Document Purpose

This document establishes the complete standards-development process for Standards Body.

It defines:

  • Which outputs qualify as standards and which do not
  • The principles governing standards development
  • The constitutional relationship among the Governing Board, Standards Council, Scientific and Evaluation Council, Public Interest and Rights Council, International Coordination Forum, Security and Confidentiality Committee, Appeals and Review Panel, Secretariat, working groups, contributors, participants, members, funders, and external institutions
  • The standards work program
  • New-work proposals
  • scope and charter development
  • stakeholder mapping and balanced participation
  • working-group formation
  • evidence review
  • drafting and editing
  • prototype and pilot requirements
  • public review and comment disposition
  • consensus
  • voting
  • substantial objections
  • dissent
  • appeals
  • approval
  • publication
  • implementation
  • adoption
  • interpretations
  • corrections
  • amendments
  • systematic review
  • confirmation
  • revision
  • supersession
  • withdrawal
  • retirement
  • urgent and provisional standards
  • intellectual property
  • patents
  • licensing
  • accessibility
  • translations
  • international coordination
  • regulatory relationships
  • conformity-assessment readiness
  • process audit
  • performance metrics
  • failure recovery

The process is designed for frontier AI, a domain in which:

  • Technical capabilities change rapidly
  • evaluation methods can become stale
  • some evidence must remain confidential
  • standards may affect severe-risk decisions
  • public law may incorporate private standards
  • access to expertise and systems is uneven
  • dominant firms possess disproportionate resources
  • model behavior is probabilistic and context-dependent
  • international compatibility matters
  • poorly designed standards can create false assurance

The governing procedural rule is:

A Standards Body standard should emerge from a documented public-interest need, credible evidence, balanced and competent participation, genuine consideration of objections, validated implementation, independent process controls, and a maintained lifecycle.


Executive Summary

Standards convert knowledge into repeatable expectations.

They can define:

  • Terminology
  • measurement methods
  • system identity
  • evaluation protocols
  • evidence formats
  • reporting requirements
  • organizational processes
  • competency requirements
  • interoperability mechanisms
  • assurance criteria

Standards can make complex systems easier to compare, audit, procure, regulate, and improve.

They can also create serious institutional failures.

A premature standard can freeze a weak method.

A vague standard can create compliance theater.

A prescriptive standard can entrench one technical architecture.

A proprietary standard can exclude smaller actors.

A hidden drafting process can give private interests de facto regulatory power.

A standard designed by evaluators may create demand for the evaluators' own services.

A standard built around current frontier laboratories may become inaccessible to open-source communities, startups, public institutions, and lower-resource regions.

A standard that becomes law may acquire consequences far beyond the process that produced it.

A standard that is never maintained can remain influential after its technical foundation has failed.

The central process proposition is:

Standards authority should arise from the quality of the problem definition, evidence, participation, consensus process, implementation, maintenance, and accountability, not from the prestige of the issuing institution.

Standards Body Process Model

The complete process contains fifteen stages.

  1. Need identification
  2. preliminary research
  3. new-work proposal
  4. authorization and classification
  5. charter and scope
  6. working-group formation
  7. evidence and requirements development
  8. working draft
  9. pilot or reference implementation
  10. committee draft
  11. public review
  12. comment resolution and consensus
  13. approval
  14. publication and implementation
  15. maintenance, revision, and retirement

The process is not a conveyor belt.

A project may be:

  • Re-scoped
  • returned to research
  • split
  • paused
  • discontinued
  • published as guidance rather than a standard
  • withdrawn after public review
  • retired after implementation failure

Process Principles

The process is governed by:

  • Transparency
  • openness
  • impartiality
  • balance
  • lack of dominance
  • due process
  • consensus
  • effectiveness
  • relevance
  • coherence
  • accessibility
  • development and capacity considerations
  • evidence maturity
  • technical competence
  • public-interest review
  • security proportionality
  • maintenance
  • appeal
  • correction

These principles draw from established standards practice, including ISO and IEC procedures, ANSI due-process requirements, WTO principles for international standards, CEN and CENELEC principles, and open technical standards processes such as IETF, W3C, and OASIS.[^iso-directives][^ansi-essential][^wto-principles][^cen-standards][^ietf-process][^w3c-process][^oasis-process]

Standards Categories

Standards Body may eventually develop:

  • Terminology standards
  • taxonomy standards
  • technical specifications
  • evaluation test methods
  • protocol standards
  • evidence and provenance standards
  • reporting standards
  • system-identity specifications
  • evaluator-competence standards
  • interoperability profiles
  • incident-reporting standards
  • management-system requirements
  • implementation guidance

A document should not be called a standard merely because it is authoritative inside the project.

Research papers, opinion essays, roadmaps, case studies, and early frameworks remain distinct.

Evidence Maturity

A standards project should be classified by evidence maturity.

S0: Research Question

The problem and methods remain uncertain.

S1: Research Method

A method exists but lacks broad implementation evidence.

S2: Recommended Practice

Evidence supports guidance but not formal conformity.

S3: Pilot Specification

A defined specification is ready for controlled implementation.

S4: Consensus Standard

Evidence, implementation, participation, and process support formal approval.

S5: Assurance-Ready Standard

Requirements are sufficiently precise and validated for conformity assessment.

S6: Public-Law or Formal Recognition Candidate

The standard may be suitable for external legal, procurement, regulatory, or international recognition, subject to the relevant authority.

A standard should not advance merely because time has passed.

Governance

The Standards Council owns the standards work program and process integrity.

The Scientific and Evaluation Council reviews technical and evidentiary sufficiency.

The Public Interest and Rights Council reviews rights, accessibility, distribution, competition, and affected-party concerns.

The International Coordination Forum reviews international duplication, interoperability, translation, and capacity.

The Security and Confidentiality Committee governs protected material.

The Appeals and Review Panel hears eligible procedural appeals.

The Governing Board authorizes the institution's standards role and reserves constitutional decisions.

The Executive Secretariat administers the process.

Working groups develop the technical content.

Consensus

Consensus means broad agreement after serious efforts to resolve substantial objections.

Consensus does not require unanimity.

Consensus is not:

  • Silence
  • simple majority
  • absence of visible objection after exclusion
  • agreement among only dominant participants
  • acceptance produced by time pressure
  • chair declaration without evidence

A substantial objection must be:

  • Recorded
  • considered
  • answered
  • resolved, partly resolved, preserved as dissent, or rejected with reasons

Public Review

A mature standard should ordinarily receive at least one public-review period.

Recommended minimum:

  • 45 days for the first public review
  • 30 days for subsequent substantive review
  • 15 days for narrowly bounded correction or urgent provisional review

Longer periods should be used when:

  • The standard is complex
  • participation is international
  • translation is required
  • small actors need time
  • the standard may support law or conformity assessment

Approval

Approval requires more than a positive vote.

The approval package should show:

  • Need
  • scope
  • evidence
  • balance
  • participation
  • pilot evidence
  • comment disposition
  • consensus assessment
  • public-interest review
  • security review
  • implementation and maintenance plan
  • unresolved dissent
  • appeals status

Maintenance

Every standard should have:

  • Owner
  • identifier
  • version
  • publication date
  • effective date
  • review date
  • issue tracker
  • interpretation process
  • correction process
  • amendment process
  • incident triggers
  • supersession rules
  • withdrawal rules
  • retirement plan

Frontier AI standards should ordinarily receive review more frequently than traditional five-year cycles when technology and threats move rapidly.

Process Outcome

The objective is not to publish the greatest number of standards.

The objective is to publish standards that:

  • Solve a real coordination or assurance problem
  • remain within evidence
  • can be implemented
  • can be evaluated
  • do not create misleading claims
  • preserve competition
  • support international use
  • remain current
  • can be corrected or withdrawn

The final process rule is:

Do not standardize uncertainty merely to create institutional certainty. Standardize only what is sufficiently understood, useful, implementable, reviewable, and maintainable for the consequence at issue.


1. Foundational Standards-Development Propositions

1.1 Need Before Document

A standards project should begin with a demonstrated coordination, measurement, safety, assurance, interoperability, or public-interest need.

1.2 Evidence Before Obligation

The stronger the requirement, the stronger the evidence and implementation basis should be.

1.3 Function Before Form

Choose a standard, specification, guidance document, test method, profile, or research report according to the need.

1.4 Openness With Protected Evidence

Participation and governance should be open.

Protected technical details may remain controlled when necessary.

1.5 Consensus With Dissent

Consensus should seek broad agreement without erasing material disagreement.

1.6 Balance Without Artificial Equality

Participation should prevent dominance.

It need not assign identical numbers to every possible interest.

1.7 Competence and Interest Are Distinct

Stakeholders bring interests.

Experts bring competence.

A credible process needs both.

1.8 Public Interest Is Substantive

Public-interest review should affect scope, requirements, claims, and implementation.

1.9 Implementation Validates Drafting

A standard should be tested through implementations, pilots, simulations, or field evidence before high-consequence approval.

1.10 Performance Over Prescription

Use performance-based requirements when different technical approaches can achieve the objective credibly.

1.11 Precision for Conformity

A requirement intended for conformity assessment should be sufficiently precise to support consistent evidence and decisions.

1.12 No Standard by Reputation

Prestigious participants do not eliminate the need for due process.

1.13 Maintenance Is Part of Development

A standard without a maintenance system is incomplete.

1.14 Coherence

Standards Body should avoid conflicting with or duplicating suitable external standards without reason.

1.15 Accessibility

Participation and access should not be limited unnecessarily by fees, language, location, or organizational size.

1.16 Legal Effect Must Be Externalized

The legal effect of a standard arises from an external lawful mechanism, not from the document's internal label.

1.17 Assurance Readiness Is Separate

A technically useful standard may not yet be suitable for certification, audit, or accreditation.

1.18 Correctability

Standards should support interpretation, correction, revision, suspension, supersession, and withdrawal.


2. Scope and Non-Claims

2.1 Documents Covered

This process applies to:

  • Standards
  • specifications
  • test methods
  • protocol standards
  • reporting standards
  • terminology standards
  • interoperability profiles
  • competence standards
  • management-system standards
  • implementation guidance
  • amendments
  • corrections
  • interpretations

2.2 Documents Not Automatically Covered

The following do not automatically enter the standards process:

  • Research papers
  • blog posts
  • policy commentary
  • educational material
  • case studies
  • internal procedures
  • project roadmaps
  • experimental code
  • draft task banks
  • public statements

2.3 Legal Non-Claim

Approval does not establish legal compliance unless the relevant legal authority gives it that effect.

2.4 Safety Non-Claim

Conformity with a standard does not establish universal safety.

2.5 Consensus Non-Claim

Standards Body consensus does not establish worldwide consensus.

2.6 International Non-Claim

International participants do not transform Standards Body into an international organization.

2.7 Certification Non-Claim

A standard is not a certificate.

2.8 Accreditation Non-Claim

A standards-development process is not accreditation.


3. Canonical Definitions

Definitions in TERMINOLOGY.md govern.

3.1 Standard

A document established through a defined process that provides requirements, specifications, guidelines, characteristics, or common practices for repeated use.

3.2 Technical Specification

A detailed description of technical requirements, interfaces, methods, structures, or performance.

3.3 Test Method

A specified procedure for measuring or evaluating one or more properties.

3.4 Protocol Standard

A standard defining a complete evaluation or operational protocol.

3.5 Profile

A selected and constrained implementation of broader standards for a defined use, domain, or jurisdiction.

3.6 Requirement

A condition that must be fulfilled within the document's stated scope.

3.7 Recommendation

A provision expressing a preferred course of action.

3.8 Permission

A provision identifying an allowed course of action.

3.9 Consensus

Broad agreement after serious effort to address substantial objections.

3.10 Substantial Objection

A reasoned material concern concerning technical validity, safety, rights, implementation, legal effect, competition, interoperability, evidence, or process.

3.11 Public Review

A defined period during which interested persons may review and comment on a draft.

3.12 Comment Disposition

The documented treatment of a submitted comment.

3.13 Working Draft

An editor- or working-group-controlled draft without approved standards status.

3.14 Committee Draft

A draft approved by the responsible committee for a defined next stage.

3.15 Public-Review Draft

A committee draft released for public review.

3.16 Approved Standard

A document approved under the applicable Standards Body process.

3.17 Interpretation

A formal clarification concerning application of an existing provision without changing its normative requirement.

3.18 Amendment

A formally approved change to part of a standard.

3.19 Revision

A new edition or version incorporating substantive changes.

3.20 Confirmation

A decision that an existing standard remains current without substantive revision.

3.21 Supersession

Replacement of one standard or version by another.

3.22 Withdrawal

Formal termination of current Standards Body approval.

3.23 Retirement

End of active maintenance and recommended current use.

3.24 Normative Provision

A provision containing a requirement, recommendation, permission, definition, or rule necessary for implementation.

3.25 Informative Material

Explanatory or supporting material that does not create a normative obligation.


4. Standards-Development Principles

4.1 Transparency

Publish:

  • Work program
  • project status
  • participation routes
  • drafts
  • public comments or summaries
  • decisions
  • standards
  • corrections
  • maintenance status

4.2 Openness

Persons with a direct and material interest should have meaningful opportunities to participate.

ANSI describes due process as the right of an interested party to express a position and its basis, have that position considered, and have access to appeal.[^ansi-essential]

4.3 Impartiality

The process should not privilege a supplier, country, region, evaluator, funder, or technical architecture improperly.

4.4 Balance

No interest category should dominate.

4.5 Lack of Dominance

Dominance can exist without numerical majority through:

  • Funding
  • chair control
  • technical access
  • drafting control
  • time resources
  • voting blocs
  • model access
  • legal expertise
  • language

4.6 Consensus

The process should attempt to reconcile conflicting views and document unresolved objections.

