Get in Touch
Our excellent customer support team is ready to help.
Governance added after deployment is a compliance exercise. Governance built into the context layer is operational control: auditable, scalable, and embedded in how work actually gets done.
Every major AI governance failure shares the same root cause: the governance layer was designed separately from the AI system itself, then applied on top after deployment. Policy documents, review checklists, and audit processes were layered onto AI outputs that were never designed to be auditable.
The result is governance that satisfies regulators on paper but provides no operational control. Errors still propagate. Bias still goes undetected. Accountability is still unclear when something goes wrong. And when auditors ask for evidence, teams scramble to reconstruct documentation that was never captured in the first place.
Kendall's approach is the opposite. Governance is not a wrapper applied to AI. It is a property of every Context Block in the system. Provenance, validation status, expiry policy, and oversight requirements are captured at the point of context creation, not reconstructed afterward.
Most AI governance frameworks produce documentation for auditors and board presentations. They do not change how AI systems receive inputs or how outputs reach decision-makers. Nothing in the operational process is actually governed.
When an AI output is wrong, harmful, or non-compliant, organizations cannot trace it back to which context input caused the failure. The audit trail does not exist because context was never structured or versioned. Compliance cannot be demonstrated and failures cannot be systematically fixed.
Governance policies assign accountability to job titles but provide no mechanism for that accountability to function. The CDAO is responsible for AI risk, but has no structured way to see what context is flowing into production systems or whether it has been validated.
AI systems change. Organizational context drifts. Regulations update. Governance programs built as one-time assessments are stale within months. Without a continuous improvement loop built into operations, compliance degrades silently.
Every failure mode on that list has the same fix: structure the context before it reaches the AI, not after the output causes a problem. This is how the Kendall Framework does it.
Policies, processes, roles, constraints, and decisions are captured in structured Context Blocks during a Context Sprint. Each Block carries provenance, validation status, ownership, and an expiry policy at the point of creation.
Context Blocks are held in a governed Context Warehouse, versioned and tagged for retrieval. Every Block has a named owner and a review cycle. The AI always draws from current, validated context rather than undated, unattributed documents.
Before any AI use case goes to production, a full AI BoM is compiled: every Context Block in scope, every data source, every constraint, every human oversight checkpoint. This becomes the audit record that regulators and boards can inspect.
The Context Center of Excellence runs quarterly review cycles, updates Blocks as organizational context changes, and keeps the AI BoM portfolio current. Governance does not degrade when people leave or initiatives change.
The AI Bill of Materials is the primary governance artifact produced by the Kendall Framework. A structured, version-controlled inventory of every context input, data source, decision point, constraint, and oversight requirement that feeds a specific AI use case.
The AI BoM directly addresses EU AI Act Articles 9, 11, and 13. It maps to ISO/IEC 42001 Clause 8.4 and provides the evidence base for audit and certification.
When an AI output is wrong or harmful, the BoM provides the audit trail to trace the failure to its context root cause. Systematic improvement becomes possible rather than ad hoc patching.
The BoM gives CDAOs, risk committees, and boards a concrete, structured view of what each AI system uses and how it is governed. AI oversight becomes documented operational control.
The BoM establishes a versioned baseline for every use case. When AI accuracy changes or organizational context evolves, it provides the starting point for systematic review, not a blank-sheet rebuild.
The Kendall Framework is not retrofitted for compliance. Regulatory requirements are built into the Context Block structure, the AI BoM format, and the provenance requirements of every Context Block from the ground up.
For high-risk AI systems in HR, credit, law enforcement, education, and critical infrastructure. Kendall's AI BoM directly addresses Articles 9, 11, and 13. Article 4 literacy requirements are satisfied by the AI Literacy program.
The first certifiable international standard for AI management systems. The Kendall Framework is designed to produce the documentation, evidence, and operating records that ISO/IEC 42001 certification audits require.
GDPR requires organizations to demonstrate the basis for processing personal data in AI systems. Context Block provenance records provide the documentation trail that shows what personal data was used, under what authority, and with what controls in place.
The form has been successfully submitted.
Our excellent customer support team is ready to help.
Our excellent customer support team is ready to help.
Our excellent customer support team is ready to help.