Standards Body · Foundational source, public edition · Released July 17, 2026

Canonical record: https://standardsbody.ai/library/foundational-source/taxonomy/

Standards Body is an independent research and institutional-design project. It is not currently a regulator, accreditation body, certification body, or governmental authority. This document is research; it is not an adopted standard.

TAXONOMY.md

Standards Body Taxonomy

Project: Standards Body
Primary domain: standardsbody.ai
Core line: Foundations for Frontier AI
Document type: Canonical classification system, entity model, and controlled taxonomic architecture
Version: 1.0
Status: Approved foundational source
Document owner: Standards Body
Applies to: All canonical files, research programs, evaluation protocols, registries, standards proposals, assurance schemes, incident records, contributor systems, public reports, website content, data schemas, interoperability profiles, and future machine-readable infrastructure
Related canonical sources: PROJECT_IDENTITY.md, TERMINOLOGY.md, FOUNDATIONS_APPENDIX.md, EVIDENCE_STANDARDS.md, RESEARCH_METHODOLOGY.md, EVALUATION_PHILOSOPHY.md, WEBSITE_SOURCE_OF_TRUTH.md, VERSION_HISTORY.md
Review cycle: Annual review, with event-triggered revision after material changes in terminology, evaluation science, assurance practice, standards, law, interoperability, or project identity


Authority Note

This document defines the internal canonical taxonomy of Standards Body.

It does not:

Where law, regulation, contract, or an external recognized standard defines a term or classification differently, the external meaning should be preserved and mapped explicitly rather than silently replaced.


Document Purpose

This document establishes the canonical classification architecture of Standards Body.

It is the authoritative source for:

A terminology file defines what words mean.

A taxonomy defines how concepts are organized.

An ontology defines entities and the formal relationships among them.

This document performs all three functions at a bounded level:

  1. It establishes taxonomic classes.
  2. It establishes facets and identifiers.
  3. It defines a practical entity-and-relationship model.
  4. It provides a path toward future machine-readable ontologies without claiming that the present document is a complete formal ontology.

The taxonomy exists because frontier AI work frequently combines incompatible levels of analysis.

Examples include:

The taxonomy prevents these errors by requiring every material object to be classified according to:

The governing taxonomic rule is:

Classify the object at the correct level, preserve its context, and do not infer a stronger relationship than the evidence supports.


Executive Summary

The Standards Body taxonomy is a multi-axis classification system for frontier AI evaluation and institutional infrastructure.

It is not a single tree.

Frontier AI systems are too complex to be represented accurately by one hierarchy.

A single object may be classified simultaneously by:

For example, one evaluation record may concern:

A useful taxonomy must preserve all of those dimensions.

The Standards Body taxonomy therefore uses five structural mechanisms.

1. Classes

Classes answer:

What kind of thing is this?

Examples:

2. Subclasses

Subclasses answer:

Which more specific kind is this?

Examples:

3. Facets

Facets answer:

Which independent characteristics apply?

Examples:

4. Relationships

Relationships answer:

How is this object connected to another object?

Examples:

5. Status and Version

Status and version answer:

Which identified state is being described, and is it still valid?

Examples:

The taxonomy is organized into twenty primary domains.

  1. Project and institutional identity
  2. Actors and roles
  3. AI artifacts and models
  4. AI systems and system components
  5. Lifecycle stages
  6. Access and release conditions
  7. Deployment contexts
  8. Capabilities
  9. Risks and harms
  10. Safeguards and controls
  11. Evaluation and testing
  12. Evidence and claims
  13. Review, audit, and assurance
  14. Standards, requirements, and conformity
  15. Governance and decision processes
  16. Incidents, failures, and corrections
  17. Incentives and recognition
  18. Interoperability and international coordination
  19. Research methods and outputs
  20. Versioning, status, security, and records

The taxonomy also defines a common entity model.

Core entities include:

Core relationships include:

The taxonomy is designed for human and machine use.

Human-readable use includes:

Machine-readable use includes:

The taxonomy does not require premature formalization.

Every class has a status.

A class may be:

Every consequential classification should also include confidence.

Classification confidence may be:

The taxonomy is intended to evolve.

New classes should be added only when:

The final rule is:

Use hierarchy for identity, facets for context, relationships for meaning, and versioning for time.


1. Taxonomic Design Principles

1.1 Object Before Label

Identify the actual object before selecting its class.

A product name may refer to:

The taxonomy should classify the actual object, not only the marketed name.

1.2 Correct Level of Analysis

Do not classify:

1.3 Polyhierarchy

An object may belong to more than one class where the classes describe genuinely different aspects.

Example:

A model may be both:

1.4 Faceted Classification

Independent dimensions should be represented as facets rather than forced into one hierarchy.

1.5 Explicit Relationships

Relationships should be named.

Avoid vague statements such as:

when a stronger relation is known.

1.6 No Unsupported Inference

If the evidence supports only correlation, do not classify the relation as causal.

If a safeguard reduces one risk, do not classify it as preventing all harms.

1.7 Scope Preservation

Every classification should preserve:

1.8 Stable Core, Extensible Edges

The top-level taxonomy should remain stable.

New subclasses and local extensions may evolve.

1.9 Interoperability

Classes should support mapping to external vocabularies without erasing legitimate differences.

1.10 Public Legibility

Class names should be understandable to informed non-specialists.

1.11 Machine Readability

Identifiers and relationships should support future structured data.

1.12 No Prestige Classification

Labels such as frontier, independent, accredited, official, and international should not be assigned for reputational benefit.

1.13 Revision and Retirement

Obsolete classes should be deprecated or retired visibly.

1.14 Bounded Completeness

The taxonomy should cover the project domain sufficiently.

It should not attempt to classify every concept in computer science, law, ethics, or public policy.


2. Taxonomic Structure

2.1 Primary Class

A broad category of entity.

Example:

EVAL.EVALUATION_OBJECT

2.2 Subclass

A narrower class inheriting the relevant meaning of its parent.

Example:

EVAL.HELD_OUT_EVALUATION

2.3 Facet

A cross-cutting attribute that may apply to many classes.

Example:

ACCESS.PUBLIC

2.4 Property

A value associated with an entity.

Example:

2.5 Relationship

A typed connection between two entities.

Example:

SYSTEM evaluated_by PROTOCOL

2.6 Record

A structured representation of an entity and its metadata.

2.7 Profile

A defined bundle of required classes, facets, properties, and relationships for a use case.

Example:

2.8 Scheme

A governed set of classes and rules used for assessment, certification, recognition, or reporting.

2.9 Local Extension

A jurisdictional, domain-specific, linguistic, or institutional addition that preserves mapping to the common core.

2.10 Crosswalk

A structured mapping between this taxonomy and another taxonomy, standard, law, or data model.


3. Identifier Architecture

3.1 Taxonomy Class Identifier

Preferred pattern:

DOMAIN.CLASS_NAME

Examples:

3.2 Entity Record Identifier

Preferred pattern:

SB-[ENTITY]-[YEAR]-[SEQUENCE]

Examples:

3.3 Version Identifier

Preferred semantic structure:

MAJOR.MINOR.PATCH

Example:

2.1.0

3.4 Relationship Identifier

Preferred lowercase verb phrase:

3.5 Human-Readable Label

Every identifier should have a plain-language label.

