers the full AI lifecycle from how a use case is defined and documented, through how risks are identified and managed, to how the system is monitored once it’s in production. For agentic systems, this means assessing not just what the AI is designed to do, but how it behaves autonomously across a range of real-world conditions.

What Does AIUC-1 Assess?

AIUC-1 assesses agentic AI systems across several core enterprise risk domains. For organizations deploying agents, each domain takes on specific significance:

  • Data & Privacy: AIUC-1 assesses data & privacy concerns through customer data policies, access controls, and safeguards against data leakage, IP exposure, and unauthorized training.
  • Security: Involves adversarial testing, access controls, monitoring, and safeguards against prompt injection and jailbreak attempts.
  • Safety: Third-party testing, monitoring, and human-reviews of flagged, harmful AI outputs.
  • Reliability: Testing against hallucinations and unauthorized tool calls and implementing detection mechanisms to prevent unreliable AI outputs that cause customer harm.
  • Accountability: Oversight mechanisms with defined ownership to enforce formal approval processes, AI failure plans, and vendor due diligence.
  • Society: Guardrails against cyber exploitation, system misuse, and threats to national security to prevent AI from enabling societal harm.

Together, these domains create an agentic AI control framework that is operationally meaningful and represents a set of controls that can be assessed, evidenced, technically evaluated, and continuously improved.

What is the AIUC-1 Certification Assessment Process?

The AIUC-1 assessment process begins with scoping to define which agentic AI systems will be assessed. For organizations deploying multiple agents, this typically means starting with the highest-risk agent systems: those with the most autonomous decision-making, the most sensitive data access, or the highest potential consequence if the agent fails or behaves unexpectedly.

The AIUC-1 certification assessment then follows a streamlined audit process, which typically takes most organizations around 4-8 weeks to complete:

  1. Identify Gaps & Setup Technical Environment: The AIUC team works with you to perform an initial gap assessment. This involves gathering evidence including policies, technical documentation, technical safeguards, and testing procedures.
  2. Address Gaps: The AIUC team then works with you to remediate any gaps and develop the missing pieces, including operational practices, updating policies, and technical implementation.
  3. Run Technical Evaluation Testing: After gaps are addressed, AIUC runs the technical evaluation testing against real-world adversarial threat scenarios, evaluating system performance in production for risks including but not limited to: hallucinations, prompt injections, data leakage, unsafe tool calls, and harmful outputs.
  4. Conduct Full Audit: Lastly, the certification audit is performed, which involves the independent evaluation of relevant evidence to make a determination of conformance against the AIUC-1 standard.

Schellman operates as an independent assessor only, not as a consultant or advisor, which means findings are objective and defensible. There is no upselling or conflicts of interest clouding conclusions. That independence makes Schellman's assessments credible to the customers, regulators, and boards organizations ultimately need to convince of their responsible AI practices.

Who Needs AIUC-1 Certification?

AIUC-1 is most immediately relevant to organizations who are already deploying agentic AI at scale and those that are beginning to deploy it and want to proactively build in governance from the start, rather than retrofitting it later.

More specifically, AIUC-1 tends to be a strong fit for:

  • Enterprises in regulated industries: Those in healthcare, financial services, defense, and insurance, where AI decisions carry regulatory and liability weight and where the question of proving responsible use is increasingly asked by auditors, customers, and regulators.
  • Organizations being pressured by customers or procurement teams to demonstrate AI governance. Enterprise buyers are increasingly including AI governance requirements in vendor evaluations, and AIUC-1 provides a structured, independently assessed answer to those expectations.
  • Security and compliance teams tasked with governing AI deployments they didn’t design. AIUC-1 provides a framework language and a structured assessment process that gives compliance teams something concrete to work with, rather than trying to map AI risk to frameworks that weren’t built for it.
  • AI product and engineering teams that want a credible, external validation of their governance practices, both for internal stakeholder confidence and for external trust signaling.

If your organization is evaluating how to govern AI agents or what responsible agentic AI deployment looks like in practice, AIUC-1 is the framework built to answer those questions with evidence, not just policy assertions.

