What BaseState Certifies

What We DO Certify

BaseState Compliance creates a legally defensible record that documents:

• Acknowledgment of Access: The employee was provided access to the company's AI policy document.
• Timestamp Evidence: The exact date and time when the policy was opened and when acknowledgment was recorded.
• Policy Version: The specific version of the policy (identified by Policy ID, Version string, and document hash).
• Training Completion: The employee completed the required AI governance training modules.
• Official CA Endorsement: For enterprise-grade artifacts, the certificate is linked to a specific policy version and cryptographically signed by our Certificate Authority (CA).
• Cryptographic Integrity: All records are hashed using SHA-256 to prove they have not been tampered with.

What We DO NOT Certify

BaseState explicitly does NOT certify or claim:

• Comprehension: We do not certify that the employee read, understood, or fully comprehended every word of the policy.
• Legal Compliance: We do not certify that the policy itself is legally compliant or sufficient for any jurisdiction.
• Future Behavior: We do not guarantee the employee will follow the policy in their future work.

Why This Matters

In the event of an AI-related incident or regulatory audit, you need evidence that:

1. You had a policy in place (documented by policy hash)
2. Employees were provided access to it (documented by opened event)
3. Employees acknowledged receipt (documented by acknowledgment event)
4. Employees completed governance training (documented by certificate)

This creates an auditor-friendly paper trail that demonstrates governance intent without overstating what can actually be proven.