3.6 Persistent Identifier

Once published, an identifier should not be reassigned to a different concept.

3.7 Deprecated Identifier

Deprecated identifiers should remain resolvable and point to the replacement.


4. Taxonomic Status

4.1 Preferred

Default Standards Body class.

4.2 Accepted

Permitted but not preferred.

4.3 Context-Specific

Valid only under a defined legal, technical, sectoral, or institutional context.

4.4 Provisional

Under active research and subject to material revision.

4.5 Deprecated

Still visible for transition but replaced.

4.6 Retired

No longer used for current classification.

4.7 External

Imported from another authoritative taxonomy and preserved with source context.


5. Classification Confidence

5.1 Confirmed

The class assignment is directly supported and unambiguous.

5.2 High

Strong evidence supports the assignment with minor uncertainty.

5.3 Moderate

The assignment is reasonable, but alternatives remain.

5.4 Low

Evidence is limited or ambiguous.

5.5 Disputed

Qualified parties materially disagree.

5.6 Unknown

No reliable classification can be made.

5.7 Confidence Rule

Do not convert low-confidence classifications into precise requirements without review.


6. Primary Domain Map

Domain code Domain
ID Project and institutional identity
ACTOR Actors and roles
AI AI artifacts and models
SYS AI systems and components
LIFE Lifecycle
ACCESS Access and release
DEPLOY Deployment context
CAP Capability
RISK Risk and harm
SAFEGUARD Safeguard and control
EVAL Evaluation and testing
EVIDENCE Evidence and claims
REVIEW Review
ASSURANCE Audit, certification, accreditation, and assurance
STANDARD Standards and requirements
GOV Governance and decisions
INCIDENT Incidents, failures, and corrections
INCENTIVE Incentives and recognition
INTEROP Interoperability and international coordination
RESEARCH Research methods and outputs
STATUS Versioning, status, and records
SECURITY Information classification and research security
JURIS Jurisdiction and legal scope

7. Project and Institutional Identity Taxonomy

7.1 ID.PROJECT

A bounded organized effort with a defined purpose, owner, scope, and outputs.

Subclasses

7.2 ID.ORGANIZATION

A legally, administratively, or functionally organized body.

Subclasses

7.3 ID.INSTITUTION

An enduring system of authority, rules, roles, incentives, and practices.

An institution may be embodied in one organization or distributed across several organizations.

7.4 ID.STANDARDS_BODY

An organization or institution that develops and maintains standards through a defined process.

Classification warning: The proper name Standards Body refers to this project. It does not automatically classify the project as a formally recognized standards body.

7.5 ID.REGULATOR

A legally authorized public institution that makes, administers, or enforces regulatory requirements.

7.6 ID.ACCREDITATION_BODY

A body that performs accreditation.

7.7 ID.CERTIFICATION_BODY

A third-party body that performs certification under a defined scheme.

7.8 ID.EVALUATION_ORGANIZATION

An organization that designs, administers, scores, or interprets evaluations.

7.9 ID.RESEARCH_INSTITUTION

An institution whose primary function includes systematic knowledge creation.

7.10 ID.SCHEME_OWNER

An organization responsible for the rules and governance of an assurance, certification, recognition, or reporting scheme.

7.11 Institutional Facets

Classify institutions by:

Authority

Geographic Scope

Ownership

Functional Stage


8. Actor and Role Taxonomy

8.1 ACTOR.PERSON

An individual human participant.

8.2 ACTOR.ORGANIZATION

An organization acting in a defined role.

8.3 ACTOR.DEVELOPER

An actor that designs, trains, fine-tunes, or materially modifies an AI model or system.

Subclasses

8.4 ACTOR.PROVIDER

An actor that makes an AI model or system available to others.

Subclasses

8.5 ACTOR.DEPLOYER

An actor that places an AI system into operational use.

8.6 ACTOR.OPERATOR

An actor responsible for day-to-day control or use of a deployed system.

8.7 ACTOR.USER

A person or organization interacting with the system.

Subclasses

8.8 ACTOR.AFFECTED_PARTY

A person, group, institution, community, or system materially affected by an AI deployment or institutional decision.

8.9 ACTOR.EVALUATOR

An actor that performs evaluation activities.

Subclasses

8.10 ACTOR.REVIEWER

An actor that reviews methods, evidence, findings, or institutional processes.

Subclasses

8.11 ACTOR.AUDITOR

An actor qualified and assigned to conduct an audit against defined criteria.

8.12 ACTOR.INSPECTOR

An actor conducting inspection.

8.13 ACTOR.CERTIFIER

An actor or body responsible for a certification decision.

8.14 ACTOR.ACCREDITOR

An actor or body responsible for an accreditation decision.

8.15 ACTOR.STANDARD_SETTER

An actor participating in standards development.

Subclasses

8.16 ACTOR.DECISION_OWNER

An actor with authority to make the decision the evidence informs.

8.17 ACTOR.SPONSOR

An actor that funds, commissions, or formally requests work.

8.18 ACTOR.CUSTODIAN

An actor responsible for protected evidence, tasks, records, or registries.

8.19 ACTOR.REGISTRY_OPERATOR

An actor maintaining a registry.

8.20 ACTOR.WHISTLEBLOWER

A person disclosing suspected wrongdoing, risk, failure, or concealment through a protected or public channel.

8.21 ACTOR.THREAT_ACTOR

A person, group, organization, or state capable of intentionally causing harm.

Threat-Actor Facets

8.22 Role Relationship Rules

One organization may hold several roles.

Example:

A developer may also be:

The record should preserve each role separately because conflicts and responsibilities differ by role.


9. AI Artifact and Model Taxonomy

9.1 AI.ARTIFACT

A technical object created, trained, configured, or used in an AI system.

9.2 AI.MODEL

A computational model producing outputs from inputs through learned parameters, structured logic, or both.

Model Scope Subclasses

Model Modality Subclasses

Model Function Subclasses

9.3 AI.MODEL_FAMILY

A set of related models sharing lineage, architecture, training approach, or product identity.

9.4 AI.MODEL_VERSION

A distinct identified release, checkpoint, or deployed state.

9.5 AI.CHECKPOINT

A saved model-parameter state.

9.6 AI.WEIGHTS

The learned parameters of a model.

9.7 AI.ADAPTER

A separately identifiable learned component modifying model behavior.

Examples:

9.8 AI.TOKENIZER

A component mapping inputs into model-readable units.

9.9 AI.TRAINING_DATASET

A dataset used in pretraining, fine-tuning, alignment, or adaptation.

Data Facets

9.10 AI.TRAINING_RUN

A bounded training process producing or modifying a model.

9.11 AI.POST_TRAINING_PROCESS

A process after base training.

Subclasses

9.12 AI.MODEL_CARD

A documentation artifact describing a model.

9.13 AI.SYSTEM_CARD

A documentation artifact describing a system, evaluation, risk, or deployment.

9.14 Model Access Facets

9.15 Model Scale Facets

Use only where relevant and defined:

The taxonomy should not infer capability directly from scale.

9.16 Frontier Classification

A model may be classified as frontier only with:

Frontier status is time-dependent.


10. AI System and Component Taxonomy

10.1 SYS.AI_SYSTEM

The complete operational arrangement through which one or more AI models are configured, accessed, integrated, monitored, and used.