How Do AIUC-1 and ISO 42001 Complement Each Other?

Organizations evaluating AI governance and security options often encounter multiple frameworks and wonder how they fit together or where to start. The short answer is that AIUC-1 and ISO 42001 address different layers of the same problem and are designed to be complementary to each other.

ISO 42001 is an enterprise-scale, internationally recognized AI management system standard. It establishes the organizational policies, governance structures, and management processes that demonstrate responsible AI at the institutional level.

AIUC-1 operates at the use-case level, specifically for agentic AI systems. Where ISO 42001 addresses how you govern AI across your organization, AIUC-1 assesses whether a specific autonomous or agentic AI deployment is being operated responsibly. The two frameworks work together. ISO 42001 provides the organization-wide foundation, and AIUC-1 provides deep, use-case-specific rigor for your most autonomous agentic AI applications.

As for where to begin, organizations that have already implemented a mature AI governance program may be better positioned to pursue ISO 42001 certification first and then undergo additional effort to implement the technical safeguard controls mandated by AIUC-1.

For organizations that have implemented more mature technical safeguards, but don’t yet have a formalized AI governance program already in place, they may be better suited to pursue AIUC-1 certification prior to pursuing ISO 42001.

Regardless of the certification path, the significant overlap between ISO 42001 and AIUC-1 make them an effective combined and coordinated initiative for organizations looking to demonstrate both AI governance and technical agentic AI assurance through recognized compliance certifications.

Getting Ahead of Agentic AI Risk

Agentic AI adoption is accelerating. The organizations that build governance infrastructure now will have a structural advantage by being able to demonstrate responsible AI use evidence.

Organizations get the most value from an AIUC-1 assessment when they come in with clear use-case documentation, defined ownership for each AI deployment, and an existing process for monitoring AI behavior in production. Start with clarity about what you’re deploying and who owns it.

Schellman is the first authorized AIUC-1 assessor, meaning our team understands the framework from the inside and has the credentials to issue assessments that carry independent, recognized authority.

If you’re deploying agentic AI and want to understand what an AIUC-1 assessment involves or whether it’s the right fit for your current governance posture, our team is the right starting point. Contact us today to learn more about AIUC-1 and responsible use of agentic AI systems.

About Joe Sigman

Joe Sigman is a Manager with Schellman based in Denver, Colorado. Prior to joining Schellman in 2021, Joe worked as a Senior Associate at a management consulting firm specializing in IT strategy and compliance, solution architecture, and enterprise digital transformation. Joe has led and supported AI Assessments, Cybersecurity Assessments, Information Security Architecture Solutioning, Information Technology Gap Analysis, and Cloud Migration Roadmaps. Joe has over 6 years of experience comprised of serving clients in various industries, including Information Technology, Professional Services, Healthcare, and Energy. Joe is now focused primarily on ISO Certifications for organizations across various industries.

4010 W Boy Scout Boulevard
Suite 600
Tampa, FL 33607

U.S. 1.866.254.0000

Outside the U.S.
1.813.288.8833

Resources
Company
Stay Up-to-Date

Sign up to receive Schellman's Weekly Read delivered every Friday morning.

 

© SchellmanPrivacy PolicyTerms of Use

“Schellman” is the brand name under which Schellman & Company, LLC and Schellman Compliance, LLC provide professional services. Schellman & Company, LLC and Schellman Compliance, LLC practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. Schellman & Company, LLC is a licensed certified public accounting firm (Florida license number AD62941) registered with the Public Company Accounting Oversight Board (PCAOB) that provides attest services to its clients, and Schellman Compliance, LLC provides nonattest cybersecurity and compliance professional services to its clients. Schellman Compliance, LLC is not a licensed CPA firm. Schellman & Company, LLC and Schellman Compliance, LLC are independently owned and are not liable for the services provided by any other entity providing services under the Schellman brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by Schellman & Company, LLC and Schellman Compliance, LLC.