4.7 Due Process

Participants should receive:

  • Notice
  • opportunity
  • consideration
  • reasons
  • appeal

4.8 Effectiveness and Relevance

A standard should respond to a real need and remain current.

4.9 Coherence

Avoid conflicting or duplicative standards.

4.10 Development Dimension

Consider the ability of developing economies, lower-resource institutions, and small actors to participate and implement.

The WTO identifies the development dimension as one of its six principles for international standards.[^wto-principles]

4.11 Evidence

Requirements should be supported by evidence appropriate to consequence.

4.12 Implementability

A standard should be usable in real systems.

4.13 Verifiability

Requirements intended for conformity assessment should support consistent evidence.

4.14 Security

Protect sensitive information proportionately.

4.15 Accessibility

Support:

  • Public access
  • understandable language
  • disability access
  • remote participation
  • translation
  • affordable implementation

4.16 Maintenance

Update or withdraw obsolete standards.

4.17 Accountability

Process actors should be conflict-screened and decisions reviewable.


5. Standards Document Architecture

5.1 Document Classes

Standards Body should distinguish the following document classes.

Research Report

Purpose:

  • Explore
  • synthesize
  • test
  • identify gaps

Normative status:

  • None unless a separate policy incorporates it

Recommended Practice

Purpose:

  • Describe an evidence-supported preferred approach

Normative status:

  • Advisory

Technical Specification

Purpose:

  • Define technical requirements, interfaces, formats, or procedures

Normative status:

  • May be normative within its scope

Test Method

Purpose:

  • Define measurement or evaluation procedure

Normative status:

  • Normative when referenced by a requirement or protocol

Protocol Standard

Purpose:

  • Define the complete architecture for administering and interpreting an evaluation or process

Reporting Standard

Purpose:

  • Define required metadata, disclosures, evidence, and status records

Terminology Standard

Purpose:

  • Define controlled terms and classifications

Competence Standard

Purpose:

  • Define knowledge, skills, experience, quality, and security requirements for persons or organizations

Management-System Standard

Purpose:

  • Define organizational processes, controls, records, review, and continual improvement

Interoperability Profile

Purpose:

  • Specify a compatible subset, mapping, or implementation of multiple standards

Implementation Guide

Purpose:

  • Explain practical use without creating new requirements

Provisional Specification

Purpose:

  • Support urgent implementation while evidence and consensus remain incomplete

5.2 Normative Status

Every document should state:

  • Whether it contains normative provisions
  • Who is expected to apply them
  • Whether application is voluntary
  • Which external mechanism may make them binding
  • Whether conformity assessment is intended
  • Which claims are prohibited

5.3 Standards Family

Related standards may form a family.

A family should define:

  • Architecture
  • common terminology
  • dependencies
  • optional profiles
  • version compatibility
  • maintenance coordination

5.4 Modular Standards

Frontier AI standards should be modular where possible.

Possible modules:

  • Common core
  • domain profile
  • deployment profile
  • capability profile
  • jurisdictional profile
  • assurance profile
  • security annex

5.5 Normative and Informative Separation

Normative text should be clearly distinguishable from:

  • Explanation
  • examples
  • rationale
  • notes
  • diagrams
  • historical context

5.6 Conformance Clause

A standard intended for implementation should define what it means to conform.

5.7 Claim Clause

The standard should specify permitted and prohibited public claims.

5.8 Version Clause

The standard should define how versions relate.

5.9 Maintenance Clause

The standard should define review and retirement.


6. Normative Language

6.1 Controlled Verbs

Standards Body should use controlled normative language.

Shall

Indicates a requirement.

Shall Not

Indicates a prohibition.

Should

Indicates a recommendation.

Should Not

Indicates a discouraged practice.

May

Indicates permission.

Can

Indicates possibility or capability, not permission.

6.2 Plain-Language Alternative

Where a document uses must rather than shall, the drafting convention should remain consistent and documented.

6.3 One Obligation Per Provision

A requirement should ordinarily contain one principal obligation.

6.4 Identifiable Subject

State who or what is responsible.

Weak:

Appropriate monitoring shall be performed.

Preferred:

The deployer shall monitor the system for the events listed in Section X.

6.5 Observable Requirement

A requirement intended for conformity assessment should identify evidence or observable outcome.

6.6 Avoid Undefined Qualifiers

Avoid unsupported terms such as:

  • Appropriate
  • adequate
  • sufficient
  • reasonable
  • robust
  • meaningful
  • regularly
  • timely

unless:

  • Defined
  • risk-based criteria are provided
  • professional judgment is explicitly governed
  • evidence expectations are stated

6.7 Technology Neutrality

Use technology-neutral language when the objective can be met through multiple valid approaches.

6.8 Prescriptive Language

Prescriptive requirements may be justified where:

  • Interoperability requires a common format
  • safety requires a specific control
  • performance cannot be assessed reliably
  • implementation variance creates unacceptable risk

6.9 Requirements Traceability

Each requirement should trace to:

  • Need
  • risk or objective
  • evidence
  • implementation
  • verification
  • related requirements

7. Standards Work Program

7.1 Purpose

The standards work program provides public visibility into planned and active work.

7.2 Work Program Contents

For each project, publish:

  • Project identifier
  • title
  • document class
  • purpose
  • scope
  • stage
  • responsible committee
  • chair and editor
  • participation route
  • relevant external standards
  • target dates
  • public-review status
  • maintenance owner
  • security classification
  • contact

7.3 Proposed Work

Proposed projects should be visible before authorization where practical.

7.4 Active Work

Active work should show milestone status.

7.5 Paused Work

A paused project should state:

  • Reason
  • last action
  • conditions for restart
  • review date

7.6 Discontinued Work

A discontinued project should preserve:

  • Reason
  • drafts
  • evidence
  • lessons
  • related successor work

7.7 Work Program Review

The Standards Council should review the work program at least twice each year.

7.8 Portfolio Balance

The work program should balance:

  • Foundational infrastructure
  • urgent safety needs
  • interoperability
  • evaluator capacity
  • implementation
  • maintenance
  • international coordination

7.9 No Publication Quota

The institution should not set publication quotas that incentivize weak standards.


8. Need Identification

8.1 Need Sources

A standards need may arise from:

  • Research
  • evaluation inconsistency
  • incidents
  • interoperability failure
  • legal or procurement needs
  • evaluator disagreement
  • public-interest concern
  • international coordination
  • technology change
  • implementation burden
  • market fragmentation
  • assurance demand

8.2 Need Statement

The need statement should answer:

  • What problem exists?
  • Who experiences it?
  • What evidence demonstrates it?
  • Why is a standard an appropriate response?
  • What alternatives exist?
  • What happens if no standard is developed?

8.3 Standardization Test

A standard may be appropriate when the problem requires:

  • Repeated common practice
  • comparable evidence
  • interoperability
  • shared terminology
  • minimum requirements
  • consistent reporting
  • competence recognition

8.4 Nonstandard Alternatives

Consider:

  • Research
  • guidance
  • education
  • open-source tool
  • procurement
  • bilateral agreement
  • professional practice
  • law
  • incident response
  • market competition

8.5 Prematurity Test

Do not begin formal standards work when:

  • The construct is undefined
  • evidence is contradictory and unresolved
  • implementation has not been attempted
  • one firm owns the only method
  • the problem changes too quickly for any stable core
  • conformity cannot be assessed
  • the standard would create misleading assurance

8.6 Urgency

Urgency may justify a provisional specification.

It does not eliminate the need for evidence, review, expiration, and correction.


9. Preliminary Research Stage

9.1 Purpose

The preliminary stage determines whether the topic is ready for standardization.

9.2 Research Questions

  • What is the technical state?
  • Which external standards exist?
  • Which laws or policies apply?
  • Which actors implement the practice?
  • Which failure cases exist?
  • Which evaluation methods are valid?
  • Which disagreements remain?
  • Which security issues exist?
  • Which groups may be excluded?

9.3 Deliverables

  • Landscape review
  • source register
  • terminology map
  • problem statement
  • evidence assessment
  • stakeholder map
  • standards-gap analysis
  • recommendation

9.4 Evidence Level

Apply EVIDENCE_STANDARDS.md.

9.5 Research Outcome

The outcome may recommend:

  • No standards project
  • further research
  • recommended practice
  • pilot specification
  • formal standards project
  • external liaison rather than new work

9.6 Public Research

Publish the preliminary research where safe.

9.7 Independent Review

High-consequence proposals should receive independent preliminary review.


10. New Work Proposal

10.1 Who May Propose

A proposal may be submitted by:

  • Council
  • working group
  • contributor
  • member
  • partner
  • public institution
  • evaluator
  • researcher
  • affected-party organization
  • Executive Secretariat

10.2 Required Fields

The proposal should include:

  • Identifier
  • proposed title
  • document class
  • problem
  • need
  • scope
  • non-scope
  • expected users
  • affected parties
  • evidence
  • existing standards
  • legal context
  • security
  • implementation
  • conformity-assessment intent
  • international relevance
  • resources
  • timeline
  • maintenance
  • conflicts
  • proposer

10.3 Public Notice

Publish the proposal for comment before authorization when practical.

10.4 Proposal Review

The Secretariat checks completeness.

The Standards Council assesses process and strategic fit.

The Scientific and Evaluation Council assesses technical and evidence maturity.

The Public Interest and Rights Council assesses affected-party and distributional concerns.

The International Coordination Forum assesses duplication and interoperability.

The Security Committee assesses sensitivity.

10.5 New Work Criteria

Approve only when:

  • The need is material
  • standardization is appropriate
  • scope is bounded
  • evidence maturity is sufficient for the proposed document class
  • relevant expertise can participate
  • resources exist
  • external work is addressed
  • maintenance is feasible
  • public-interest risks are manageable

10.6 New Work Decision

Possible outcomes:

  • Approve
  • approve as research
  • approve as provisional
  • revise proposal
  • combine with existing project
  • refer externally
  • defer
  • reject

10.7 Appeal

A new-work rejection may receive procedural review but does not create a right to compel Standards Body to undertake the project.


11. Project Classification

11.1 Standards Maturity

Classify using:

  • S0 research question
  • S1 research method
  • S2 recommended practice
  • S3 pilot specification
  • S4 consensus standard
  • S5 assurance-ready standard
  • S6 recognition candidate

11.2 Consequence Level

  • C0 minimal
  • C1 limited
  • C2 material
  • C3 high
  • C4 critical

11.3 Sensitivity

  • Public
  • controlled
  • confidential
  • restricted
  • highly restricted

11.4 International Scope

  • Internal
  • sectoral
  • national relevance
  • multi-jurisdictional
  • international candidate

11.5 Assurance Intent

  • No conformity assessment
  • self-assessment
  • second-party assessment
  • third-party assessment
  • certification candidate
  • regulatory support candidate

11.6 Classification Effect

Classification determines:

  • Review
  • participation
  • pilot burden
  • public-comment duration
  • approval threshold
  • maintenance cadence
  • security
  • appeal

12. Project Charter

12.1 Charter Purpose

The charter controls scope, authority, participation, and deliverables.

12.2 Charter Contents

  • Project identifier
  • title
  • purpose
  • problem
  • deliverable
  • scope
  • exclusions
  • intended users
  • affected parties
  • dependencies
  • normative intent
  • evidence maturity
  • assurance intent
  • parent committee
  • working group
  • chair
  • editor
  • membership categories
  • balance
  • decision method
  • security
  • intellectual property
  • milestones
  • public review
  • maintenance
  • sunset
  • appeal

12.3 Charter Approval

The Standards Council approves the charter.

Technical and public-interest bodies may require conditions.

12.4 Charter Change

A material scope change requires:

  • Proposed amendment
  • impact review
  • participant notice
  • approval
  • updated public record

12.5 Scope Creep

The chair and Secretariat should prevent requirements outside the charter.

12.6 Split Project

A project may be split when:

  • Different maturity levels apply
  • distinct communities are affected
  • one component delays another
  • security differs
  • consensus differs

13. Stakeholder and Interest Mapping

13.1 Purpose

Stakeholder mapping identifies who:

  • Implements
  • evaluates
  • bears cost
  • receives benefit
  • experiences harm
  • regulates
  • researches
  • depends on interoperability

13.2 Interest Categories

Possible categories:

  • Developers and providers
  • deployers and operators
  • users
  • affected non-users
  • evaluators
  • certification and accreditation bodies
  • researchers
  • public-interest organizations
  • workers
  • consumers
  • governments
  • regulators
  • procurers
  • open-source communities
  • smaller enterprises
  • international and regional institutions

13.3 Interest Versus Expertise

A participant may possess both.

Record them separately.

13.4 Missing Interests

The working group should identify interests that are absent.

13.5 Participation Plan

For each category, define:

  • Role
  • outreach
  • voting status
  • support
  • confidentiality
  • potential conflict
  • expected contribution

13.6 Update

Update the stakeholder map when scope changes.


14. Working-Group Formation

14.1 Working Group

A working group is the primary drafting and technical deliberation body.

14.2 Membership

Membership should be open under defined eligibility and competence conditions.

14.3 Voting Members

Voting status may require:

  • Participation
  • conflict disclosure
  • orientation
  • attendance
  • substantive contribution
  • conduct compliance

14.4 Observers

Observers may:

  • Attend
  • comment
  • receive public materials

They may lack voting rights or protected access.

14.5 Liaisons

Liaisons represent formal relationships with external institutions.

14.6 Chair

The chair manages process.

The chair should not unilaterally determine content.

14.7 Vice Chair

Supports continuity and acts during conflicts or absence.

14.8 Editor

The editor maintains the document and issue log.