10.2 SYS.MODEL_COMPONENT

A model acting as one component in a larger system.

10.3 SYS.SYSTEM_PROMPT

A high-priority instruction or contextual component.

10.4 SYS.SCAFFOLD

Software, prompts, memory, planning, tools, or control structure added around a model.

Subclasses

10.5 SYS.AGENT

A system or configuration selecting and executing actions over multiple steps toward an objective.

10.6 SYS.AGENTIC_SYSTEM

A system exhibiting planning, action, observation, adaptation, or persistence across multiple steps.

Agentic Facets

10.7 SYS.MULTI_AGENT_SYSTEM

A system containing multiple interacting agents.

10.8 SYS.RETRIEVAL_COMPONENT

A component retrieving external information.

10.9 SYS.MEMORY_COMPONENT

A component preserving information across turns, sessions, tasks, or users.

Memory Facets

10.10 SYS.TOOL

An external software, API, instrument, service, or environment accessible to the system.

Tool Subclasses

10.11 SYS.ORCHESTRATOR

A component coordinating models, tools, agents, or workflows.

10.12 SYS.INTERFACE

The channel through which users or systems interact.

Interface Subclasses

10.13 SYS.MONITORING_COMPONENT

A component observing system behavior, access, or outputs.

10.14 SYS.SAFETY_COMPONENT

A system component implementing a safeguard.

10.15 SYS.HUMAN_COMPONENT

A human role embedded in system operation.

Examples:

10.16 SYS.DEPLOYMENT_CONFIGURATION

A versioned operational configuration.

10.17 SYS.SYSTEM_MANIFEST

A structured record of system components and versions.

10.18 System Relationship Rules

10.19 System Identity Minimum

A consequential system record should include:


11. Lifecycle Taxonomy

11.1 LIFE.CONCEPT

Idea or early concept stage.

11.2 LIFE.RESEARCH

Research and feasibility stage.

11.3 LIFE.DEVELOPMENT

Model or system development.

11.4 LIFE.TRAINING

Base or subsequent training.

11.5 LIFE.POST_TRAINING

Post-training modification.

11.6 LIFE.INTERNAL_TESTING

Internal testing before external use.

11.7 LIFE.EXTERNAL_EVALUATION

Evaluation by an outside or independent actor.

11.8 LIFE.PRE_DEPLOYMENT

Final assessment and governance before operational release.

11.9 LIFE.PILOT_DEPLOYMENT

Bounded operational use.

11.10 LIFE.GENERAL_DEPLOYMENT

Broad operational use.

11.11 LIFE.MONITORING

Ongoing operational observation.

11.12 LIFE.UPDATE

Material model or system change.

11.13 LIFE.SUSPENSION

Temporary halt to use or access.

11.14 LIFE.ROLLBACK

Reversion to a prior version.

11.15 LIFE.WITHDRAWAL

Formal removal from use or availability.

11.16 LIFE.RETIREMENT

Planned end of active life.

11.17 LIFE.ARCHIVE

Historical preservation.

11.18 Lifecycle Relationship Rule

Every evaluation result should identify the lifecycle stage at which it was produced.

A pre-deployment result should not be treated as post-deployment evidence without justification.


12. Access and Release Taxonomy

12.1 ACCESS.PUBLIC

Available to the general public.

12.2 ACCESS.OPEN

Available under defined open-use, open-source, or open-weight conditions.

12.3 ACCESS.REGISTERED

Available after registration.

12.4 ACCESS.VERIFIED

Available to identity-verified users.

12.5 ACCESS.TIERED

Different capabilities are available at different access levels.

12.6 ACCESS.CONTROLLED

Available under contractual, institutional, security, or research controls.

12.7 ACCESS.RESTRICTED

Available only to a narrow authorized group.

12.8 ACCESS.INTERNAL

Available only within the responsible organization.

12.9 ACCESS.EMBARGOED

Temporarily unavailable pending a release date or condition.

12.10 ACCESS.REVOKED

Previously available access has been withdrawn.

12.11 Release Object Facets

Classify what is released:

12.12 Permission Facets

12.13 Access Risk Facets


13. Deployment Context Taxonomy

13.1 DEPLOY.INTERNAL

Use within the developing or deploying organization.

13.2 DEPLOY.CONSUMER

Use by general consumers.

13.3 DEPLOY.ENTERPRISE

Use in organizational operations.

13.4 DEPLOY.PROFESSIONAL

Use by qualified professionals.

13.5 DEPLOY.PUBLIC_SECTOR

Use by government or public bodies.

13.6 DEPLOY.CRITICAL_INFRASTRUCTURE

Use in systems whose disruption may create severe societal consequence.

13.7 DEPLOY.RESEARCH

Use for scientific or technical research.

13.8 DEPLOY.EDUCATION

Use in educational contexts.

13.9 DEPLOY.HEALTH

Use in health or medical contexts.

13.10 DEPLOY.FINANCE

Use in financial systems or decisions.

13.11 DEPLOY.CYBERSECURITY

Use in defensive or offensive cybersecurity contexts.

13.12 DEPLOY.LEGAL

Use in legal services, adjudication support, or legal administration.

13.13 DEPLOY.LABORATORY

Use with scientific instruments, biological systems, chemical systems, or physical experiments.

13.14 DEPLOY.ROBOTICS

Use in embodied systems.

13.15 DEPLOY.COMMUNICATION

Use for media, persuasion, or public communication.

13.16 Deployment Scale Facets

13.17 Decision Authority Facets

13.18 Temporal Facets

13.19 Human Oversight Facets


14. Capability Taxonomy

14.1 CAP.CAPABILITY

The ability of a model or system to perform a defined task or class of tasks under specified conditions.

14.2 Capability Object Facets

14.3 General Capability Domains

CAP.REASONING

CAP.KNOWLEDGE

CAP.LANGUAGE

CAP.CODE

CAP.PLANNING

CAP.TOOL_USE

CAP.LEARNING

CAP.AUTONOMY

CAP.SOCIAL

CAP.CREATIVE

14.4 High-Stakes Capability Domains

CAP.CYBER

Subclasses:

CAP.BIOLOGICAL

Subclasses:

CAP.CHEMICAL

Subclasses:

CAP.AUTONOMOUS_REPLICATION

Subclasses:

CAP.AI_RESEARCH_AND_DEVELOPMENT

Subclasses:

CAP.PERSUASION_AND_MANIPULATION

Subclasses:

CAP.CRITICAL_INFRASTRUCTURE

Subclasses:

CAP.FINANCIAL_AND_ECONOMIC

Subclasses:

CAP.SCIENTIFIC_AND_ENGINEERING

Subclasses:

14.5 Capability Dimensions

Every capability classification may include:

14.6 Capability Level

A capability level should be protocol-defined.

Generic levels may include:

These labels should not be used without task, reference, and evidence context.

14.7 Capability Relationship Rules


15. Risk and Harm Taxonomy

15.1 RISK.HAZARD

A source or condition with potential to cause harm.

15.2 RISK.THREAT

A potential cause of an unwanted incident.

15.3 RISK.VULNERABILITY

A weakness that may be exploited or activated.

15.4 RISK.EXPOSURE

The degree to which an actor, system, asset, or population is subject to a hazard.

15.5 RISK.EVENT

An occurrence connecting hazard, vulnerability, and consequence.

