COMPLIANCE MAPPING

How RANKIGI maps to regulatory frameworks.

Control-by-control evidence mapping for five major frameworks. Every verified action generates evidence automatically.

RANKIGI does not help you fill out compliance questionnaires. RANKIGI provides audit trail evidence that supports your compliance program. We do not hold certifications under these frameworks.

These tables show how RANKIGI’s controls map to compliance framework requirements. RANKIGI is not certified under any of these frameworks. Do not rely on this mapping as evidence of compliance.SOC 2: Audit engagement planned Q4 2026. Not yet certified.
HIPAA: Self-attestation in progress. No third-party certification.
ISO 42001: Readiness assessment planned. No certification body engaged.
EU AI Act: Compliance mapping complete. No certification body engaged.

EU AI Act [Mapping only, not certified]

Regulation (EU) 2024/1689 · European Union

Control	Name	RANKIGI Feature	Evidence
Article 9	Risk management	Policy Engine, Behavioral Drift	Policy audit trail
Article 12	Record-keeping	Hash Chain, Event Ledger	Append-only event log
Article 13	Transparency	Intent Chain, Audit Reports	Encrypted reasoning records
Article 14	Human oversight	Human Accountability Layer	Owner acceptance records
Article 17	Quality management	Production Readiness Score	Monthly audit dossier

SOC 2 Type II [Mapping only, not certified]

AICPA Trust Services Criteria · United States

Control	Name	RANKIGI Feature	Evidence
CC6.1	Logical access controls	Agent Passports, API key management	Agent Passports (Ed25519) + RBAC + tenant isolation
CC6.2	Authentication	Ed25519 passports, key rotation	Supabase Auth + JWT + MFA
CC7.1	System monitoring	Behavioral Drift Detection	Hash chain + Sigstore Rekor anchoring
CC7.2	Anomaly detection	Policy Engine, Shadow Detection	Hash chain + Sigstore Rekor anchoring
A1.2	Change management	Incident Replay, Hash Chain	Hash chain + RFC 3161 timestamps

HIPAA Security Rule [Mapping only, not certified]

45 CFR Part 164 · United States

Control	Name	RANKIGI Feature	Evidence
164.312(b)	Audit controls	Hash Chain, Event Ledger	Hash chain + Sigstore Rekor
164.312(c)	Integrity	Tamper Detection, Chain Verification	Hash chain
164.308(a)(1)	Risk analysis	Behavioral Drift, Readiness Score	Risk assessment + Agent Passports + RBAC

ISO/IEC 42001:2023 [Mapping only, not certified]

2023 · International

Control	Name	RANKIGI Feature	Evidence
6.1	AI risk assessment	Policy Engine, Risk Scoring	Audit trail
6.4	AI risk treatment	Policy Marketplace	Policy engine
8.4	AI system operation	Hash Chain, Audit Trail	Hash chain
9.1	Monitoring and measurement	Dashboard, Audit Dossier	Audit trail
10.1	Nonconformity	Incident Replay, Alert System	Hash chain

PCI-DSS v4.0 [Mapping only, not certified]

4.0 · International

Control	Name	RANKIGI Feature	Evidence
10.2	Audit logs	Hash Chain, Event Ledger	Hash chain
10.3	Tamper detection	Chain Verification	Hash chain
12.3	Risk assessment	Behavioral Drift, Readiness Score	Audit trail

Need a custom framework mapping? Enterprise includes custom compliance templates. Contact enterprise@rankigi.com