14.9 Secretariat

The Secretariat supports:

  • Meetings
  • records
  • ballots
  • comments
  • publication
  • process compliance

14.10 Balance Review

Before substantive drafting, review composition for:

  • Dominance
  • missing categories
  • geographic concentration
  • resource imbalance
  • language
  • conflicts

14.11 Participation Support

Provide:

  • Remote meetings
  • stipends where possible
  • translation
  • accessible formats
  • orientation
  • technical assistance

14.12 Removal

A participant may be removed for:

  • Misconduct
  • confidentiality breach
  • repeated bad-faith obstruction
  • undisclosed conflict
  • inactivity where voting status requires participation

Use due process.


15. Participation, Balance, and Lack of Dominance

15.1 Balance Objective

Balance means that the process includes materially affected interests without allowing one category to control the outcome improperly.

15.2 Numerical Balance

Numerical balance can be useful.

It is not sufficient.

Five nominally independent participants funded by one actor may still constitute dominance.

15.3 Dominance Indicators

  • Majority of voting members
  • chair and editor control
  • agenda control
  • disproportionate attendance
  • model or data access control
  • funding dependence
  • coordinated voting
  • language advantage
  • ability to assign full-time staff
  • control of reference implementations
  • patent or intellectual-property leverage
  • threat of withdrawal

15.4 Dominance Review

The Secretariat and Standards Council should review dominance:

  • At formation
  • before committee draft
  • before public review
  • before approval
  • after a complaint

15.5 Corrective Measures

  • Recruit missing interests
  • add independent experts
  • limit affiliated voting
  • appoint a neutral chair
  • separate editor and sponsor roles
  • provide participation support
  • commission independent review
  • delay approval

15.6 Affiliation

Participants should disclose organizational and funding affiliations.

15.7 Coordinated Affiliates

Several participants under common control may be treated as one interest for balance analysis.

15.8 Open Participation

Open participation should not allow one organization to enroll unlimited affiliates to dominate.

15.9 Small-Actor Participation

Small actors may require:

  • Fee waivers
  • stipends
  • asynchronous participation
  • implementation support
  • shared legal and technical resources

15.10 Affected-Party Participation

Affected parties should influence:

  • Problem framing
  • risk and rights analysis
  • implementation burden
  • reporting
  • appeal

They should not be expected to provide specialist technical drafting without support.


16. Meetings and Deliberation

16.1 Meeting Notice

Provide:

  • Date
  • time
  • time zone
  • agenda
  • documents
  • participation method
  • confidentiality status

16.2 Global Scheduling

Rotate times for international groups.

16.3 Agenda Rights

Members should be able to propose agenda items.

16.4 Meeting Record

Record:

  • Attendance
  • conflicts
  • decisions
  • actions
  • objections
  • draft changes
  • votes
  • protected items

16.5 Asynchronous Deliberation

Use issue trackers, mailing lists, repositories, and written ballots to reduce geographic and scheduling barriers.

16.6 Deliberative Equality

Chairs should prevent:

  • Interruptions
  • harassment
  • repeated domination
  • private decisions presented as group decisions
  • exclusion through unexplained jargon

16.7 Closed Sessions

Closed sessions may be used for:

  • Held-out content
  • vulnerabilities
  • personal data
  • legal privilege
  • active incidents

A safe public summary should be provided where possible.

16.8 Informal Discussion

Informal work may support drafting.

Material decisions should return to the recorded process.

16.9 Meeting Accessibility

Provide reasonable accessibility and readable materials.


17. Evidence Development

17.1 Evidence Plan

The working group should maintain an evidence plan.

17.2 Evidence Categories

  • Scientific research
  • evaluation data
  • incident evidence
  • implementation experience
  • existing standards
  • legal and regulatory sources
  • expert judgment
  • affected-party evidence
  • economic and competition evidence
  • international practice

17.3 Source Quality

Apply EVIDENCE_STANDARDS.md.

17.4 Claim-Requirement Mapping

Each material requirement should map to:

  • Objective
  • evidence
  • risk or need
  • implementation
  • verification
  • uncertainty

17.5 Contrary Evidence

Maintain a contrary-evidence register.

17.6 Evidence Gaps

A gap may lead to:

  • Research requirement
  • nonnormative guidance
  • provisional status
  • narrower scope
  • withdrawal of requirement

17.7 Expert Judgment

Expert judgment should be:

  • Structured
  • conflict-aware
  • distinguishable from empirical evidence
  • documented
  • open to dissent

17.8 Confidential Evidence

A requirement may rely partly on confidential evidence only when:

  • Public evidence cannot safely support the need
  • qualified independent reviewers have access
  • the public rationale remains sufficiently understandable
  • the restriction is governed
  • the requirement is reviewable

17.9 Evidence Cutoff

The approval package should display the evidence current-through date.

17.10 Evidence Refresh

Refresh after:

  • Material new research
  • incident
  • protocol change
  • implementation failure
  • legal change
  • scheduled review

18. Requirements Engineering

18.1 Objective

Convert the identified need and evidence into clear, proportionate, implementable provisions.

18.2 Requirement Anatomy

A strong requirement identifies:

  • Responsible actor
  • required action or outcome
  • object
  • condition
  • timing
  • evidence
  • exception
  • relationship to other requirements

18.3 Requirement Types

  • Performance
  • process
  • management system
  • reporting
  • interface
  • security
  • competence
  • evaluation
  • lifecycle
  • outcome

18.4 Requirement Level

  • Baseline
  • enhanced
  • high-consequence
  • optional advanced
  • jurisdictional extension

18.5 Risk-Based Requirement

A risk-based requirement should define:

  • Risk assessment
  • decision owner
  • criteria
  • evidence
  • review
  • residual risk

18.6 Capability-Triggered Requirement

A capability trigger should define:

  • Construct
  • protocol
  • threshold
  • uncertainty
  • verification
  • resulting action
  • appeal

18.7 Process Requirement

A process requirement should not be treated as proof of outcome.

18.8 Outcome Requirement

An outcome requirement needs a valid method of assessment.

18.9 Documentation Requirement

Documentation should serve:

  • Implementation
  • evidence
  • accountability
  • continuity

Avoid documentation solely for audit appearance.

18.10 Proportionality

Assess:

  • Consequence
  • system scale
  • actor capacity
  • implementation cost
  • competition
  • alternatives
  • reversibility

18.11 Exceptions

Exceptions should be:

  • Defined
  • justified
  • documented
  • approved
  • time-limited where possible
  • reviewable

18.12 Equivalent Methods

Permit equivalent evidence when:

  • The objective is met
  • validity is demonstrated
  • interoperability remains sufficient
  • the standard does not require a unique interface

18.13 Requirement Test

Before inclusion, ask:

  • Is it necessary?
  • Is it understandable?
  • Is it implementable?
  • Is it verifiable?
  • Is it proportionate?
  • Is it evidence-supported?
  • Can it be gamed?
  • Can it be maintained?

19. Drafting Process

19.1 Working Drafts

Working drafts may be produced iteratively.

They have no approved standards status.

19.2 Draft Ownership

The working group owns substantive content within its charter.

The editor maintains form and approved changes.

19.3 Issue Tracker

Maintain a public or appropriately controlled issue tracker.

19.4 Draft Change Record

Record material changes and rationale.

19.5 Draft Structure

A standard should ordinarily include:

  • Foreword
  • introduction
  • scope
  • non-scope
  • normative references
  • terms and definitions
  • requirements
  • conformity or implementation provisions
  • annexes
  • bibliography
  • revision history

19.6 Scope Clause

The scope should identify:

  • Object
  • actors
  • lifecycle
  • domain
  • jurisdictional assumptions
  • intended use
  • excluded use

19.7 Normative References

A normative reference is required for implementation.

Use stable and accessible references where possible.

19.8 Informative References

Informative references support explanation but do not create required dependencies.

19.9 Definitions

Use TERMINOLOGY.md and TAXONOMY.md.

New definitions should be reviewed for cross-library consistency.

19.10 Notes and Examples

Notes and examples should not contain hidden requirements.

19.11 Annexes

Identify each annex as normative or informative.

19.12 Draft Quality Review

Review:

  • Technical consistency
  • normative language
  • cross-references
  • undefined terms
  • testability
  • accessibility
  • security
  • legal overclaim
  • public claims

20. Editorial Governance

20.1 Editor Role

The editor:

  • Incorporates approved changes
  • maintains structure
  • applies style
  • tracks issues
  • prepares publication files

20.2 Editor Limits

The editor may not silently:

  • Add requirements
  • remove agreed requirements
  • resolve substantive objections
  • alter thresholds
  • change scope
  • change normative force

20.3 Editorial Changes

Minor corrections may be accepted through a streamlined process.

20.4 Technical Editing

A technical editor may improve:

  • Precision
  • consistency
  • testability
  • cross-reference
  • machine readability

20.5 Legal Editing

Legal review may identify:

  • Unsupported legal claims
  • jurisdictional ambiguity
  • incorporation risk
  • intellectual-property issues

Legal review should not control technical substance beyond its role.

20.6 Plain-Language Review

Public-facing summaries should receive plain-language review.

20.7 Machine-Readable Artifacts

Schemas and code should be versioned with the text.


21. Intellectual Property and Licensing

21.1 Intellectual-Property Policy

A mature standards program should adopt a public intellectual-property policy before accepting formal technical contributions.

21.2 Contribution Rights

Contributors should grant sufficient rights for Standards Body to:

  • Reproduce
  • edit
  • publish
  • translate
  • maintain
  • archive
  • create machine-readable versions

21.3 Contributor Ownership

The policy should clarify whether contributors retain copyright in original contributions and which license applies.

21.4 Standards License

The public should understand:

  • Reading rights
  • implementation rights
  • quotation rights
  • redistribution rights
  • translation rights
  • derivative-profile rights

21.5 Open Access

Core public-interest standards should be freely readable.

21.6 Reference Implementations

Reference code should use a clear open-source or source-available license appropriate to interoperability and security.

21.7 Data and Task Rights

Evaluation tasks and datasets may need separate licensing and access controls.

21.8 Third-Party Material

Do not include third-party protected material without permission or applicable legal basis.

21.9 Brand and Mark

Copyright access does not create a right to claim endorsement or use certification marks.


22. Patent and Essential-Claims Policy

22.1 Need

Technical standards can implicate patents.

A patent policy should exist before standards likely to require patented technology are approved.

22.2 Disclosure

Participants should disclose known patent claims that may be essential, subject to lawful policy.

22.3 Essential Claim

An essential claim is a patent claim that cannot be avoided in implementing a normative requirement without a technically and commercially reasonable alternative, as defined by the adopted policy.

22.4 Licensing Commitment

Possible approaches:

  • Royalty-free
  • reasonable and nondiscriminatory
  • exclusion of patented requirement
  • alternative implementation
  • case-specific commitment

W3C's patent policy seeks royalty-free implementation of its specifications, while other standards systems use different models.[^w3c-patent]

22.5 Neutrality

Standards Body should not adjudicate patent validity unless legally authorized.

22.6 Patent Search

Standards Body does not guarantee that all patents have been identified.

22.7 Conflict

Patent holders participating in drafting should disclose relevant interests.

22.8 Proprietary Lock-In

Avoid requirements that make one vendor's proprietary technology unavoidable when open or equivalent alternatives exist.


23. Security and Confidential Drafting

23.1 Open Baseline

Drafting should be open by default.

23.2 Protected Work

Protection may be necessary for:

  • Held-out evaluation tasks
  • vulnerabilities
  • exploit methods
  • biological or chemical details
  • system prompts
  • restricted model information
  • personal data
  • active incidents

23.3 Protected Annex

A standard may contain:

  • Public normative core
  • controlled implementation annex
  • restricted test annex
  • confidential evidence package

23.4 Public Accountability

The public document should explain:

  • Protected category
  • reason
  • governance
  • access criteria
  • review date
  • effect on implementation and review

23.5 Access

Use role-based access and chain of custody.

23.6 Restricted Participation

Participants in protected drafting should meet:

  • Need
  • competence
  • conflict
  • security
  • legal requirements

23.7 Independent Review

Restricted provisions require independent review by persons with sufficient access.

23.8 Compromise

Compromise may require:

  • Draft suspension
  • task replacement
  • security investigation
  • public notice
  • validity review
  • withdrawal

24. Prototype and Pilot Stage

24.1 Purpose

Piloting tests whether the draft works outside the drafting room.

24.2 Pilot Requirement

A high-consequence technical or assurance standard should ordinarily receive a pilot before final approval.

24.3 Pilot Participants

Seek variation in:

  • Organization size
  • system type
  • region
  • technical architecture
  • evaluator
  • resource level
  • open and closed systems

24.4 Pilot Questions

  • Can implementers understand the standard?
  • Can they produce the required evidence?
  • Do evaluators agree?
  • Which requirements are ambiguous?
  • What does implementation cost?
  • Which actors are excluded?
  • Does the standard reduce the target problem?
  • Can it be gamed?
  • Does it create unexpected risk?

24.5 Reference Implementation

For interface or data standards, build or test a reference implementation where feasible.

IETF's longstanding emphasis on open process, technical competence, rough consensus, and running code illustrates the value of implementation evidence in technical standardization.[^ietf-process]

24.6 Pilot Evidence

Preserve:

  • Implementation records
  • deviations
  • costs
  • evaluator findings
  • incidents
  • participant feedback
  • unresolved issues

24.7 Pilot Status

A pilot does not establish conformity or approval unless explicitly defined.

24.8 Pilot Failure

Failure may lead to:

  • Revision
  • narrower scope
  • guidance rather than standard
  • further research
  • termination

25. Committee Draft

25.1 Readiness

A working draft may become a committee draft when:

  • Scope is stable
  • normative provisions are identified
  • major evidence is available
  • pilot plan or evidence exists
  • conflicts are disclosed
  • the working group supports advancement

25.2 Advancement Package

Include:

  • Draft
  • change log
  • evidence map
  • implementation evidence
  • balance report
  • substantial objections
  • security status
  • public-interest review
  • editor report

25.3 Approval

The working group approves advancement according to its charter.

