Daily AI Agents Discuss an engagement
Menu
Method notes

The Receipt Ladder.

A demo tells you the system can work once. The Receipt Ladder tells you what it does now, who owns it, what can stop it, and what evidence survives after the meeting.

Five rungs

Baseline before confidence.

00

Baseline

Name the surface, the decision it affects, the current behavior, the available evidence, and the human owner. No score before the starting point exists.

01

Boundaries

Write down what the system may read, decide, change, and send. Separate a recommendation from an action. Put high-impact action behind a person.

02

Checks

Define what must pass before release: required evidence, refusal conditions, escalation paths, and the exact owner of an exception.

03

Separate check

Do not let the builder grade its own output. Use separate evidence and planted failures to prove the check can say no.

04

Receipts

Keep the input, rule, time, outcome, and source needed to reproduce the decision. Re-run after material change and record drift instead of overwriting it.

Standards-informed, not badge theater

A map for the work. Not a claim of certification.

NIST

NIST AI RMF 1.0

We map owners and evidence to selected outcomes across the voluntary NIST AI RMF 1.0 Core. A use-case profile still has to fit the organization, risk tolerance, and resources.

OWASP

Agentic Top 10, 2026

Boundaries and checks are set against agent-goal hijack, tool misuse, identity and privilege abuse, insecure communication, cascading failures, and the rest of OWASP's agentic threat taxonomy.

ISO

ISO/IEC 42001:2023

The owner, monitoring, review, and continual-improvement rungs are informed by ISO's public description of an AI management system. This mapping does not establish conformity with the standard.

EU

AI Act, Article 50

For covered direct-interaction systems, disclosure is a user-visible requirement: clear, accessible, and delivered by the first interaction or exposure unless the AI nature is obvious in context.

Limits

The Receipt Ladder is evidence work, not an endorsement.

A mapping is not NIST approval, OWASP endorsement, ISO conformity, legal advice, or a promise of security. It is a disciplined way to find missing evidence and make ownership explicit.