15.6 RISK.CONSEQUENCE

The outcome or effect of an event.

15.7 RISK.RISK

The combination of likelihood and consequence under a defined context.

15.8 Risk Origin

15.9 Risk Domain

RISK.PHYSICAL_HARM

RISK.PSYCHOLOGICAL_HARM

RISK.ECONOMIC_HARM

RISK.CIVIL_RIGHTS_HARM

RISK.PRIVACY_HARM

RISK.SECURITY_HARM

RISK.INFORMATION_HARM

RISK.ENVIRONMENTAL_HARM

RISK.INSTITUTIONAL_HARM

RISK.DEMOCRATIC_HARM

RISK.SYSTEMIC_HARM

RISK.CATASTROPHIC_HARM

RISK.EXISTENTIAL_HARM

15.10 Risk Actor Model

15.11 Risk Temporal Horizon

15.12 Risk Scale

15.13 Risk Reversibility

15.14 Risk Uncertainty

15.15 Systemic Risk Subclasses

15.16 Risk Relationship Rules


16. Safeguard and Control Taxonomy

16.1 SAFEGUARD.SAFEGUARD

A technical, procedural, organizational, contractual, or institutional measure intended to reduce risk.

16.2 Safeguard Function

SAFEGUARD.PREVENTIVE

Prevents or reduces the probability of an event.

SAFEGUARD.DETECTIVE

Detects an event, anomaly, or failure.

SAFEGUARD.CORRECTIVE

Contains, remediates, or recovers.

SAFEGUARD.COMPENSATING

Provides an alternative where a primary control is unavailable or insufficient.

SAFEGUARD.DETERRENT

Changes incentives to discourage harmful behavior.

16.3 Safeguard Layer

Model-Level

System-Level

Deployment-Level

Organizational

Contractual

Institutional

16.4 Safeguard Mechanism

16.5 Safeguard Effectiveness Facets

16.6 Safeguard Relationship Rules


17. Evaluation and Testing Taxonomy

17.1 EVAL.EVALUATION

A structured process for producing and interpreting evidence about an object or claim.

17.2 Evaluation Object

17.3 Evaluation Purpose

17.4 Evaluation Timing

17.5 Evaluation Party

17.6 Evaluation Openness

17.7 EVAL.TEST

A defined procedure used to observe or measure one or more characteristics.

17.8 EVAL.BENCHMARK

A standardized task set, procedure, and metric used for comparison.

Benchmark Subclasses

17.9 EVAL.PROTOCOL

The complete versioned specification governing evaluation.

17.10 EVAL.TASK

A defined activity assigned to a model or system.

17.11 EVAL.TASK_FAMILY

A group of related tasks.

17.12 EVAL.SCENARIO

A structured contextual situation for evaluation.

17.13 EVAL.ENVIRONMENT

The setting in which evaluation occurs.

17.14 EVAL.HARNESS

Software and infrastructure administering the evaluation.

17.15 EVAL.RUN

One execution of an evaluation or part of it.

17.16 EVAL.TRIAL

One attempt at a task or item.

17.17 EVAL.RESULT

A scored or interpreted output of an evaluation.

17.18 Evaluation Method

17.19 Elicitation Facet

17.20 Scoring Facet

17.21 Integrity Facet

17.22 Evaluation Relationship Rules


18. Evidence and Claim Taxonomy

18.1 EVIDENCE.CLAIM

A proposition asserted to be true, supported, justified, or sufficiently reliable for a defined purpose.

Claim Type

18.2 EVIDENCE.EVIDENCE_OBJECT

An information object relevant to supporting or challenging a claim.

18.3 Evidence Directness

18.4 Evidence Source Type

18.5 Evidence Form

18.6 Evidence Level

Use the canonical evidence levels from EVIDENCE_STANDARDS.md.

18.7 Confidence

18.8 Evidence Quality Facets

18.9 Evidence Status

18.10 Claim Status

18.11 Evidence Direction

18.12 Evidence Relationship Rules


19. Review Taxonomy

19.1 REVIEW.REVIEW

A structured examination of evidence, methods, reasoning, process, or claims.

19.2 Review Relationship

19.3 Review Subject

19.4 Review Discipline

19.5 Review Depth

19.6 REVIEW.MANDATE

A documented review question, scope, authority, access, methods, outputs, constraints, and decision relationship.

19.7 REVIEW.FINDING

A supported conclusion produced through review.

19.8 REVIEW.DISSENT

A reasoned disagreement with a primary or majority conclusion.

19.9 REVIEW.MINORITY_REPORT

A formal documented dissent.

19.10 REVIEW.FACTUAL_CORRECTION

Review focused on factual or configuration accuracy.

19.11 Review Access Facet

19.12 Review Independence Facet

19.13 Review Outcome


20. Audit, Assurance, Certification, and Accreditation Taxonomy

20.1 ASSURANCE.ASSURANCE

Evidence-supported confidence that a claim or requirement is sufficiently reliable for a defined purpose.

20.2 Assurance Level

20.3 ASSURANCE.AUDIT

A systematic, independent, documented process for obtaining and evaluating evidence against defined criteria.

Audit Subject

20.4 ASSURANCE.INSPECTION

Examination of a product, process, service, system, installation, or design for conformity with requirements.

20.5 ASSURANCE.VALIDATION

Confirmation that a method, model, process, or requirement is suitable for intended use.

20.6 ASSURANCE.VERIFICATION

Confirmation that specified requirements have been fulfilled.

20.7 ASSURANCE.ATTESTATION

Issue of a statement, after review and decision, that specified requirements have been demonstrated.

20.8 ASSURANCE.CONFORMITY_ASSESSMENT

Demonstration that specified requirements are fulfilled.

20.9 Conformity-Assessment Party

20.10 ASSURANCE.CERTIFICATION

Third-party attestation under a defined certification scheme.

Certification Object

20.11 ASSURANCE.CERTIFICATE

A formal record of certification.

20.12 ASSURANCE.CERTIFICATION_SCHEME

The rules, procedures, requirements, assessment, surveillance, claims, and governance for certification.

20.13 ASSURANCE.ACCREDITATION

Independent recognition that a conformity-assessment body is competent and impartial for specified activities.

20.14 ASSURANCE.ACCREDITATION_SCOPE

The exact activities, methods, domains, systems, locations, and limits of recognition.

20.15 ASSURANCE.RECOGNITION

Acceptance of evidence, competence, process, status, or decision for a defined purpose.

20.16 Recognition Type

20.17 Assurance Status

20.18 Assurance Relationship Rules


21. Standards and Requirements Taxonomy

21.1 STANDARD.DOCUMENT

A governed document providing rules, requirements, guidelines, characteristics, or common practices.

21.2 Standards Stage

21.3 Standards Type

STANDARD.TECHNICAL

Defines technical methods, interfaces, measurements, or performance.

STANDARD.PROCESS

Defines procedures, records, and workflows.

STANDARD.MANAGEMENT_SYSTEM

Defines organizational management requirements.

STANDARD.PERFORMANCE

Defines required outcomes.

STANDARD.INTERFACE

Defines interactions and data exchange.

STANDARD.REPORTING

Defines disclosure and reporting.

STANDARD.TERMINOLOGY

Defines terms and classifications.

STANDARD.TEST_METHOD

Defines testing or evaluation procedures.