25.4 Committee-Draft Label

The document should state that it is not an approved standard.

25.5 Multiple Committee Drafts

A project may produce several committee drafts.

25.6 External Review Before Public Review

High-consequence drafts should receive independent technical or methodological review before public release.


26. Public Review

26.1 Purpose

Public review permits interested persons to examine and challenge the draft before approval.

26.2 Notice

The public notice should state:

  • Project
  • document class
  • scope
  • status
  • review period
  • access
  • comment method
  • related materials
  • confidentiality limits
  • contact
  • next stage

26.3 Review Period

Recommended minimum periods:

  • First public review: 45 days
  • Subsequent substantive review: 30 days
  • Narrow correction: 15 days
  • Urgent provisional draft: 15 days, followed by a fuller review after publication

The Standards Council may approve a different period with reasons.

26.4 Extended Review

Use 60 to 90 days when:

  • The document is complex
  • implementation consequences are high
  • translation is needed
  • international consultation is expected
  • legal incorporation is plausible
  • holidays materially reduce access

26.5 Draft Access

The public-review draft should be freely accessible during review.

26.6 Supporting Materials

Publish where safe:

  • Evidence map
  • issue list
  • pilot report
  • impact assessment
  • implementation examples
  • known dissent
  • comparison to external standards

26.7 Comment Channels

Support:

  • Structured form
  • email
  • repository issue
  • formal submission
  • accessible alternative

26.8 Commenter Information

Request:

  • Name
  • affiliation
  • interest
  • clause
  • comment
  • rationale
  • proposed change
  • confidentiality request

Anonymous comments may be considered when sufficiently specific.

26.9 Public Comment Status

Comments should ordinarily be public.

Protected submissions may be accepted for:

  • Security
  • personal data
  • confidential implementation evidence
  • whistleblowing
  • legal restriction

26.10 Outreach

Directly notify:

  • Known affected groups
  • relevant standards bodies
  • regulators
  • public-interest organizations
  • evaluators
  • developers
  • regional partners
  • smaller-actor networks

26.11 Public Hearing

A hearing or workshop may supplement written review.

It should not replace written comments and records.


27. Comment Management

27.1 Comment Register

Assign each comment:

  • Identifier
  • source
  • clause
  • category
  • proposed action
  • status
  • response
  • responsible person

27.2 Comment Categories

  • Editorial
  • technical
  • evidence
  • scope
  • rights and public interest
  • security
  • legal
  • implementation
  • interoperability
  • competition
  • process
  • duplicate
  • outside scope

27.3 Duplicate Comments

Similar comments may be grouped.

Do not use grouping to hide the scale or diversity of concern.

27.4 Comment Response

A response should state:

  • Accepted
  • accepted with modification
  • partly accepted
  • rejected
  • deferred
  • outside scope

and explain why.

27.5 Material Comment

A comment is material when it may change:

  • Scope
  • requirement
  • threshold
  • rights effect
  • implementation cost
  • security
  • conformity assessment
  • legal interpretation
  • consensus

27.6 Protected Comment

A protected comment should receive the same substantive consideration as a public comment.

27.7 Response Publication

Publish the comment-disposition report, subject to redaction.

27.8 Commenter Notification

Notify commenters of disposition and appeal rights where applicable.

27.9 Unresolved Objection

A commenter may identify the response as unresolved.

The working group should determine whether it is a substantial objection.


28. Substantial Objections

28.1 Criteria

A substantial objection should be:

  • Specific
  • relevant
  • reasoned
  • material to the standard or process
  • supported where possible

28.2 Grounds

  • Technical invalidity
  • insufficient evidence
  • severe safety concern
  • rights concern
  • disproportionate burden
  • anticompetitive effect
  • incompatibility
  • legal overclaim
  • lack of balance
  • procedural exclusion
  • security weakness
  • impossible conformity assessment

28.3 Response Duty

The working group should:

  1. acknowledge the objection;
  2. understand its basis;
  3. examine evidence;
  4. attempt resolution;
  5. document changes;
  6. preserve unresolved elements;
  7. notify the objector.

28.4 Resolution Methods

  • Change draft
  • clarify
  • add alternative method
  • narrow scope
  • create profile
  • add safeguard
  • obtain more evidence
  • defer provision
  • preserve dissent
  • reject with reasons

28.5 No Veto

A substantial objection does not automatically create a veto.

28.6 No Dismissal by Minority Status

An objection is not weak merely because few participants support it.

28.7 Unresolved Objector

An unresolved objector should receive notice of procedural appeal rights.

ANSI's standards process similarly requires unresolved objectors to be notified of appeal rights.[^ansi-appeal]

28.8 Objection Register

Preserve unresolved objections with the standard's approval package.


29. Consensus Determination

29.1 Responsibility

The working group assesses technical consensus.

The Standards Council verifies the process and makes the formal consensus determination within its authority.

29.2 Consensus Evidence

Consider:

  • Participation balance
  • voting or polling
  • substantial objections
  • response quality
  • implementation evidence
  • public comments
  • independent review
  • affected-party concerns
  • international reservations
  • meeting and issue records

29.3 Consensus Indicators

  • Broad support across interest categories
  • no unaddressed critical objection
  • reasoned resolution
  • implementation feasibility
  • acceptance of remaining limitations

29.4 Consensus Failure

Consensus is not established when:

  • One category dominates
  • material evidence was unavailable
  • critical objections were ignored
  • participants lacked notice
  • the draft changed substantially without review
  • protected information prevented adequate independent challenge
  • voting was manipulated

29.5 Polls

Informal polls may identify direction.

They do not replace the final consensus assessment.

29.6 Consensus Call

The chair may issue a formal consensus call.

It should state:

  • Question
  • draft version
  • response period
  • options
  • objection process
  • record

29.7 Consensus Report

The chair and Secretariat should prepare:

  • Participation
  • support
  • objections
  • changes
  • unresolved issues
  • chair assessment
  • editor confirmation
  • minority statement

29.8 Council Review

The Standards Council may:

  • Confirm consensus
  • require further work
  • require new public review
  • approve nonconsensus publication status
  • discontinue

30. Voting

30.1 Role of Voting

Voting may:

  • Approve milestones
  • confirm membership decisions
  • resolve procedural matters
  • support consensus evidence
  • approve a standard where procedures permit

30.2 Voting Is Not Consensus by Itself

A high positive percentage does not cure:

  • Dominance
  • exclusion
  • ignored objection
  • invalid evidence

30.3 Eligible Voters

Voting eligibility should be based on:

  • Defined membership
  • conflict compliance
  • participation
  • affiliation controls
  • role

30.4 One Organization, Multiple Participants

Affiliated participants may contribute.

Voting rules should prevent one organization from multiplying control.

30.5 Working-Group Advancement

Recommended default:

  • At least two-thirds of eligible votes cast support advancement
  • and no unresolved critical process defect exists

The charter may use a different rule.

30.6 Final Standards Ballot

Recommended default:

  • At least two-thirds of eligible unconflicted voters support approval
  • less than one-quarter oppose
  • quorum and balance are met
  • consensus is separately determined

30.7 Abstention

An abstention is not support or opposition.

30.8 Nonresponse

Nonresponse should not automatically count as approval.

30.9 Written Ballot

Final ballots should ordinarily be written and recorded.

30.10 Ballot Comments

Negative votes should include reasons.

A negative vote without reason may remain recorded but cannot always be resolved.

30.11 Recirculation

Material changes made after ballot should be recirculated.


31. Recirculation and Additional Review

31.1 Material Change

A material change affects:

  • Scope
  • normative requirement
  • threshold
  • conformance
  • implementation burden
  • rights
  • security
  • legal effect
  • interoperability

31.2 Recirculation Requirement

Material changes after public review should receive additional review.

31.3 Review Scope

The additional review may be limited to changed sections if:

  • Context remains understandable
  • dependencies are included
  • the Standards Council approves

31.4 Nonmaterial Change

Editorial and clarifying changes may not require new public review.

31.5 Materiality Decision

The chair proposes.

The Secretariat and Standards Council review.

31.6 Disputed Materiality

A participant may appeal a refusal to recirculate a material change.


32. Independent Review

32.1 Purpose

Independent review challenges the standard beyond the drafting group.

32.2 Required Review

C3 and C4 standards should ordinarily receive independent review.

S5 assurance-ready standards should receive:

  • Technical review
  • conformity-assessment review
  • public-interest review
  • implementation review

32.3 Reviewer Selection

Use:

  • Competence
  • independence
  • access
  • conflict disclosure
  • diversity of method
  • no result-dependent compensation

32.4 Review Scope

  • Need
  • construct
  • evidence
  • normative requirements
  • testability
  • implementation
  • security
  • public claims
  • competition
  • maintenance

32.5 Reviewed-Party Response

The working group responds to findings.

32.6 Reviewer Dissent

Publish or preserve material dissent.

32.7 Confidential Review

Reviewers may receive protected evidence under controls.

32.8 Review Status

State whether review was:

  • Limited
  • full
  • technical
  • methodological
  • legal
  • security
  • public-interest
  • conformity-assessment

32.9 No Prestige Substitute

A famous reviewer does not replace a defined mandate and method.


33. Public-Interest and Rights Review

33.1 Trigger

Required for standards that may affect:

  • Rights
  • employment
  • public services
  • health
  • critical infrastructure
  • access
  • competition
  • vulnerable populations
  • public surveillance
  • information ecosystems

33.2 Assessment

Examine:

  • Benefits
  • harms
  • burden
  • distribution
  • accessibility
  • discrimination
  • privacy
  • due process
  • labor
  • market concentration
  • environment
  • international inequality

33.3 Alternatives

Consider whether a less restrictive or less burdensome standard could achieve the objective.

33.4 Affected-Party Evidence

Include direct evidence where possible.

33.5 Council Opinion

The Public Interest and Rights Council may:

  • Support
  • support with conditions
  • require reconsideration
  • issue dissent
  • recommend no approval

33.6 Record

Publish the opinion and response where safe.


34. Competition and Market Review

34.1 Purpose

Standards can shape market access.

34.2 Review Questions

  • Does the standard favor incumbents?
  • Does it require proprietary technology?
  • Can equivalent methods comply?
  • Are costs proportionate?
  • Can small organizations implement it?
  • Does it create evaluator concentration?
  • Does it tie compliance to membership?
  • Does it create patent lock-in?
  • Does it conflict with open-source distribution?

34.3 Competition Controls

  • Performance-based requirements
  • equivalent-method pathways
  • open schemas
  • public reference implementations
  • reduced fees
  • shared infrastructure
  • modular profiles
  • transition periods

34.4 No Protection of Business Model

A standard should not protect Standards Body's own services or partner revenues.

34.5 Review Record

Include competition findings in the approval package.


35. International and Coherence Review

35.1 Existing Standards Search

Before approval, review:

  • ISO and IEC
  • IEEE
  • ITU
  • IETF
  • W3C
  • OASIS
  • CEN, CENELEC, and ETSI
  • national standards
  • sector standards
  • regulatory technical standards
  • public frameworks

35.2 Coherence Decision

Determine whether to:

  • Adopt
  • reference
  • profile
  • extend
  • map
  • collaborate
  • proceed independently with reasons

35.3 International Participation

Invite relevant cross-regional institutions.

35.4 National Differences

Preserve legitimate local extensions.

35.5 Translation

Translate key public-review material for international candidates where resources permit.

35.6 International Standard Claim

Do not call a document an international standard merely because participants come from several countries.

The WTO principles require meaningful opportunities for relevant bodies across members and avoidance of privilege for particular suppliers, countries, or regions.[^wto-principles]

35.7 Formal Liaison

A liaison should have an authorized mandate.


36. Security Review

36.1 Trigger

Required when the standard concerns:

  • Held-out evaluation
  • cyber capabilities
  • biological or chemical risks
  • system vulnerabilities
  • controlled model access
  • incident exchange
  • sensitive infrastructure
  • personal data

36.2 Questions

  • What information may create harm?
  • Which implementation details must remain protected?
  • Can conformity be demonstrated securely?
  • Can external participants review sufficiently?
  • Does the standard expose safeguards?
  • What happens after compromise?

36.3 Security Annex

Use protected annexes where appropriate.

36.4 Public Minimum

Publish enough for:

  • Understanding
  • implementation eligibility
  • governance
  • appeal
  • claim limits

36.5 Security Approval

The Security Committee should approve restrictions, not the technical content as a whole.


37. Conformity-Assessment Readiness

37.1 Separate Decision

Approval as a standard does not establish readiness for conformity assessment.

37.2 Readiness Questions

  • Is the object defined?
  • Are requirements unambiguous?
  • Is evidence specified?
  • Are methods valid?
  • Can different evaluators agree?
  • Are competence requirements defined?
  • Are sampling and surveillance defined?
  • Are claims controlled?
  • Can status be suspended or withdrawn?
  • Are appeals possible?

37.3 Assurance Categories

  • Self-assessment
  • second-party assessment
  • third-party evaluation
  • audit
  • inspection
  • certification

37.4 Conformity Annex

An assurance-ready standard should include or reference:

  • Conformity criteria
  • evidence
  • assessment method
  • sampling
  • decision rules
  • reporting
  • nonconformity
  • surveillance
  • status
  • appeal

37.5 Accreditation Scope

If external accreditation is contemplated, define the competence scope precisely.

37.6 False Assurance Risk

Do not create an assurance scheme where conformance can be achieved through paperwork without meaningful outcomes.


