What Is the Decision Provenance Standard?
The Decision Provenance Standard™ · v1.0 · open standard, CC-BY 4.0
The problem
Organizations make consequential decisions every day, increasingly through a mix of people and AI. Months later, someone asks: how was this decided, by whom, against what information, with what review? The answer usually has to be reconstructed from email and memory — slowly, unreliably, sometimes not at all. As AI authors more of the underlying work, the question only gets harder, and the line of responsibility gets blurrier.
The one idea
A small, fixed set of building blocks makes an organization's decisions affirmable, auditable, and resumable — whether a human or an AI did the underlying work — and that is how responsibility for decisions stays human as AI takes on more of it.
The Decision Provenance Standard is a record format: a defined way to write down how a decision was made, so it can be found, understood, and trusted later. The set of blocks is closed — you cannot invent new ones at runtime — which is what makes records comparable and gradeable across any organization.
The four fixed blocks
| Block | What it does |
|---|---|
| The Charter | Governs a recurring kind of decision (e.g., launch-readiness calls, pricing exceptions). States up front, in writing: the single human accountable, the dispatch mode, the schedule of records it keeps, and the triggers that reopen the decision. It moves through five states in one direction and never backward. |
| The two Modes | Every decision is dispatched as Mode 1 — Human-Led, AI-Enforced (a human authors; an AI checks the human's work against the Charter) or Mode 2 — AI-Led, Human-Reviewed (an AI authors the analysis; a named human reviews and signs off before any action). The enumeration is closed: no third mode, no fuzzy "AI-assisted" label. |
| The human signature and seal | A record moves draft → reviewed → affirmed. It becomes affirmed only when a named human performs an explicit act — a signature — and at that moment it is sealed with a tamper-evident hash. There is no passive promotion: a record never drifts into "approved" because time passed or a box auto-checked. |
| Conformance levels | Three cumulative, self-declared levels — Level 1 (Charter structurally complete), Level 2 (every record carries its mode and AI disclosure, no silent drift), Level 3 (triggers fire on schedule, the schedule is queryable on demand). No body certifies them. |
Who it is for
Product and operations leaders who own recurring decisions; governance, risk, and internal-controls functions who need a locatable trail; and counsel and auditors who consume that trail as one input to their own work. Adoption is voluntary and incremental — the path is Charter-first: author one Charter for a real recurring decision, name the accountable human, declare the mode, produce records, self-declare Level 1, then work upward.
What it is NOT — the firewall
The records are audit-ready decision provenance: structured input that counsel and auditors convert into evidence, certifications, or attestations.
- They are input, not evidence — not certification, not attestation, on their own.
- The Standard informs frameworks without satisfying them — it informs NIST AI RMF, ISO/IEC 42001, the EU AI Act, and others without satisfying any of them.
- Conformance is self-declared — no body certifies it.
- The Standard is not legal advice and not a regulatory substitute.
The Standard structures the inputs; the human professional's review is what gives any implementation its weight.
Jurisdiction assumed: U.S. federal and Delaware (primary); United Kingdom, the European Union, and Israel (named secondaries). For any other jurisdiction, treat every statement here as a hypothesis to verify with local counsel.