21.4 STANDARD.SPECIFICATION

A detailed technical or procedural description.

21.5 STANDARD.GUIDANCE

Advisory material explaining interpretation or implementation.

21.6 STANDARD.FRAMEWORK

A structured set of concepts, functions, outcomes, or practices.

21.7 STANDARD.CODE_OF_CONDUCT

A set of expected behaviors or voluntary commitments.

21.8 STANDARD.CODE_OF_PRACTICE

Operational guidance describing accepted implementation practices.

21.9 STANDARD.REQUIREMENT

A condition that must be fulfilled within a defined context.

Requirement Force

Requirement Form

Requirement Level

21.10 STANDARD.CONFORMITY_CRITERION

A criterion used to determine whether a requirement is fulfilled.

21.11 STANDARD.SAFE_HARBOR

A provision providing defined protection when specified conditions are met.

21.12 STANDARD.PRESUMPTION_OF_CONFORMITY

A presumption that following a recognized standard supports fulfillment of a requirement.

21.13 STANDARD.SUNSET

A provision causing expiration unless renewed.

21.14 STANDARD.REVIEW_CLAUSE

A requirement for reassessment.

21.15 Standards Relationship Rules


22. Governance and Decision Taxonomy

22.1 GOV.GOVERNANCE_SYSTEM

A system of authority, roles, decisions, accountability, oversight, and control.

22.2 Governance Body

22.3 Governance Function

22.4 GOV.DECISION

A formal determination by an authorized actor.

Decision Type

22.5 Decision Outcome

22.6 GOV.DECISION_RIGHT

Authority to make a defined decision.

22.7 GOV.MANDATE

A documented assignment of purpose, authority, responsibility, scope, and limits.

22.8 GOV.ACCOUNTABILITY

Obligation to explain, justify, and accept responsibility.

22.9 GOV.OVERSIGHT

Supervisory or independent observation and review.

22.10 GOV.APPEAL

A formal request for review of a decision.

22.11 GOV.COMPLAINT

A documented expression of dissatisfaction or allegation.

22.12 GOV.RECUSAL

Withdrawal because of conflict or disqualification.

22.13 GOV.CONSENSUS

Broad agreement after addressing substantial objections.

22.14 GOV.DISSENT

A reasoned unresolved disagreement.

22.15 Governance Risk

22.16 Governance Relationship Rules


23. Incident, Failure, and Correction Taxonomy

23.1 INCIDENT.INCIDENT

An event or condition that caused, could have caused, or revealed material harm, failure, compromise, misuse, or loss of control.

23.2 Incident Type

23.3 Incident Role of AI

23.4 Incident Severity

23.5 Incident Status

23.6 INCIDENT.FAILURE

Inability of a system, process, safeguard, evaluator, or institution to fulfill an intended function or requirement.

23.7 Failure Layer

23.8 Failure Mode

23.9 INCIDENT.ROOT_CAUSE

An underlying cause whose correction would materially reduce recurrence.

23.10 INCIDENT.CONTRIBUTING_FACTOR

A condition increasing likelihood or severity.

23.11 INCIDENT.CORRECTIVE_ACTION

Action addressing a detected failure.

23.12 INCIDENT.PREVENTIVE_ACTION

Action reducing the likelihood of a potential failure.

23.13 INCIDENT.CORRECTION

A visible change addressing error in a record, claim, method, or result.

23.14 Correction Type

23.15 Incident Relationship Rules


24. Incentive and Recognition Taxonomy

24.1 INCENTIVE.INCENTIVE

A condition changing expected benefit, cost, status, opportunity, or consequence.

24.2 Incentive Mechanism

24.3 Incentive Target

24.4 Desired Behavior

24.5 Unintended Incentive Effect

24.6 INCENTIVE.RECOGNITION

Formal or informal acknowledgment of contribution, competence, or achievement.

Recognition Type

24.7 INCENTIVE.PRESTIGE

Durable esteem or status granted by a community or institution.

24.8 Recognition Status

24.9 Incentive Relationship Rules


25. Interoperability and International Coordination Taxonomy

25.1 INTEROP.INTEROPERABILITY

The ability of distinct systems, protocols, organizations, or jurisdictions to exchange, interpret, and use information or evidence.

25.2 Interoperability Layer

25.3 INTEROP.CROSSWALK

A structured mapping among classes, requirements, controls, protocols, or standards.

25.4 INTEROP.BRIDGE_STUDY

An empirical or analytical study connecting results across protocols, versions, languages, or systems.

25.5 INTEROP.COMMON_CORE

Shared elements preserved across implementations.

25.6 INTEROP.LOCAL_EXTENSION

A documented jurisdictional, sectoral, linguistic, or institutional addition.

25.7 INTEROP.EQUIVALENCE

A determination that different methods or requirements achieve sufficiently comparable outcomes for a stated purpose.

25.8 INTEROP.COMPARABILITY

The degree to which results can be meaningfully compared.

25.9 INTEROP.MUTUAL_RECOGNITION

Reciprocal acceptance of defined results, status, or competence.

25.10 INTEROP.FEDERATED_REGISTRY

A registry model in which multiple authorities maintain interoperable records.

25.11 INTEROP.TRANSLATION_VALIDATION

Assessment of whether a translation preserves intended meaning and construct.

25.12 INTEROP.CAPACITY_BUILDING

Development of local expertise, infrastructure, governance, and participation.

25.13 Interoperability Status

25.14 Interoperability Relationship Rules


26. Research Taxonomy

26.1 RESEARCH.PROJECT

A structured activity intended to generate, test, synthesize, or apply knowledge.

26.2 Research Purpose

26.3 Research Method

26.4 Research Object

26.5 Research Stage

26.6 Research Consequence

26.7 Research Sensitivity

26.8 Research Output

26.9 Research Relationship Rules


27. Status, Version, Security, and Record Taxonomy

27.1 STATUS.VERSION

An identified state of an object.

27.2 Version Change

27.3 Lifecycle Status

27.4 STATUS.RECORD

A structured representation of an entity.

27.5 Record Type

27.6 Record Integrity

27.7 SECURITY.CLASSIFICATION

A category governing access, handling, and disclosure.

Classes

27.8 Security Handling

27.9 Security Status

27.10 Status Relationship Rules


28. Jurisdiction and Legal Scope Taxonomy

28.1 JURIS.JURISDICTION

A legal, geographic, organizational, or institutional domain of authority.

28.2 Jurisdiction Level

28.3 Legal Instrument

28.4 Legal Status

28.5 Applicability

28.6 Legal Relationship Rules


29. Core Relationship Vocabulary

The following relationship types are canonical.

29.1 Identity Relationships

29.2 Composition Relationships

29.3 Lineage Relationships

29.4 Evaluation Relationships

29.5 Evidence Relationships

29.6 Risk Relationships

29.7 Standards and Assurance Relationships

29.8 Governance Relationships

29.9 Temporal Relationships

29.10 Relationship Confidence

Every inferred relationship may include:


30. Classification Rules

30.1 Model Versus System Rule

Classify a model separately from the system using it.

30.2 Role Separation Rule

Classify every actor role separately.

30.3 Capability-Risk Rule

Do not classify a capability as a risk.

Link the capability to a risk through context.

30.4 Safeguard Rule

Classify a safeguard by function, layer, and mechanism.