38. Approval Package

38.1 Required Contents

The final package should include:

  • Final draft
  • project charter
  • need statement
  • evidence map
  • stakeholder and balance report
  • meeting and ballot records
  • pilot and implementation evidence
  • public comments
  • comment disposition
  • substantial objections
  • consensus report
  • independent reviews
  • public-interest opinion
  • competition review
  • international review
  • security review
  • conformity-assessment readiness
  • implementation plan
  • maintenance plan
  • intellectual-property statement
  • appeals status

38.2 Completeness Check

The Secretariat performs a process-completeness check.

38.3 Technical Recommendation

The working group recommends approval.

38.4 Council Decision

The Standards Council determines:

  • Process compliance
  • consensus
  • document status
  • remaining conditions

38.5 Higher Review

The Governing Board should not ordinarily approve individual technical standards.

Board approval may be required where:

  • The institution is entering a new authority stage
  • the standard creates major financial or legal risk
  • certification or public-law recognition is implicated
  • the governance framework reserves the decision

39. Approval Outcomes

39.1 Approve

The standard meets the process.

39.2 Approve With Conditions

Conditions may concern:

  • Effective date
  • pilot
  • implementation guidance
  • security
  • review
  • public claims
  • missing translation

39.3 Provisional Approval

Use when urgent implementation is justified but evidence or consensus remains incomplete.

39.4 Return for Revision

Material issues remain.

39.5 Publish as Guidance

The content is useful but not ready for standards status.

39.6 Defer

Await:

  • Evidence
  • external standard
  • legal change
  • implementation
  • resources

39.7 Reject

The project should not advance.

39.8 Discontinue

No further active work is planned.

39.9 Approval Record

Publish reasons and status.


40. Appeals

40.1 Appeal Scope

Appeals concern procedural due process and authority.

They may address whether a technical issue received fair consideration.

They do not allow the Appeals Panel to replace the technical committee merely because it prefers a different technical outcome.

40.2 Eligible Grounds

  • Lack of notice
  • exclusion
  • dominance
  • conflict
  • failure to consider comment
  • improper consensus determination
  • material change without recirculation
  • lack of authority
  • security overclassification
  • unequal treatment
  • failure to follow procedure

40.3 Internal Resolution

First seek resolution within:

  • Working group
  • Standards Council

40.4 Independent Appeal

Unresolved procedural appeals go to the Appeals and Review Panel.

40.5 Interim Status

Approval may be paused when the appeal could materially affect validity.

40.6 Appeal Record

Publish a reasoned decision or safe summary.

40.7 External Rights

Internal appeal does not replace legal or contractual rights.


41. Publication

41.1 Publication Authority

The Standards Council authorizes publication after approval and resolution of eligible appeals.

41.2 Publication Package

Publish:

  • Standard
  • identifier
  • version
  • approval date
  • effective date
  • status
  • scope
  • normative status
  • public claims
  • implementation resources
  • comment-disposition summary
  • unresolved dissent
  • maintenance owner
  • review date
  • correction channel

41.3 Stable Identifier

Each standard should receive a persistent identifier.

Preferred pattern:

SB-STD-[DOMAIN]-[YEAR]-[SEQUENCE]

41.4 Version

Use semantic or controlled edition numbering.

41.5 Effective Date

The effective date may follow publication to permit transition.

41.6 Free Public Access

Core standards should be freely readable.

41.7 Machine-Readable Publication

Publish where relevant:

  • JSON Schema
  • JSON-LD
  • XML
  • YAML
  • controlled vocabularies
  • test code
  • reference implementations

41.8 Accessible Format

Provide accessible HTML and downloadable formats.

41.9 Citation

Provide a canonical citation.

41.10 Public Summary

Explain:

  • Problem
  • requirements
  • intended users
  • limitations
  • status
  • nonclaims

41.11 Protected Components

Explain how qualified implementers or evaluators may access controlled components.

41.12 Publication Archive

Preserve all public versions.


42. Status and Claims

42.1 Status Labels

  • Research draft
  • working draft
  • committee draft
  • public-review draft
  • provisional specification
  • approved standard
  • confirmed standard
  • amended standard
  • superseded standard
  • withdrawn standard
  • retired standard

42.2 Accurate Use

Every public page and file should display current status.

42.3 Approved Standards Body Standard

This label means only that the document completed the approved Standards Body process.

42.4 Conformity Claim

An organization may claim conformity only when:

  • The relevant version is identified
  • scope is identified
  • evidence exists
  • the claim follows the standard
  • any assessment party is identified

42.5 Prohibited Claims

Unless separately established, prohibit:

  • Officially safe
  • government approved
  • regulator certified
  • globally certified
  • internationally approved
  • accredited by Standards Body
  • guaranteed compliant
  • risk free

42.6 Membership Claim

Membership does not establish conformity.

42.7 Participation Claim

Participation in drafting does not establish endorsement.

42.8 Pilot Claim

Pilot participation does not establish certification.

42.9 Registry Verification

Where a claim depends on current status, provide a public registry.


43. Implementation

43.1 Implementation Plan

The standard should define:

  • Intended implementers
  • prerequisites
  • transition
  • dependencies
  • evidence
  • support
  • monitoring
  • review

43.2 Implementation Guide

Provide nonnormative guidance where useful.

43.3 Reference Artifacts

Possible artifacts:

  • Templates
  • schemas
  • checklists
  • sample reports
  • code
  • test data
  • mappings
  • decision records

43.4 Training

Training may support adoption.

Completion of Standards Body training should not be required where equivalent competence exists unless justified.

43.5 Help Desk

A support channel may answer implementation questions.

Responses that change normative meaning should enter the formal interpretation process.

43.6 Implementation Community

Create forums for:

  • Questions
  • examples
  • issue reporting
  • translation
  • interoperability
  • feedback

43.7 Small-Actor Support

Provide:

  • Simplified guidance
  • shared infrastructure
  • open tools
  • phased implementation
  • reduced fees
  • technical assistance

43.8 Implementation Data

Collect:

  • Adoption
  • cost
  • ambiguity
  • nonconformity
  • evaluator disagreement
  • unintended effects
  • innovation
  • burden

43.9 No Adoption Theater

Adoption should not be measured solely by downloads, signatures, or public pledges.


44. Adoption and External Use

44.1 Voluntary Adoption

Organizations may voluntarily adopt a standard.

44.2 Contractual Adoption

A contract may incorporate the standard.

The contract should identify:

  • Version
  • scope
  • evidence
  • remedies
  • update rules

44.3 Procurement Adoption

A purchaser may require conformity.

Procurement should permit equivalent evidence where appropriate.

44.4 Certification Adoption

A certification scheme may use the standard if assurance readiness is established.

44.5 Regulatory Adoption

A regulator or legislature may:

  • Reference
  • incorporate
  • recognize
  • adapt
  • require

the standard through its own authority.

44.6 Presumption of Conformity

Standards Body cannot create a legal presumption of conformity by itself.

In the European Union, harmonized standards referenced in the Official Journal can support presumption of conformity under applicable legislation, illustrating how legal effect arises from the public legal framework rather than standards publication alone.[^eu-ai-standardisation]

44.7 Government Relationship

When public authorities consider adoption, Standards Body should provide:

  • Current version
  • evidence
  • limitations
  • maintenance
  • implementation
  • dissent
  • transition
  • international mappings

44.8 Dynamic Incorporation Risk

Automatic incorporation of future revisions can create accountability and delegation concerns.

External authorities should determine how updates take effect.

44.9 Legal Review

Standards Body should obtain qualified review before representing legal effect.


45. Interpretation

45.1 Purpose

An interpretation clarifies existing meaning.

It does not create a new requirement.

45.2 Request

An interpretation request should identify:

  • Standard
  • version
  • clause
  • question
  • implementation context
  • urgency

45.3 Screening

Determine whether the request is:

  • Editorial
  • implementation support
  • formal interpretation
  • amendment request
  • dispute
  • outside scope

45.4 Authority

The responsible maintenance group prepares interpretations.

The Standards Council approves formal interpretations.

45.5 Process

  • Review original intent
  • inspect records
  • examine implementation
  • assess legal and technical effect
  • check whether the answer changes requirements
  • publish response

45.6 No Hidden Amendment

If the answer changes normative meaning, use amendment or revision.

45.7 Interpretation Status

Interpretations should display:

  • Identifier
  • date
  • version
  • authority
  • status
  • affected clause

45.8 Conformity Effect

A formal interpretation may affect future conformity decisions.

Transition should be provided where reliance existed.


46. Errata and Corrections

46.1 Erratum

An erratum corrects a clear error without changing intended normative substance.

46.2 Types

  • Typographical
  • cross-reference
  • formatting
  • schema
  • example
  • translation
  • technical editorial
  • substantive correction

46.3 Editorial Errata

May use a streamlined approval process.

46.4 Substantive Correction

A change affecting normative meaning requires amendment or revision.

46.5 Errata Register

Publish:

  • Standard
  • clause
  • error
  • correction
  • date
  • status
  • incorporated version

46.6 Urgent Correction

A safety- or security-relevant error may require:

  • Immediate warning
  • temporary suspension
  • corrected edition
  • implementation notice
  • re-evaluation

46.7 No Silent Replacement

Preserve the original version and visible correction.


47. Amendment

47.1 Purpose

An amendment changes a bounded part of an approved standard.

47.2 Amendment Proposal

Include:

  • Clauses
  • reason
  • evidence
  • implementation impact
  • conformity impact
  • security
  • transition
  • public-review need

47.3 Process

A substantive amendment should ordinarily receive:

  • Working-group review
  • public review
  • comment disposition
  • consensus
  • approval
  • appeals

47.4 Combined Text

Publish a consolidated edition or clearly link the amendment.

47.5 Versioning

Amendments should update the version.

47.6 Compatibility

State whether the amendment is:

  • Backward compatible
  • conditionally compatible
  • breaking

48. Revision

48.1 Revision Trigger

  • Scheduled review
  • new evidence
  • incident
  • implementation failure
  • legal change
  • technology change
  • interoperability need
  • accumulated amendments
  • obsolete terminology
  • assurance failure

48.2 Revision Scope

A revision may replace the complete standard.

48.3 Process

A major revision should follow the full standards process proportionate to changes.

48.4 Bridge

Provide:

  • Change summary
  • clause mapping
  • migration
  • evidence
  • compatibility
  • effective date
  • treatment of prior conformity

48.5 Existing Certificates or Claims

A new version does not automatically invalidate prior certificates or claims.

The scheme or adopting authority should define transition.

48.6 Revision History

Preserve all editions.


49. Systematic Review of Standards

49.1 Review Cycle

Suggested default:

  • Frontier technical and evaluation standards: every one to three years
  • Stable terminology and infrastructure standards: every three to five years
  • Provisional specifications: every six to twelve months
  • Incident-triggered review: immediate as appropriate

49.2 Review Questions

  • Does the need remain?
  • Is the evidence current?
  • Is the construct valid?
  • Is the standard implemented?
  • Are requirements effective?
  • Are there incidents?
  • Is the burden proportionate?
  • Is the market distorted?
  • Are external standards available?
  • Is conformity consistent?
  • Does the standard remain secure?
  • Should it be confirmed, revised, or withdrawn?

49.3 Public Input

Request implementation and review evidence.

49.4 Outcomes

  • Confirm
  • amend
  • revise
  • split
  • merge
  • supersede
  • withdraw
  • retire

49.5 Confirmation

Confirmation should not be automatic after silence.

49.6 Review Record

Publish the evidence and decision.


50. Supersession, Withdrawal, and Retirement

50.1 Supersession

A new standard or version replaces the prior one.

50.2 Withdrawal

Approval ends because:

  • The standard is invalid
  • obsolete
  • harmful
  • compromised
  • duplicative
  • unsupported
  • impossible to maintain

50.3 Retirement

Active maintenance ends.

A retired standard may remain historically relevant.

50.4 Withdrawal Proposal

May arise from:

  • Maintenance group
  • Standards Council
  • incident
  • appeal
  • external standard
  • public authority
  • implementer

50.5 Due Process

Where organizations rely on the standard, provide:

  • Notice
  • reasons
  • comment
  • transition
  • appeal

unless urgent harm requires immediate suspension.

50.6 Suspension

Temporarily suspend status when:

  • Integrity is compromised
  • a serious error is under investigation
  • security is breached
  • governance is invalid

50.7 Registry

Update status immediately.

50.8 Public Claims

Organizations should stop making current-conformity claims after withdrawal according to the transition rule.


51. Urgent and Provisional Standards

51.1 Purpose

A provisional specification may address urgent coordination or safety needs before the full evidence and consensus process is complete.

51.2 Eligibility

Use only when:

  • Delay creates material risk or fragmentation
  • a bounded stable core exists
  • uncertainty can be disclosed
  • implementation can be monitored
  • expiration is defined

51.3 Required Controls

  • Explicit provisional label
  • evidence and uncertainty
  • limited scope
  • rapid independent review
  • public comment
  • expiration
  • monitoring
  • no broad certification
  • full-review plan

51.4 Approval

The Standards Council may approve under an urgent process.

C4 matters may require additional governance review.

51.5 Duration

Recommended maximum:

  • Twelve months without formal renewal

51.6 Renewal

Renewal requires evidence and public review.

51.7 Transition

A provisional specification may become:

  • Consensus standard
  • recommended practice
  • revised provisional specification
  • withdrawn

51.8 No Permanent Provisional Status

Repeated renewal should trigger governance review.


52. Fast-Track and Adoption of External Standards

52.1 Fast-Track Purpose

Avoid duplicating mature external work.

52.2 Eligible External Document

Consider:

  • Process quality
  • technical relevance
  • access
  • licensing
  • evidence
  • participation
  • implementation
  • maintenance
  • interoperability
  • public-interest impact

52.3 Adoption Types

  • Normative reference
  • endorsement
  • profile
  • republication by permission
  • local adoption
  • crosswalk
  • joint standard

52.4 Fast-Track Process

  • Proposal
  • external-process assessment
  • gap analysis
  • public review
  • local requirements
  • approval
  • maintenance and update linkage

52.5 No Blind Adoption

Prestige of the external organization is not enough.

