Capability · evidence library

Evidence library with integrity verification

Centralize compliance evidence with SHA-256 integrity hashing and 33 starter templates that work across frameworks.

Evidence library showing categorized evidence items with framework tags, integrity hashes, and review status

Auditors don't accept claims without artifacts, and they especially don't accept artifacts that might have been edited after the fact. Attestry's evidence library stores each piece of evidence with a SHA-256 content hash computed at upload, then re-verifies the hash on every integrity check so any silent tampering is detected. The library ships with 33 hand-authored templates spanning model cards, risk assessments, data governance, AI ethics policies, EU technical docs, ISO/IEC 42001 statements of applicability, Colorado impact assessments, and PQC inventories, each tagged with the frameworks it satisfies, so a single piece of evidence can be reused across EU AI Act, NIST AI RMF, ISO/IEC 42001, and Colorado obligations.

What's included

Built to be auditor-ready out of the box

33 starter templates

Hand-authored templates for model cards, risk assessments, governance charters, data documentation, ethics policies, EU technical docs, ISO/IEC 42001 SoA, Colorado impact assessments, PQC cryptographic inventories, and 24 more. Each ships with mock content, framework mappings, and a tier (essential / differentiator / future-proof).

SHA-256 integrity hashing

Every uploaded artifact gets a content hash computed from description, file URL, requirement key, and upload timestamp. Re-verification catches any drift between claimed and actual content.

Cross-framework reuse via tags

Each template declares the frameworks it satisfies: model cards span EU AI Act, NIST AI RMF, ISO/IEC 42001, and Colorado. One artifact uploaded once is automatically eligible to satisfy requirements across all four.

Review workflow with versioning

Evidence carries a review status (unreviewed / approved / rejected / needs revision), a reviewer + timestamp audit trail, and a version-history log of changes, so the lifecycle of every artifact is reconstructible.

Cryptographic primitives behind this capability

Each capability rests on signed, verifiable signature components.

Component

Evidence chain

Component

Framework crosswalk

Component

Signed attestations

Start attesting in 60 seconds.

Free plan includes fingerprinting, unverified attestations, and a public registry listing. Upgrade when you need signed proofs or SLA-backed verification.

Create a free account See pricing

Capability · evidence library

Evidence library with integrity verification

Centralize compliance evidence with SHA-256 integrity hashing and 33 starter templates that work across frameworks.

Start free See all features

What's included

Built to be auditor-ready out of the box

33 starter templates

SHA-256 integrity hashing

Every uploaded artifact gets a content hash computed from description, file URL, requirement key, and upload timestamp. Re-verification catches any drift between claimed and actual content.

Cross-framework reuse via tags

Review workflow with versioning

Cryptographic primitives behind this capability

Each capability rests on signed, verifiable signature components.

Component

Evidence chain

Component

Framework crosswalk

Component

Signed attestations

Start attesting in 60 seconds.

Free plan includes fingerprinting, unverified attestations, and a public registry listing. Upgrade when you need signed proofs or SLA-backed verification.

Create a free account See pricing