Do not classify it as proof of safety.

30.5 Evaluation-Audit Rule

Do not classify an evaluation as an audit unless defined criteria and audit process exist.

30.6 Certification-Accreditation Rule

Certification applies to conformity under a scheme.

Accreditation applies to competence of a conformity-assessment body within scope.

30.7 External-Independent Rule

External is a location or organizational relationship.

Independent is a multidimensional condition.

30.8 Legal-Technical Rule

Preserve legal and technical categories separately.

30.9 Current-Status Rule

Every consequential record should include current status.

30.10 Multi-Label Rule

Use multiple facets when one label would hide important dimensions.

30.11 Uncertain Classification Rule

Use confidence and alternatives.

Do not force a false category.

30.12 Local-Extension Rule

Local extensions should retain mapping to the common core.

30.13 Public-Claim Rule

Public classification should not imply authority beyond the evidence and project status.


31. Core Entity Profiles

A profile defines the minimum classes, facets, properties, and relationships required for a recurring record type.

31.1 Model Profile

Required fields:

Optional fields:

31.2 System Profile

Required fields:

31.3 Deployment Profile

Required fields:

31.4 Capability Profile

Required fields:

31.5 Risk Profile

Required fields:

31.6 Safeguard Profile

Required fields:

31.7 Evaluation Protocol Profile

Required fields:

31.8 Evaluation Result Profile

Required fields:

31.9 Evidence Profile

Required fields:

31.10 Independent Review Profile

Required fields:

31.11 Evaluator Organization Profile

Required fields:

31.12 Standard Profile

Required fields:

31.13 Certificate Profile

Required fields:

31.14 Accreditation Profile

Required fields:

31.15 Incident Profile

Required fields:

31.16 Recognition Profile

Required fields:


32. Machine-Readable Representation

32.1 Design Goal

The taxonomy should support structured data without forcing the Markdown document to function as executable software.

A future machine-readable release may use:

32.2 Human and Machine Labels

Every class should have:

32.3 Example Class Record

yaml id: CAP.CYBER.AUTONOMOUS_OPERATIONS preferred_label: Autonomous cyber operations capability definition: > The capability of an AI system to plan and execute multiple cyber-operation steps with limited direct human instruction under defined conditions. parent: CAP.CYBER status: preferred facets: - capability_object - autonomy_level - reliability - tool_access - evidence_level related: - CAP.PLANNING - CAP.TOOL_USE - RISK.SECURITY_HARM - EVAL.AGENT_EVALUATION version: 1.0.0

32.4 Example Evaluation Result Record

yaml id: SB-RESULT-2026-0044 type: EVAL.RESULT evaluated_object: SB-SYSTEM-2026-0017 protocol: SB-PROTOCOL-2026-0008 protocol_version: 1.2.0 capability: - CAP.CYBER.AUTONOMOUS_OPERATIONS evaluation_party: ACTOR.THIRD_PARTY_EVALUATOR integrity: EVAL.INTEGRITY.UNEXPOSED evidence_level: EVIDENCE.LEVEL.E3_SUBSTANTIATED confidence: high status: STATUS.CURRENT security: SECURITY.CONFIDENTIAL expires_on: 2027-01-15

32.5 JSON-LD Relationship Example

json { "@id": "SB-RESULT-2026-0044", "@type": "EVAL.RESULT", "evaluatedBy": {"@id": "SB-PROTOCOL-2026-0008"}, "concernsSystem": {"@id": "SB-SYSTEM-2026-0017"}, "supportsClaim": {"@id": "SB-CLAIM-2026-0031"}, "reviewedBy": {"@id": "SB-REVIEW-2026-0009"}, "status": "STATUS.CURRENT" }

32.6 Schema Validation

Machine-readable records should validate:

32.7 Provenance

Structured records should preserve:

32.8 Digital Signatures

High-consequence records may be digitally signed.

32.9 No Schema-Meaning Substitution

A technically valid JSON record can still be conceptually wrong.

Schema validation does not replace expert classification.


33. External Mapping and Crosswalk Rules

33.1 Mapping Types

A class may map to an external class as:

33.2 Mapping Record

Record:

33.3 No Silent Equivalence

Different labels should not be treated as exact equivalents without review.

33.4 Legal Mapping

Legal classifications should retain:

33.5 Standards Mapping

Standards crosswalks should identify:

33.6 Translation Mapping

Translated classes should record:

33.7 External Vocabulary Preservation

When importing an external term:

33.8 Interoperability Principle

Mapping should enable understanding.

It should not manufacture consensus or legal effect.


34. Domain Extension Framework

34.1 Purpose

Some capability, risk, safeguard, and evaluation domains require specialized extensions.

Examples:

34.2 Extension Requirements

A domain extension should define:

34.3 Extension Identifier

Preferred pattern:

DOMAIN-SPECIFIC-PREFIX.CLASS

Example:

CYBER.TASK.EXPLOIT_CHAIN

34.4 Common-Core Requirement

Every extension should map material classes to the Standards Body common core.

34.5 Domain Authority

Domain experts should review extensions.

34.6 Security

A public taxonomy may omit or generalize sensitive subclasses when detailed classification would increase harm.

34.7 Extension Status

Use:


35. Taxonomy Governance

35.1 Taxonomy Owner

Standards Body owns and maintains the canonical taxonomy.

35.2 Stewardship Function

A future taxonomy steward or committee should:

35.3 Proposal Requirements

A proposed class should include:

35.4 Approval Criteria

Approve a new class only when:

35.5 Duplicate Control

Before adding a class:

35.6 Change Types

Editorial Change

No intended meaning change.

Clarifying Change

Improves definition without changing classification.

Substantive Change

Changes meaning, parent, relationships, or use.

Deprecation

Replaces a class.

Retirement

Ends active use.

35.7 Change Impact Review

Review affected:

35.8 Appeals

A contributor may appeal:

35.9 Emergency Correction

Correct immediately when a class:

35.10 Public Change Log

Publish material class changes and replacements.


36. Taxonomy Quality Tests

36.1 Identity Test

Does the class describe a type of object rather than an opinion about it?

36.2 Parent Test

Is the parent relationship valid?

36.3 Distinction Test

Can qualified users distinguish the class from related classes?

36.4 Completeness Test

Does the taxonomy cover the material classes needed for the use case?

36.5 Exclusivity Test

Where classes are intended to be exclusive, can one object be assigned consistently?

36.6 Polyhierarchy Test

Where overlap is legitimate, does the structure permit multiple classifications?

36.7 Facet Test

Should the proposed class be an independent facet instead?

36.8 Evidence Test

Can a classification be supported by identifiable evidence?

36.9 Authority Test

Does the label imply unsupported legal or institutional status?

36.10 Temporal Test

Can the classification change over time without losing history?

36.11 Interoperability Test

Can the class be mapped to external systems?

36.12 Translation Test

Can the concept be translated without unacceptable loss?

36.13 Security Test

Could publishing the class or record increase harm?

36.14 Usability Test

Can researchers, evaluators, policymakers, and technical systems apply it?

36.15 Anti-Gaming Test

Could actors manipulate the classification to gain status or avoid obligations?


37. Common Classification Errors

37.1 Product-Name Collapse

Error:

Treating one marketed name as a stable model or system identity.