52.6 External Change

Define how later external revisions affect the Standards Body adoption.

52.7 Withdrawal

If the external source is withdrawn or materially changed, review promptly.


53. Joint Standards Development

53.1 Purpose

Standards Body may develop work jointly with another institution.

53.2 Agreement

Define:

  • Scope
  • governance
  • decision rules
  • branding
  • intellectual property
  • publication
  • comments
  • appeals
  • security
  • maintenance
  • withdrawal
  • conflict resolution

53.3 Equal Process

The joint process should meet the stronger applicable due-process requirement.

53.4 Authority Claims

State which organization approved the document and under which process.

53.5 Joint Maintenance

Assign ownership and update procedure.

53.6 Failure

Define what happens if the partners disagree or withdraw.


54. International Standards Candidate Process

54.1 Candidate Status

A Standards Body document may be classified as an international candidate only after demonstrating:

  • Cross-regional participation
  • open opportunity
  • no country or region dominance
  • multilingual or translation planning
  • development-dimension consideration
  • coherence review
  • international implementation
  • durable governance

54.2 National Bodies

Standards Body should cooperate with national standards bodies rather than claim to replace their representative role.

54.3 International Organization Path

Possible pathways:

  • Liaison
  • contribution
  • joint development
  • national adoption
  • regional adoption
  • submission to an established international process

54.4 Evidence Portability

International candidates should support:

  • Common metadata
  • local extensions
  • equivalence
  • recognition
  • translations
  • jurisdictional profiles

54.5 Reservations

Preserve regional or national reservations.

54.6 No Universal Claim

No document should be described as universally accepted.


55. Translation and Localization

55.1 Translation Status

Translations may be:

  • Official
  • approved
  • community
  • informative
  • machine-assisted
  • draft

55.2 Controlling Language

State which version controls if differences arise.

55.3 Translation Process

  • Qualified translator
  • technical review
  • terminology review
  • local review
  • public correction
  • version alignment

55.4 Normative Meaning

A translation intended for conformity should preserve normative force.

55.5 Localization

A local profile may adapt:

  • Law
  • institutions
  • terminology
  • examples
  • reporting
  • implementation

It should not silently weaken the common core.

55.6 Translation Equity

Do not require all participation to occur only in one language where an international process claims broad reach.


56. Standards and Regulation

56.1 Distinction

A voluntary standard and a binding regulation are distinct.

56.2 Regulatory Request

A public authority may request standards work.

The request should be public where lawful and should not eliminate the standards process.

56.3 Public Authority Participation

Government representatives may:

  • Provide legal context
  • observe
  • contribute technical expertise
  • identify public-policy needs

Their role should be documented.

56.4 Legal Alignment

A harmonized or regulatory-support standard should map clauses to legal requirements where appropriate.

56.5 Legal Review

Qualified legal review is required for legal claims.

56.6 Public Authority Decision

The authority determines whether the standard receives legal recognition.

56.7 Standards Independence

Standards Body should remain able to identify technical deficiencies even when a public authority requested the work.

56.8 Accelerated Legal Timelines

Regulatory deadlines should not justify false claims of consensus or validity.

CEN and CENELEC have used accelerated procedures for AI Act standards while retaining established procedural routes, illustrating the need to distinguish procedural acceleration from abandonment of standards controls.[^cen-ai-accelerate]


57. Standards and Conformity Assessment

57.1 Separation

Standards define criteria.

Conformity assessment determines whether criteria are fulfilled.

57.2 Scheme Development

A certification or assurance scheme needs more than a standard.

It needs:

  • Scheme rules
  • assessment methods
  • competence
  • decisions
  • surveillance
  • complaints
  • marks
  • status
  • withdrawal

57.3 Standards Body Role

Standards Body may develop standards and scheme concepts.

It should not claim certification or accreditation merely through publication.

57.4 Assessment Feedback

Conformity-assessment experience should inform revisions.

57.5 Auditor Participation

Auditors and certification bodies may contribute.

They should not dominate requirements that create demand for their services.

57.6 Accreditation Cooperation

Evaluator and conformity-assessment standards should support external accreditation systems where appropriate.


58. Standards and Evaluation Protocols

58.1 Dynamic Protocols

Protocol standards should incorporate:

  • Stable construct
  • versioned tasks
  • elicitation
  • scoring
  • security
  • bridge studies
  • expiration

58.2 Protected Tasks

The public standard may govern protected task banks without publishing exact content.

58.3 Protocol Change

Task and environment changes may use controlled protocol procedures without requiring full standards revision when the standard permits them.

58.4 Result Comparability

Define how results remain comparable across protocol versions.

58.5 Validation

Protocol standards should maintain a validity case.

58.6 Evaluator Discretion

Define where professional judgment is allowed and governed.


59. Standards and Open-Source Ecosystems

59.1 Open Participation

Open-source developers and maintainers should have pathways to participate.

59.2 Distributed Responsibility

Standards should account for:

  • Forks
  • downstream modifications
  • volunteer maintainers
  • distributors
  • deployers
  • package ecosystems

59.3 Access Requirements

Avoid requirements that assume privileged provider access when alternatives exist.

59.4 Reference Implementations

Open reference tools can reduce barriers.

59.5 Security

Open publication should not expose active dangerous details without review.

59.6 Licensing Compatibility

Assess whether required artifacts can be produced under common open-source licenses.


60. Standards and Small Organizations

60.1 Burden Assessment

Estimate:

  • Staff
  • legal
  • compute
  • security
  • evaluation
  • documentation
  • certification
  • recurring cost

60.2 Proportionate Pathways

Possible approaches:

  • Risk tiers
  • shared services
  • phased compliance
  • templates
  • sampling
  • pooled evaluation
  • open tools
  • grants

60.3 No Severe-Risk Exemption by Size

Small size alone should not waive a requirement necessary for severe risk.

60.4 Functional Equivalence

Permit valid alternate evidence.

60.5 Participation

Include small organizations before requirements are fixed.


61. Standards Process Quality Assurance

61.1 Process Quality

Standards quality depends on both:

  • Technical substance
  • Process integrity

61.2 Secretariat Checkpoints

The Secretariat should perform process checks at:

  • New-work proposal
  • charter approval
  • working-group formation
  • committee draft
  • public review
  • final ballot
  • publication
  • systematic review

61.3 Process Audit Questions

  • Was the project authorized?
  • Was scope controlled?
  • Was participation open?
  • Was balance reviewed?
  • Were conflicts disclosed?
  • Was evidence sufficient?
  • Were comments considered?
  • Were material changes recirculated?
  • Was consensus assessed?
  • Were appeals available?
  • Was maintenance assigned?
  • Were public claims accurate?

61.4 Independent Process Audit

A formal standards program should receive periodic external process audit.

61.5 Nonconformity

A process nonconformity may be:

  • Minor
  • material
  • critical

61.6 Critical Nonconformity

Examples:

  • Dominance
  • undisclosed controlling conflict
  • no public review
  • ignored critical objection
  • invalid vote
  • approval by unauthorized body
  • material change without recirculation
  • falsified record

61.7 Corrective Action

A nonconformity may require:

  • Record correction
  • renewed review
  • reballot
  • appeal
  • standard suspension
  • withdrawal
  • governance change

61.8 Process Integrity Statement

The publication package should include a statement of process completion.


62. Process Performance Metrics

62.1 Purpose

Metrics should improve the process rather than reward document volume.

62.2 Project Metrics

  • Time by stage
  • participation
  • balance
  • public comments
  • resolution time
  • objections
  • appeals
  • pilot implementations
  • independent reviews
  • revisions
  • maintenance burden

62.3 Participation Metrics

  • Interest categories
  • geography
  • organization size
  • attendance
  • voting participation
  • comment influence
  • stipend use
  • translation
  • accessibility

62.4 Quality Metrics

  • Requirement ambiguity
  • implementation variance
  • evaluator agreement
  • correction rate
  • incident relevance
  • external adoption
  • duplication
  • supersession speed

62.5 Outcome Metrics

  • Improved comparability
  • reduced evaluation disagreement
  • lower implementation error
  • improved incident learning
  • better interoperability
  • reduced assurance shopping
  • increased competent participation

62.6 Anti-Metric Rule

Do not optimize the process for:

  • Number of standards
  • speed alone
  • unanimous votes
  • number of members
  • public comments without influence
  • adoption without outcome evidence

62.7 Annual Standards Report

Publish:

  • Work program
  • stage movement
  • discontinued projects
  • participation
  • comments
  • appeals
  • corrections
  • maintenance
  • implementation evidence
  • process audit
  • improvements

63. Standards Process Maturity Model

Level 0: Informal Document Production

Characteristics:

  • No stable process
  • author-controlled outputs
  • no public review
  • no appeal
  • no maintenance

Level 1: Documented Drafting

Characteristics:

  • Scope
  • editor
  • version
  • internal review
  • public status label

Level 2: Open Working-Group Process

Characteristics:

  • Charter
  • participation
  • conflicts
  • issue tracking
  • committee drafts
  • public review

Level 3: Consensus and Due Process

Characteristics:

  • Balance
  • substantial-objection process
  • formal consensus
  • appeal
  • process audit
  • maintenance

Level 4: Evidence and Implementation Standardization

Characteristics:

  • Evidence maps
  • pilots
  • independent review
  • public-interest review
  • conformity readiness
  • international coherence

Level 5: Adaptive and Interoperable Standards Institution

Characteristics:

  • Dynamic standards
  • machine-readable artifacts
  • international mappings
  • incident feedback
  • rapid correction
  • measured outcomes
  • external recognition

63.1 Maturity Rule

Standards Body should not describe its process at a higher level than actual practice supports.


64. Consolidated Standards-Development Failure Modes

64.1 Standardizing Too Early

Failure:

A weak or contested method becomes fixed.

Control:

Evidence maturity and pilot gates.

64.2 Standardizing Too Late

Failure:

Fragmentation and risk persist while the institution waits for certainty.

Control:

Provisional specifications with expiration.

64.3 Dominant-Firm Drafting

Failure:

A frontier developer controls scope, evidence, and language.

Control:

Balance, public-interest review, independent technical review.

64.4 Evaluator Self-Dealing

Failure:

Evaluators create requirements that require their own services.

Control:

Conflict review, competition analysis, alternate methods.

64.5 Government Deadline Capture

Failure:

A policy deadline forces technical approval.

Control:

Provisional status, explicit uncertainty, no false consensus.

64.6 Consensus Theater

Failure:

Majority voting is described as consensus despite ignored objections.

Control:

Consensus report and objection record.

64.7 Open Participation Theater

Failure:

Anyone may participate in theory, but cost and expertise barriers exclude most interests.

Control:

Participation funding, remote access, outreach, support.

64.8 Editor Capture

Failure:

The editor changes substance through drafting control.

Control:

Change log, issue approval, editor limits.

64.9 Scope Expansion

Failure:

A narrow project becomes a broad governance framework without renewed authorization.

Control:

Charter control and material-change review.

64.10 Hidden Requirements

Failure:

Normative obligations appear in notes, examples, or guidance.

Control:

Normative-language audit.

64.11 Vague Conformity

Failure:

Different evaluators reach incompatible decisions.

Control:

Evidence, methods, decision rules, proficiency testing.

64.12 Documentation Theater

Failure:

Organizations generate records without improving outcomes.

Control:

Outcome evidence and operational review.

64.13 Proprietary Lock-In

Failure:

One implementation becomes mandatory.

Control:

Performance-based requirements, patent review, equivalent methods.

64.14 Incumbent Burden

Failure:

Only large organizations can comply.

Control:

Burden assessment, shared infrastructure, proportional pathways.

64.15 Public-Interest Exclusion

Failure:

Technical participants define social consequence without affected-party input.

Control:

Public Interest and Rights Council review.

64.16 Confidentiality Capture

Failure:

Restricted evidence prevents meaningful challenge.

Control:

Independent access, public minimum, review date.

64.17 Transparency Recklessness

Failure:

Sensitive tasks or vulnerabilities are released.

Control:

Protected annexes and security review.

64.18 Static Standard

Failure:

A frontier AI standard becomes obsolete before revision.

Control:

Shorter review cycles, dynamic annexes, incident triggers.

64.19 External Duplication

Failure:

Standards Body creates a competing standard without need.

Control:

Coherence review and liaison.

64.20 Legal Overclaim

Failure:

A voluntary standard is presented as regulatory compliance.

Control:

Authority note and legal review.

64.21 Certification Prematurity

Failure:

A standard becomes the basis of a badge before assessment validity exists.

Control:

Separate conformity-readiness decision.

64.22 Adoption Metric Gaming

Failure:

Signatures and downloads replace effectiveness.

Control:

Outcome metrics.

64.23 Permanent Provisional Standard

Failure:

Temporary status avoids full review indefinitely.

Control:

Automatic expiration and renewal limit.

64.24 Maintenance Neglect

Failure:

No owner responds to errors or incidents.

Control:

Maintenance assignment before approval.

64.25 Withdrawal Avoidance

Failure:

Institutional reputation prevents retirement of a failed standard.

Control:

Independent review and mandatory status triggers.


65. Serious Objections and Responses

Objection 1: Frontier AI changes too quickly for standards

Some details change too quickly.

Standards can still define stable infrastructure for:

  • Identity
  • evidence
  • process
  • metadata
  • governance
  • change control
  • evaluation integrity

Dynamic components should be versioned separately.

Objection 2: Consensus standards will be dominated by industry

Industry dominance is a real risk.

The process uses:

  • Constituency balance
  • public-interest review
  • conflict controls
  • public comment
  • independent review
  • participation support

Industry expertise remains necessary.

