> ## Documentation Index
> Fetch the complete documentation index at: https://docs.kavachos.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Compliance
> Audit infrastructure for EU AI Act, NIST, SOC 2, and ISO 42001. Agent actions write immutable records to `kavach_audit_logs` with identity, resource, and action.
KavachOS is built with compliance requirements in mind. Every agent action produces an immutable audit record with enough detail to satisfy the logging and oversight obligations of major AI governance frameworks.
The EU AI Act high-risk provisions take effect August 2, 2026. KavachOS gives you the audit infrastructure to meet the Article 12 and Article 14 requirements before that deadline.
## What KavachOS provides
| Requirement | KavachOS feature |
| --------------------- | ---------------------------------------------------------------------------------------------------------- |
| Immutable audit log | `kavach_audit_logs` table with result, reason, duration, IP, user-agent |
| Human oversight | Approval flows (CIBA), delegation depth limits, permission constraints |
| Access control | Resource+action permission model with constraints (IP, time window, rate) |
| Identity traceability | Every action links agentId, userId, resource, action, parameters |
| Export | `kavach.audit.export()` as JSON or CSV, or [as Verifiable Credentials](/compliance/verifiable-credentials) |
| Anomaly detection | High-frequency, high-denial-rate, off-hours, privilege escalation |
## Frameworks
The EU AI Act imposes obligations on providers and deployers of high-risk AI systems. The relevant articles for agentic AI are:
**Article 9 - Risk management system**
KavachOS supports Article 9 through:
Permission constraints (`maxCallsPerHour`, `timeWindow`, `ipAllowlist`) that enforce operational boundaries
Anomaly detection that flags unusual patterns before they become incidents
Trust scoring that adjusts agent autonomy based on track record
**Article 12 - Record-keeping**
> "High-risk AI systems shall technically allow for the automatic recording of events throughout their lifetime."
KavachOS logs every authorization decision (allowed, denied, rate\_limited) with:
Agent and user identity
Resource and action requested
Full parameters
IP address and user-agent
Duration in milliseconds
Optional token cost (for LLM calls)
Records are written to `kavach_audit_logs` and are never updated or deleted by the SDK.
**Article 14 - Human oversight**
> "High-risk AI systems shall be designed and developed in such a way that they can be effectively overseen by natural persons."
KavachOS provides:
`requireApproval: true` permission constraint to gate sensitive actions behind human approval (CIBA flow)
Delegation depth limits (`maxDepth`) to prevent unbounded agent-to-agent chains
Revocation (`kavach.agent.revoke()`) that takes effect immediately
**Article 15 - Accuracy, robustness, cybersecurity**
KavachOS supports Article 15 through:
Token rotation (`kavach.agent.rotate()`) to limit credential exposure
Expiry management (`expiresAt`) for time-limited agent identities
IP allowlists and time window constraints at the permission level
The NIST AI Agent Standards Initiative (published February 2026) establishes baseline expectations for AI agent identity and access management.
**Identity provenance**
NIST requires that every agent action can be traced back to a specific identity. KavachOS links `agentId` and `userId` on every audit entry, creating a complete provenance chain.
**Least privilege access**
NIST recommends that agents operate with the minimum permissions necessary. KavachOS enforces this through:
Fine-grained resource+action permission model
`allowedArgPatterns` constraints to limit argument patterns
Scope-limited delegation that cannot exceed the delegating agent's own permissions
**Revocation and expiry**
NIST requires that agent credentials can be invalidated. KavachOS supports both immediate revocation (`kavach.agent.revoke()`) and time-based expiry via `expiresAt`.
**Audit trail**
NIST requires tamper-evident logs. KavachOS writes all entries to a database table with no update or delete path in the SDK. For tamper-evidence in production, use your database's audit log features or ship logs to an immutable store (e.g. AWS CloudTrail, Loki with object storage).
SOC 2 Trust Service Criteria relevant to AI agent access:
**CC6.1 - Logical and physical access controls**
KavachOS addresses CC6.1 through:
Agent identity management with unique IDs per agent
Permission-based access control (resource + action + constraints)
Token hashing (only the hash is stored in `kavach_agents.token_hash`)
Multi-tenant isolation via `tenantId`
**CC6.2 - User registration and authorization**
`kavach.agent.create()` enforces `maxPerUser` limits
Every agent has an `ownerId` linking it to an authenticated user
Permissions are explicit and auditable at creation time
**CC6.3 - Role-based access**
Permission model supports resource-scoped action grants
Delegation chains allow scoped sub-delegation with depth limits
Default permissions can be configured globally via `agents.defaultPermissions`
**CC7.1 - System monitoring**
Anomaly detection covers high-frequency calls, high denial rates, off-hours access, and privilege escalation attempts
All authorization decisions are logged regardless of outcome
**CC7.2 - Evaluation of security events**
`kavach.audit.query()` supports filtering by agent, user, action, result, and time range
`kavach.audit.export()` produces JSON or CSV for SIEM ingestion
ISO 42001 is the AI management system standard. Annex A.8 covers AI system operation.
**A.8.2 - AI system input data**
KavachOS logs the `parameters` field of every authorized action, giving you a record of what inputs were provided to agent-invoked tools.
**A.8.3 - AI system operation**
KavachOS provides operational controls through:
Rate limiting via `maxCallsPerHour` permission constraints
Time window restrictions via `timeWindow` constraints
IP allowlisting via `ipAllowlist` constraints
**A.8.4 - AI system output**
The audit log captures `result` (allowed/denied/rate\_limited) and `reason` for every action, supporting output-level review.
**A.8.5 - AI system performance monitoring**
Duration tracking (`durationMs`) on every audit entry
Token cost tracking (`tokensCost`) for LLM operations
`kavach.audit.getCostSummary()` aggregates costs by agent and day
## Generating compliance reports
The audit module provides export functionality for generating compliance evidence:
```typescript theme={"system"}
// Export all audit records for a time range as JSON
const json = await kavach.audit.export({
format: 'json',
since: new Date('2026-01-01'),
until: new Date('2026-03-31'),
});
// Export as CSV for spreadsheet review or SIEM ingestion
const csv = await kavach.audit.export({
format: 'csv',
since: new Date('2026-01-01'),
});
// Query specific events for a compliance review
const denials = await kavach.audit.query({
result: 'denied',
since: new Date('2026-01-01'),
limit: 1000,
});
// Cost summary for Article 15 / A.8.5 reporting
const costs = await kavach.audit.getCostSummary({
since: new Date('2026-01-01'),
});
```
## Retention
KavachOS does not automatically delete audit records. Configure retention at the database level using your database's native partitioning or TTL features, or via a scheduled cleanup job.
For EU AI Act Article 12 compliance, the Act currently specifies retention "for a period appropriate to the intended purpose of the high-risk AI system." The generally accepted minimum is one year from the last use of the system.
Do not delete audit records during a live compliance review or audit period. If you need to expire old records, do so only after retention obligations have been met.