Correction:

Create separate records for family, model version, system, and deployment.

37.2 Frontier as Permanent Status

Error:

Treating frontier status as timeless.

Correction:

Record basis, date, dimension, and confidence.

37.3 Open-Source Overstatement

Error:

Classifying an open-weight model as fully open-source without component analysis.

Correction:

Classify weights, code, data, license, and documentation separately.

37.4 Capability-Risk Collapse

Error:

Classifying cyber capability as cyber risk.

Correction:

Link capability to risk through actor, access, vulnerability, safeguard, and consequence.

37.5 Evaluation-Assurance Collapse

Error:

Classifying a benchmark result as certification.

Correction:

Preserve evaluation, review, scheme, and certification as separate entities.

37.6 External-Independent Collapse

Error:

Classifying every outside reviewer as independent.

Correction:

Use the independence profile.

37.7 Accreditation Overreach

Error:

Classifying an accredited organization as competent for all AI evaluation.

Correction:

Record exact accreditation scope.

37.8 Status Omission

Error:

Displaying a withdrawn or expired record without status.

Correction:

Require current status and history.

37.9 Jurisdiction Omission

Error:

Presenting a legal category as universal.

Correction:

Attach jurisdiction and effective date.

37.10 Single-Score Classification

Error:

Classifying a system as safe or unsafe from one metric.

Correction:

Use capability, risk, safeguard, evidence, and context profiles.

37.11 Overclassification

Error:

Creating new classes for every minor variation.

Correction:

Use properties and facets.

37.12 Underclassification

Error:

Using broad classes that erase decision-relevant differences.

Correction:

Add a subclass when the distinction changes evidence, governance, or action.


38. Worked Classification Examples

38.1 Hosted General-Purpose Assistant

Possible classification:

Additional records required:

38.2 Open-Weight Research Model

Possible classification:

Do not infer:

38.3 Held-Out Cyber Evaluation

Possible classification:

Required relationships:

38.4 Independent Review of Developer Evidence

Possible classification:

Do not classify as:

unless those additional processes exist.

38.5 Evaluator Certification

A certification of an evaluator's management system may be classified as:

It should not be classified automatically as:

38.6 Post-Deployment Incident

Possible classification:

The record should preserve uncertainty about causation.

38.7 Proposed Procurement Requirement

Possible classification:

Do not classify as legally mandatory unless law creates that effect.


39. Taxonomy Implementation Pathway

Phase 1: Canonical Adoption

Use this taxonomy in new canonical files and registries.

Phase 2: Existing-File Audit

Review existing foundation and institutional files for:

Phase 3: Core Registry Schema

Create schemas for:

Phase 4: Identifier Service

Establish controlled identifier assignment.

Phase 5: Machine-Readable Release

Publish the common core in a structured format.

Phase 6: Domain Extensions

Develop controlled extensions for:

Phase 7: External Crosswalks

Map relevant external vocabularies and standards.

Phase 8: Classification Pilot

Classify a representative set of:

Measure inter-rater consistency and ambiguity.

Phase 9: Public Registry Integration

Use taxonomy identifiers in public records.

Phase 10: Continuous Governance

Review classes, mappings, and use annually and after major incidents or standards changes.


40. Taxonomy Scorecard

Dimension Core question
Object identity Is the actual object identified?
Correct level Is classification at model, system, deployment, organization, or legal level correct?
Class validity Does the class accurately represent the object?
Parent validity Is the hierarchical relationship defensible?
Facet use Are independent characteristics represented as facets?
Relationship precision Are entity relationships named accurately?
Evidence Is the classification supported?
Confidence Is uncertainty in classification visible?
Version Is the relevant version identified?
Status Is current, expired, superseded, or withdrawn status shown?
Jurisdiction Is legal or institutional scope preserved?
Security Is disclosure classification appropriate?
Role separation Are developer, provider, deployer, evaluator, and authority roles separated?
Capability-risk separation Are ability and risk kept distinct?
Evaluation-assurance separation Are test, review, audit, certification, and accreditation distinct?
Interoperability Can the class map to external vocabularies?
Machine readability Can the record be represented structurally?
Human readability Can informed users understand the class?
Temporal stability Can changes occur without losing history?
Anti-gaming Does the classification resist prestige or compliance gaming?
Extensibility Can domains extend the taxonomy without breaking the core?
Governance Can classes be reviewed, appealed, corrected, and retired?

40.1 Critical Failures

The following normally invalidate a consequential classification:

40.2 No Universal Taxonomy Score

Do not average all dimensions into one number.

Critical errors should remain visible.


41. Classification Record Template

Record ID:
Record type:
Preferred label:
Version:
Status:
Classification date:
Classifier:
Reviewer:

Object Identity

Primary Class

Subclasses

Facets

Relationships

Jurisdiction

Security Classification

Supporting Evidence

Classification Confidence

Alternative Classifications Considered

Limitations

Review Date

Change History


42. Taxonomy Class Proposal Template

Proposed identifier:
Preferred label:
Proposer:
Date:

Definition

Purpose

Parent Class

Subclasses

Applicable Facets

Required Properties

Relationships

Examples

Nonexamples

Existing Classes Considered

External Mappings

Evidence and Sources

Security Considerations

Implementation Impact

Proposed Status

Reviewers

Decision


43. Taxonomy Change Request Template

Change request ID:
Affected class:
Current version:
Proposer:
Date:

Change Type

Current Definition or Structure

Proposed Definition or Structure

Rationale

Evidence

Affected Records

Affected Canonical Files

Interoperability Impact

Translation Impact

Transition Plan

Effective Version

Review and Decision


44. Crosswalk Record Template

Crosswalk ID:
Standards Body taxonomy version:
External source:
External version:
Jurisdiction or domain:
Reviewer:
Date:

Standards Body class External class Mapping type Rationale Limitations Status

Mapping types:

Recognition Effect

State explicitly whether the crosswalk has:

Do not imply legal effect unless authorized.


45. Registry Record Template

Registry:
Record ID:
Entity type:
Entity identifier:
Preferred label:
Owner:
Version:
Status:
Effective date:
Expiration or review date:

Classification

Scope

Relationships

Evidence

Confidence

Security and Access

Recognition

Corrections

Superseded Records

Digital Signature or Integrity Record


46. Taxonomic Decision Rules

46.1 New-Class Decision

Create a new class when the distinction:

46.2 Facet Decision

Create a facet when the characteristic:

46.3 Relationship Decision

Create or use a relationship when meaning depends on the connection among entities.

46.4 Provisional Classification Decision

Use provisional status when:

46.5 Deprecation Decision

Deprecate a class when:

46.6 Retirement Decision

Retire a class when it no longer serves current work and transition is complete.

46.7 Public Disclosure Decision

Do not publish detailed classification when it would reveal:

Publish the highest safe parent class and a reason for restriction where appropriate.

46.8 Legal Classification Decision

Seek qualified legal review when a classification affects:


47. Canonical Standards Body Taxonomy Positions

Standards Body adopts the following working positions.