Objection 3: Open participation cannot work with sensitive AI evidence

Exact evidence may remain restricted.

The public process can still govern:

  • Construct
  • requirements
  • access criteria
  • review
  • status
  • appeal
  • limitations

Objection 4: Standards will become de facto regulation without democratic legitimacy

This can occur through procurement, market pressure, or legal reference.

Standards Body should preserve transparent process and bounded claims.

Public authorities remain responsible for democratic and legal adoption.

Objection 5: Public comment is too slow

Public review should be proportionate.

Urgent provisional routes can operate faster with expiration and later full review.

Objection 6: Small organizations cannot participate meaningfully

Participation support and modular implementation are required.

A process that is nominally open but practically inaccessible is not sufficiently open.

Objection 7: Consensus lets one objector block progress

Consensus is not unanimity.

The process requires serious consideration, not universal agreement.

Objection 8: Technical committees cannot represent the public interest

They should not claim to.

Public-interest governance should be a distinct institutional function.

Objection 9: A free standard is financially unsustainable

Funding may come from:

  • Grants
  • membership
  • training
  • infrastructure
  • services
  • sponsorship under independence rules

Core public access should remain protected.

Objection 10: Existing standards bodies should do all of this work

Existing bodies should be used where fit.

Standards Body should specialize where frontier evaluation infrastructure requires deeper or faster work and should contribute mature outputs into established systems where appropriate.


66. Implementation Pathway

Phase 1: Procedural Adoption

  • Adopt this process internally
  • label all current outputs accurately
  • establish work-program register
  • create proposal and charter templates
  • establish issue and version control

Phase 2: Pilot Working Group

  • Select one bounded specification
  • charter a balanced group
  • run evidence and drafting process
  • document conflicts and participation
  • publish a committee draft

Phase 3: Public Review Pilot

  • Run public notice
  • accept comments
  • publish dispositions
  • assess substantial objections
  • test appeal process

Phase 4: Implementation Pilot

  • Recruit varied implementers
  • collect evidence
  • test evaluator agreement
  • revise requirements
  • publish pilot report

Phase 5: Governance Readiness

  • Establish Standards Council
  • establish public-interest review
  • establish independent Appeals Panel
  • adopt intellectual-property policy
  • adopt security process

Phase 6: Formal Standards Program

  • Publish procedures
  • publish work program
  • form committees
  • conduct external process review
  • approve first formal Standards Body standard

Phase 7: Assurance Readiness

  • Develop conformity annexes
  • conduct evaluator proficiency
  • assess scheme and accreditation relationships
  • restrict public claims until mature

Phase 8: International Interoperability

  • Create crosswalks
  • establish liaisons
  • translate core documents
  • conduct multi-region implementation
  • consider contribution to established international bodies

67. First Standards Program Pilot

67.1 Proposed Pilot

Title: Frontier AI Evaluation Result and Evidence Reporting Specification

67.2 Purpose

Create a common, machine-readable and human-readable result profile covering:

  • System identity
  • protocol
  • evaluator
  • elicitation
  • task integrity
  • score
  • uncertainty
  • evidence level
  • review
  • status
  • expiration
  • correction

67.3 Why This Pilot

It is:

  • Foundational
  • lower risk than a safety certification
  • useful across institutions
  • linked to all eight foundations
  • suitable for public and protected evidence
  • capable of reference implementation
  • compatible with registry infrastructure

67.4 Participants

  • Frontier developers
  • independent evaluators
  • government evaluation institutes
  • researchers
  • standards experts
  • public-interest experts
  • open-source participants
  • international partners

67.5 Deliverables

  • Terminology
  • JSON schema
  • human-readable report
  • evidence passport
  • implementation guide
  • pilot report
  • interoperability mapping

67.6 Success Criteria

  • Multiple independent implementations
  • consistent interpretation
  • manageable burden
  • protected-evidence compatibility
  • public readability
  • international extensibility
  • correction and versioning

67.7 Nonclaims

The pilot would not:

  • Certify systems
  • accredit evaluators
  • determine safety
  • create legal compliance

68. Standards Development Scorecard

Dimension Core question
Need Is there a demonstrated problem requiring standardization?
Alternative Is a standard preferable to research, guidance, law, or tooling?
Maturity Is the evidence mature enough for the document class?
Scope Is the project bounded and controlled?
Existing work Has duplication been assessed?
Charter Are authority, deliverables, and process defined?
Participation Are relevant parties able to participate?
Balance Is dominance prevented?
Competence Does the group include the required expertise?
Public interest Are affected parties and rights considered?
Evidence Are requirements traceable to credible evidence?
Contrary evidence Is dissenting evidence visible?
Drafting Are normative provisions precise and testable?
Technology neutrality Are unnecessary proprietary prescriptions avoided?
Intellectual property Are contribution, license, and patent issues governed?
Security Is sensitive information protected without blocking accountability?
Pilot Has the standard been implemented or tested?
Public review Was the draft available for meaningful review?
Comments Were comments tracked and answered?
Objections Were substantial objections addressed?
Consensus Is consensus genuinely supported?
Voting Were voting rights, affiliations, and thresholds valid?
Recirculation Were material changes reviewed?
Independent review Did qualified reviewers challenge the work?
Competition Is market exclusion proportionate?
International Is coherence and cross-border use addressed?
Conformity Can requirements support consistent assessment if intended?
Approval Is the approval package complete?
Claims Are status and legal effect described accurately?
Access Is the standard publicly and accessibly available?
Implementation Are guidance and transition available?
Maintenance Are owner, review, correction, and withdrawal defined?
Outcome Does implementation improve the target problem?
Appeal Is procedural review available?
Audit Can the process be reconstructed and audited?

68.1 Critical Failures

The following normally prevent approval as a consensus standard:

  • No demonstrated need
  • undefined scope
  • no work-group charter
  • controlling dominance
  • no conflict disclosure
  • no public review
  • no comment disposition
  • ignored critical objection
  • no implementation evidence for a high-consequence standard
  • normative requirements that cannot be assessed
  • material change without recirculation
  • invalid consensus claim
  • no appeal
  • no maintenance owner
  • legal or certification claims beyond authority

68.2 No Composite Score

Do not average the scorecard into one overall rating.

A critical process failure should remain decisive.


69. New Work Proposal Template

Proposal ID:
Proposed title:
Proposer:
Date:
Document class:
Proposed maturity:
Consequence level:

Problem

Public-Interest or Coordination Need

Why Standardization Is Appropriate

Alternatives Considered

Proposed Scope

Non-Scope

Intended Users

Affected Parties

Evidence

Existing Standards and Work Programs

Technical Dependencies

Legal and Regulatory Context

Security and Confidentiality

Intellectual Property

Implementation and Pilot Plan

Conformity-Assessment Intent

International Relevance

Participation and Balance

Resources and Timeline

Maintenance

Conflicts

Requested Decision


70. Project Charter Template

Project ID:
Title:
Parent body:
Document class:
Version:
Effective date:

Purpose

Need

Deliverable

Scope

Exclusions

Intended Users

Affected Parties

Normative Intent

Evidence Maturity

Assurance Intent

Working Group

Chair

Vice Chair

Editor

Secretariat

Interest Categories

Balance Requirements

Participation Eligibility

Voting Eligibility

Decision Method

Conflict Rules

Security Classification

Intellectual-Property Policy

Milestones

Public Review

Appeals

Maintenance

Sunset


71. Stakeholder and Balance Matrix

Interest category Need or impact Participants Voting share Affiliations Barriers Support Missing perspectives
Developers
Deployers
Evaluators
Public interest
Affected parties
Government
Small actors
International

Dominance Review

  • Largest organizational bloc:
  • Largest funding relationship:
  • Chair affiliation:
  • Editor affiliation:
  • Missing categories:
  • Corrective actions:
  • Review date:

72. Requirement Traceability Template

Requirement ID Responsible actor Objective Risk or need Evidence Implementation Conformity evidence Exceptions Related requirements

73. Working Draft Review Checklist

Before advancement, confirm:

  1. Scope matches the charter.
  2. document class is accurate.
  3. normative and informative text are separated.
  4. terms are defined.
  5. requirements identify responsible actors.
  6. requirements are necessary and proportionate.
  7. assessment evidence is specified where intended.
  8. external standards are considered.
  9. intellectual-property issues are identified.
  10. security-sensitive content is classified.
  11. public-interest impacts are reviewed.
  12. small-actor burden is assessed.
  13. implementation evidence exists or is planned.
  14. issues and dissent are recorded.
  15. version and status are visible.

74. Public Review Notice Template

Project:
Draft:
Version:
Document status: Public-review draft
Review opens:
Review closes:
Responsible working group:

Purpose

Scope

Intended Use

Material Changes

Supporting Evidence

Known Limitations and Dissent

How to Comment

Comment Information Requested

Public and Confidential Comment Treatment

Accessibility and Translation

Next Stage

Contact


75. Public Comment Template

Commenter:
Affiliation:
Interest category:
Draft version:
Clause:
Comment type:

  • Editorial
  • technical
  • evidence
  • scope
  • rights
  • security
  • legal
  • implementation
  • interoperability
  • competition
  • process

Comment

Rationale and Evidence

Proposed Change

Confidentiality Request

Conflict Disclosure


76. Comment Disposition Template

Comment ID:
Draft:
Clause:
Commenter:
Responsible reviewer:

Comment Summary

Evidence

Disposition

  • Accepted
  • accepted with modification
  • partly accepted
  • rejected
  • deferred
  • outside scope
  • duplicate

Response

Draft Change

Substantial Objection Status

Commenter Notification

Appeal Information


77. Substantial Objection Template

Objection ID:
Objector:
Affiliation and interest:
Draft:
Date:

Provision or Process Challenged

Objection

Material Consequence

Evidence

Proposed Resolution

Working-Group Response

Changes

Remaining Disagreement

Final Status

  • Resolved
  • partly resolved
  • preserved as dissent
  • rejected with reasons
  • outside scope

Appeal Notice


78. Consensus Report Template

Project:
Draft version:
Chair:
Date:

Participation

Interest Balance

Conflicts and Recusals

Deliberation

Polls and Ballots

Public Comments

Substantial Objections

Changes Made

Independent Review

Public-Interest Opinion

Security Review

Unresolved Dissent

Chair's Consensus Assessment

Secretariat Process Assessment

Standards Council Determination


79. Pilot Implementation Record

Pilot ID:
Draft:
Implementer:
System or organization:
Region:
Date:

Implementation Scope

Resources

Requirements Implemented

Deviations

Evidence Produced

Ambiguities

Costs and Burden

Security Issues

Evaluator Findings

Unintended Effects

Suggested Changes

Public or Controlled Status


80. Independent Standards Review Template

Standard or draft:
Reviewer:
Qualifications:
Independence profile:
Access:
Date:

Mandate

Need and Scope

Evidence

Requirement Validity

Implementation and Testability

Conformity-Assessment Readiness

Public-Interest and Competition

Security

International Coherence

Maintenance

Material Findings

Required Changes

Dissent

Recommendation

  • Approve
  • approve with conditions
  • revise
  • return to research
  • do not approve

81. Approval Record Template

Standard ID:
Title:
Version:
Decision body:
Date:

Approval Authority

Approval Package

Quorum and Voting

Consensus Determination

Conflicts and Recusals

Public-Interest Review

Security Review

Independent Review

Unresolved Objections

Appeals

Decision

  • Approve
  • approve with conditions
  • provisional approval
  • revise
  • guidance only
  • defer
  • reject

Conditions

Effective Date

Review Date

Maintenance Owner

Public Claims


82. Interpretation Request Template

Request ID:
Standard and version:
Clause:
Requester:
Date:

Question

Implementation Context

Urgency

Existing Interpretations

Proposed Understanding

Potential Conformity Effect

Security or Confidentiality

Decision and Rationale

Status


83. Amendment or Revision Proposal Template

Proposal ID:
Standard:
Current version:
Proposer:
Date:

Trigger

Proposed Change

Reason

Evidence

Affected Requirements

Implementation Impact

Conformity Impact

Compatibility

Security

Legal and International Impact

Transition

Public Review

Requested Outcome

  • Erratum
  • amendment
  • revision
  • suspension
  • withdrawal

84. Systematic Review Record Template

Standard:
Version:
Review period:
Maintenance body:

Current Need

Adoption and Use

Implementation Evidence

Evaluation and Assurance Evidence

Incidents and Failures

Comments and Interpretations

External Standards

Legal and Technical Change

Burden and Competition

International Use

Security

Evidence Current-Through Date

Recommendation

  • Confirm
  • amend
  • revise
  • split
  • merge
  • supersede
  • withdraw
  • retire

Decision

Next Review


85. Withdrawal Notice Template

Standard:
Version:
Status:
Effective date:

Reason

Evidence

Immediate Risk

Replacement or Successor

Transition

Existing Claims

Certificates or Assessments

Registry Update

Appeal

Archive


86. Standards Process Audit Template

Audit period:
Auditor:
Independence:
Scope:

Work Program

New Work

Charters

Participation and Balance

Conflicts

Meetings and Records

Evidence

Drafting

Public Review

Comments

Consensus and Voting

Appeals

Approval

Publication

Maintenance

Security

Intellectual Property

Findings

Corrective Actions

Public Summary


87. Canonical Standards Body Standards-Development Positions

Standards Body adopts the following working positions.

  1. Standards development is a public-interest institutional process, not document production alone.

  2. A standard should respond to a demonstrated need.

  3. Standardization is not always the correct response.

  4. Research, guidance, specifications, standards, certification, accreditation, and regulation are distinct.

  5. Evidence maturity should determine document maturity.

  6. A document should not advance automatically through standards stages.

  7. Standards should be returned to research when the construct or method remains weak.

  8. Urgency may justify provisional status, not false certainty.

  9. Every project should have a public identifier, status, owner, and charter.

  10. Scope should be bounded before drafting.

  11. Material scope expansion requires renewed authorization.

  12. Relevant external standards should be identified before new work begins.

  13. Standards Body should adopt, map, profile, or extend suitable external work rather than duplicate it unnecessarily.

  14. Participation should be open to directly and materially interested parties under defined procedures.

  15. Nominal openness is insufficient when participation barriers make influence inaccessible.

  16. Balance concerns interests, influence, resources, and control, not only headcount.

  17. Affiliated participants may be treated as one interest for dominance analysis.

  18. No developer, evaluator, government, funder, country, or region should dominate an international-candidate process.

  19. Competence and stakeholder interest should both be represented.

  20. Affected parties should influence problem definition and impact analysis.

  21. Public-interest review should be capable of changing the draft.

  22. Working groups should be chartered and time-limited.

  23. Chairs govern process, not substantive truth.

  24. Editors may not change normative substance silently.

  25. Material drafting changes should be recorded.

  26. Requirements should identify responsible actors and observable evidence.

  27. Undefined words such as adequate, robust, meaningful, and reasonable should not carry ungoverned normative weight.

  28. Performance-based requirements are preferred when equivalent technical approaches can meet the objective.

  29. Prescriptive requirements may be necessary for interoperability or severe-risk controls.

  30. Documentation should support evidence and continuity, not compliance theater.

  31. Equivalent methods should be permitted when they meet the objective credibly.

  32. Normative and informative text should be clearly separated.

  33. Intellectual-property and patent rules should be adopted before formal technical standards work requires them.

  34. Core public-interest standards should be freely readable.

  35. A public standard and protected evaluation annex may coexist.

  36. Confidentiality does not establish validity.

  37. Consequential restricted provisions require qualified independent review.

  38. High-consequence standards should ordinarily be piloted before final approval.

  39. Implementation evidence is part of standards evidence.

  40. A reference implementation can support interoperability but does not define the only valid implementation unless the standard requires it.

  41. A committee draft is not an approved standard.

  42. Public-review drafts should be freely accessible during the review period.

  43. The first public review should ordinarily remain open for at least 45 days.

  44. Shortened review periods should be justified and disclosed.

  45. Public comments should be tracked and answered.

  46. Protected comments should receive substantive consideration.

  47. Similar comments may be grouped but not hidden.

  48. A substantial objection should receive a reasoned response.

  49. A substantial objection does not automatically create a veto.

  50. Minority status does not invalidate an objection.

  51. Unresolved objectors should receive notice of procedural appeal rights.

  52. Consensus is broad agreement after serious efforts to address substantial objections.

  53. Consensus is not unanimity.

  54. Consensus is not silence.

  55. Consensus is not simple majority voting.

  56. A positive ballot cannot cure dominance or due-process failure.

  57. Material changes after review should be recirculated.

  58. High-consequence and assurance-ready standards should receive independent review.

  59. Public-interest, competition, international, security, and conformity-readiness reviews should remain distinguishable.

  60. A standard may be technically approved while not assurance-ready.

  61. The approval package should permit reconstruction of the process.

  62. The Standards Council should determine process compliance and consensus within its authority.

  63. The Governing Board should not ordinarily rewrite technical standards.

  64. Approval as a Standards Body standard does not make a document legally binding.

  65. Standards Body cannot create a legal presumption of conformity by itself.

  66. Standards Body approval is not certification.

  67. Standards Body should not initially certify systems or accredit evaluators.

  68. Public claims should identify the standard version and scope.

  69. Membership or drafting participation does not establish conformity or endorsement.

  70. Standards should use persistent identifiers and visible status.

  71. Public standards should be available in accessible human-readable formats.

  72. Machine-readable artifacts should be versioned with the normative text.

  73. Implementation support should not create hidden requirements.

  74. Formal interpretations should clarify, not amend.

  75. Material normative change requires amendment or revision.

  76. Errors should not be corrected silently.

  77. Frontier AI standards should have shorter review cycles where change warrants.

  78. Confirmation should require evidence, not silence.

  79. Standards should be suspended or withdrawn when validity, security, or governance fails.

  80. Institutional reputation should not prevent withdrawal.

  81. Provisional standards should expire automatically unless renewed through review.

  82. Repeated provisional renewal should trigger governance review.

  83. External standards may use fast-track adoption only after local process and impact review.

  84. Joint standards require defined governance, intellectual property, maintenance, and appeals.

  85. International candidate status requires meaningful cross-regional process, not merely multinational attendance.

  86. Translation status and controlling language should be visible.

  87. Local profiles should not silently weaken the common core.

  88. Regulatory deadlines should not manufacture technical consensus.

  89. The public authority determines the legal effect of a standard.

  90. Conformity assessment requires scheme rules beyond the standard text.

  91. Evaluators and auditors may contribute but should not design standards around self-created commercial demand.

  92. Open-source and small-actor implementation should be considered from the beginning.

  93. Small size should not waive controls necessary for severe risk.

  94. Standards-process quality should be audited.

  95. Process failures may require reballot, renewed review, suspension, or withdrawal.

  96. Standards performance should be measured through outcomes, not document count.

  97. A mature standards institution should publish discontinued work and failures.

  98. Standards Body should contribute mature work to established standards systems when that better serves interoperability and legitimacy.

  99. Standards Body should remain willing to decide that a proposed standard should not exist.

  100. The ultimate test of a standard is whether it improves shared practice and evidence without creating greater error, exclusion, or false assurance.


88. Relationship to Other Canonical Files

PROJECT_IDENTITY.md

Defines the project's present stage, authority, and permitted public claims.

This process cannot transform a research project into a recognized standards body by declaration.

PROJECT_MANIFESTO.md

Defines the deeper purpose of creating credible frontier AI infrastructure.

INSTITUTION_DESIGN.md

Defines the organizational ecosystem and separation among standards, evaluation, certification, accreditation, and enforcement.

GOVERNANCE_FRAMEWORK.md

Defines the Standards Council, decision rights, voting, conflicts, appeals, transparency, and institutional transition.

FOUNDATIONS.md

Defines the eight foundations from which standards topics arise.

FOUNDATIONS_APPENDIX.md

Defines the integrated lifecycle connecting evaluation evidence to standards maturity.

TERMINOLOGY.md

Provides the controlled vocabulary for standards, requirements, consensus, assurance, and status.

EVIDENCE_STANDARDS.md

Defines the evidence levels and quality used to justify standards requirements.

RESEARCH_METHODOLOGY.md

Governs the preliminary research, pilots, implementation studies, and standards research.

TAXONOMY.md

Classifies document types, standards stages, requirements, actors, decisions, and statuses.

EVALUATION_PHILOSOPHY.md

Defines how evaluation methods should be interpreted before they become standardized.

EVALUATOR_ACCREDITATION_FRAMEWORK.md

Will define the competence and recognition system for evaluators using standards and protocols.

CONTRIBUTOR_FRAMEWORK.md

Will define contributor participation, conduct, credit, access, and removal.

TRANSPARENCY_FRAMEWORK.md

Will define public review, disclosure, protected comments, records, and access.

PARTNERSHIP_PRINCIPLES.md

Will govern joint standards work and liaison relationships.

LONG_TERM_ROADMAP.md

Will sequence the transition from research outputs to a formal standards-development program.


89. Final Standards-Development Position

Standards are among the most durable ways an institution can shape a technical field.

They can outlive:

  • The evidence that justified them
  • the people who drafted them
  • the systems they were designed for
  • the political moment that adopted them
  • the institution that published them

That durability makes standards valuable.

It also makes premature standards dangerous.

Frontier AI standards may influence:

  • Which capabilities are measured
  • which safeguards are required
  • which evidence becomes portable
  • which evaluators enter the market
  • which organizations can comply
  • which systems receive procurement access
  • which technical methods become legally recognized
  • which failures become visible
  • which uncertainties disappear from public view

The institution should therefore resist two temptations.

The first is to delay all standardization until complete certainty exists.

Complete certainty will not exist.

The second is to publish standards quickly to appear relevant.

Relevance without validity creates false assurance.

The correct process is progressive.

Research should remain research.

Promising methods should become recommended practices.

Tested methods should become pilot specifications.

Implemented and reviewed practices may become consensus standards.

Only precise and validated standards should support conformity assessment.

Only public authorities can determine legal effect.

Every stage should preserve:

  • Evidence
  • participation
  • dissent
  • version
  • status
  • review
  • correction
  • withdrawal

A credible standards process does not guarantee that every requirement is right.

It guarantees something more realistic and institutionally valuable:

  • The problem was defined.
  • Relevant interests could participate.
  • evidence was examined.
  • requirements were tested.
  • objections were considered.
  • decisions were recorded.
  • appeals were possible.
  • the standard will be maintained.
  • error can be corrected.

The defining standards-development rule of Standards Body is:

Standardize only what can be stated clearly, supported credibly, implemented practically, assessed fairly, challenged openly, and maintained responsibly.


References and Research Basis

[^iso-directives]: International Organization for Standardization and International Electrotechnical Commission, ISO/IEC Directives, Part 1, Procedures for the Technical Work, current consolidated edition. https://www.iso.org/sites/directives/current/consolidated/index.html

[^iso-part2]: International Organization for Standardization and International Electrotechnical Commission, ISO/IEC Directives, Part 2, Principles and Rules for the Structure and Drafting of ISO and IEC Documents. https://www.iso.org/sites/directives/current/part2/index.xhtml

[^ansi-essential]: American National Standards Institute, ANSI Essential Requirements: Due Process Requirements for American National Standards, current edition. https://www.ansi.org/american-national-standards/ans-introduction/essential-requirements

[^ansi-overview]: American National Standards Institute, American National Standards Process Overview. https://www.ansi.org/american-national-standards/ans-introduction/overview

[^ansi-appeal]: American National Standards Institute, Rights to Appeal in the American National Standards Process and approval-step guidance for unresolved objectors. https://www.ansi.org/american-national-standards/appeals

[^wto-principles]: World Trade Organization, Principles for the Development of International Standards, Guides and Recommendations, covering transparency, openness, impartiality and consensus, effectiveness and relevance, coherence, and the development dimension. https://www.wto.org/english/tratop_e/tbt_e/principles_standards_tbt_e.htm

[^wto-code]: World Trade Organization, Agreement on Technical Barriers to Trade, Annex 3, Code of Good Practice for the Preparation, Adoption and Application of Standards. https://www.wto.org/english/docs_e/legal_e/17-tbt_e.htm

[^cen-standards]: CEN and CENELEC, European Standards, describing consensus, openness, transparency, national commitment, and technical coherence. https://www.cencenelec.eu/european-standardization/european-standards/

[^cen-guide30]: CEN and CENELEC, Guide 30, European Guide on Standards and Regulation. https://www.cencenelec.eu/media/Guides/CEN-CLC/cenclcguide30.pdf

[^cen-ai-accelerate]: CEN and CENELEC, Update on the Decision to Accelerate Development of Standards for Artificial Intelligence, October 23, 2025. https://www.cencenelec.eu/news-events/news/2025/brief-news/2025-10-23-ai-standardization/

[^eu-ai-standardisation]: European Commission, Standardisation of the AI Act and Understanding the Standardisation of the AI Act, current through 2026. https://digital-strategy.ec.europa.eu/en/policies/ai-act-standardisation and https://digital-strategy.ec.europa.eu/en/faqs/understanding-standardisation-ai-act

[^ietf-process]: Internet Engineering Task Force, Guide to the IETF Standards Process, with BCP 9 and RFC 2026 process sources. https://www.ietf.org/process/process/

[^ietf-rfc]: Internet Engineering Task Force, About RFCs, including publication statuses, updates, obsolescence, and errata. https://www.ietf.org/process/rfcs/

[^w3c-process]: World Wide Web Consortium, W3C Process Document, August 18, 2025. https://www.w3.org/policies/process/

[^w3c-patent]: World Wide Web Consortium, W3C Patent Policy, May 15, 2025. https://www.w3.org/policies/patent-policy/

[^oasis-process]: OASIS Open, Technical Committee Process. https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26/

[^oasis-drafts]: OASIS Open, Committee Specification Drafts and Public Review, OASIS TC Handbook. https://docs.oasis-open.org/TChandbook/Reference/CommitteeSpecDrafts.html

[^nist-standards]: National Institute of Standards and Technology, Standards.gov and Standards Coordination Office. https://www.nist.gov/standardsgov

[^nist-ai-standards]: National Institute of Standards and Technology, AI Standards. https://www.nist.gov/artificial-intelligence/ai-standards

[^iso-certification]: International Organization for Standardization, Certification, clarifying that ISO develops standards but does not itself perform certification. https://www.iso.org/certification.html


Revision Record

Version 1.0

Date: July 16, 2026

Change type: Complete foundational edition

Summary: Establishes the canonical Standards Body standards-development process. Defines authority limits, document classes, normative language, work programs, need identification, preliminary research, new-work proposals, project classification, charters, stakeholder mapping, working groups, participation, balance, dominance, meetings, evidence, requirements engineering, drafting, editing, intellectual property, patents, security, pilots, committee drafts, public review, comments, substantial objections, consensus, voting, recirculation, independent and public-interest review, competition, international coherence, conformity-assessment readiness, approval, appeals, publication, public claims, implementation, external adoption, interpretations, corrections, amendments, revisions, systematic review, withdrawal, urgent and provisional standards, fast-track adoption, joint development, international candidates, translation, regulation, conformity assessment, evaluation protocols, open-source and small-actor participation, quality assurance, performance, maturity, failure modes, objections, implementation, pilot design, scorecard, operational templates, canonical positions, and primary research basis.

Status: Approved foundational source.