  1. A taxonomy is operational infrastructure, not decorative organization.

  2. The object should be identified before the label is selected.

  3. Models, systems, deployments, organizations, and jurisdictions are distinct levels of analysis.

  4. A marketed product name is not a sufficient technical identifier.

  5. Model family, model version, system version, and deployment should have separate records.

  6. A system may inherit model capability evidence only through documented analysis.

  7. A capability is an ability under specified conditions.

  8. A capability is not itself a risk.

  9. Risk classification requires context, actor, access, exposure, vulnerability, safeguard, likelihood, and consequence.

  10. A safeguard should be classified by function, layer, mechanism, scope, and effectiveness evidence.

  11. A safeguard does not constitute a guarantee.

  12. A test is not the same as an evaluation.

  13. A benchmark is not the same as a complete protocol.

  14. A review is not automatically an audit.

  15. An external reviewer is not automatically independent.

  16. An audit is criteria-based, systematic, independent, and documented.

  17. Certification is third-party attestation under a defined scheme.

  18. Accreditation recognizes conformity-assessment competence within scope.

  19. A certificate does not establish properties outside its scheme and scope.

  20. Legal approval, certification, accreditation, recognition, and endorsement are distinct.

  21. Every consequential classification should include version and status.

  22. Frontier status is time-dependent and dimension-dependent.

  23. Open-weight, open-source, open-data, and public-access classifications should remain separate.

  24. Public, controlled, confidential, restricted, and highly restricted are distinct access classes.

  25. Evaluation integrity status should travel with a result.

  26. A contaminated or compromised result should not remain classified as current without review.

  27. Evidence level and confidence are distinct facets.

  28. Evidence may support, challenge, narrow, contextualize, or fail to resolve a claim.

  29. A negative evaluation result should not automatically classify a capability as absent.

  30. Actor roles should be represented separately even when one organization performs several roles.

  31. Sponsor, developer, provider, deployer, operator, evaluator, reviewer, and authority are distinct roles.

  32. Institutional authority should be classified by source and scope.

  33. A research project should not be classified as a regulator, certification body, or accreditation body without actual mandate and function.

  34. Standards may be technical, process-based, performance-based, management-system, interface, reporting, terminology, or test-method standards.

  35. A standard may be voluntary while requirements adopted through contract or law may be binding.

  36. Standards stage and legal force should remain separate.

  37. An incident may have several classifications simultaneously.

  38. AI involvement in an incident should be classified by causal or contributory role rather than assumed.

  39. Failure, root cause, contributing factor, correction, and preventive action are distinct.

  40. Incentive mechanisms should be classified together with intended and unintended effects.

  41. Prestige and recognition do not establish competence or authority.

  42. Interoperability does not require identical classification systems.

  43. A crosswalk does not establish equivalence automatically.

  44. Legal equivalence requires recognition by the relevant authority.

  45. Local extensions should preserve mapping to a common core.

  46. Noncomparability is a valid taxonomic result.

  47. Uncertain classifications should remain uncertain rather than forced.

  48. Machine-readable validity does not guarantee conceptual validity.

  49. Taxonomic classes should be corrected, deprecated, and retired visibly.

  50. Standards Body should evaluate the consistency, usability, and real-world effects of its own taxonomy.


48. Relationship to Other Canonical Files

PROJECT_IDENTITY.md

Defines the identity, present role, authority boundaries, audiences, and public positioning of Standards Body.

The taxonomy must not classify the project in a way that exceeds those boundaries.

TERMINOLOGY.md

Defines the preferred terms and meanings.

This taxonomy organizes those terms into classes, facets, properties, and relationships.

FOUNDATIONS_APPENDIX.md

Defines the integrated eight-foundation system.

This taxonomy provides the entity architecture required to represent that system.

EVIDENCE_STANDARDS.md

Defines evidence levels, source quality, claims, confidence, and correction.

This taxonomy provides corresponding evidence and claim classes.

RESEARCH_METHODOLOGY.md

Defines how research is planned, conducted, reviewed, published, and corrected.

This taxonomy classifies research projects, methods, artifacts, review levels, and outputs.

EVALUATION_PHILOSOPHY.md

Will define the deeper conceptual approach to constructs, validity, capability, risk, thresholds, and interpretation.

This taxonomy provides the formal categories used by that philosophy.

INSTITUTION_DESIGN.md

Will define the institutional system.

This taxonomy provides classes for organizations, roles, authority, schemes, registries, and governance bodies.

GOVERNANCE_FRAMEWORK.md

Will define decision rights, committees, oversight, recusal, appeals, and accountability.

This taxonomy provides the corresponding governance entities and relationships.

STANDARDS_DEVELOPMENT_PROCESS.md

Will define the standards lifecycle.

This taxonomy provides standards types, stages, requirement forms, and statuses.

EVALUATOR_ACCREDITATION_FRAMEWORK.md

Will define evaluator competence and recognition.

This taxonomy distinguishes evaluators, audit, certification, accreditation, scopes, and statuses.

TRANSPARENCY_FRAMEWORK.md

Will define public, controlled, confidential, restricted, and highly restricted information handling.

WEBSITE_SOURCE_OF_TRUTH.md

Will apply approved classifications and public descriptions to website content.

SOURCES.md

Will maintain source records linked to evidence and classification decisions.

FAILURE_DATABASE.md

Will use the incident, failure, root-cause, and correction taxonomy.

VERSION_HISTORY.md

Will preserve the version and status history of taxonomy classes and classified records.


49. Taxonomy Maturity Model

Level 0: Uncontrolled Vocabulary

Characteristics:

Level 1: Controlled Terms

Characteristics:

Level 2: Faceted Classification

Characteristics:

Level 3: Relationship and Registry Model

Characteristics:

Level 4: Machine-Readable and Interoperable

Characteristics:

Level 5: Adaptive Taxonomic Infrastructure

Characteristics:

Maturity Rule

Taxonomic maturity depends on use and governance, not document length.

A complete vocabulary that is not applied consistently remains low maturity.


50. Taxonomy Audit Program

50.1 Audit Purpose

Determine whether Standards Body records and publications use the taxonomy correctly.

50.2 Audit Sample

Sample:

50.3 Audit Questions

50.4 Error Categories

50.5 Corrective Action

A taxonomic error may require:

50.6 Audit Metrics

Possible metrics:


51. Final Taxonomy Position

A frontier AI standards project cannot build credible evaluation, assurance, or governance on top of unstable categories.

The system fails when:

Taxonomy is the discipline that prevents these substitutions.

It tells Standards Body what kind of object is being discussed.

It preserves the object's version, scope, context, status, and jurisdiction.

It makes relationships explicit.

It supports structured evidence.

It allows one institution to understand another without pretending that all systems are identical.

It allows the project to evolve without silently rewriting its history.

The defining taxonomic rule of Standards Body is:

Name the object, classify the level, attach the context, state the relationship, and preserve the version.


Revision Record

Version 1.0

Date: July 16, 2026

Change type: Complete foundational edition

Summary: Establishes the canonical Standards Body taxonomy. Defines design principles, class and facet architecture, identifiers, classification status and confidence, twenty-three primary domains, actors, AI artifacts, systems, lifecycle, access, deployment, capabilities, risks, safeguards, evaluations, evidence, review, assurance, standards, governance, incidents, incentives, interoperability, research, status, security, jurisdiction, relationship vocabulary, classification rules, entity profiles, machine-readable representation, external mappings, domain extensions, governance, quality tests, common errors, worked examples, implementation, scorecard, operational templates, canonical positions, maturity, audit, and cross-file interfaces.

Status: Approved foundational source.