The operational problem
When the regulator, the board, or adversarial discovery asks the question — show me the evidence that your AI is defensible — the institutional answer is one of two things. Either the function produces a current, signed, indexed register that holds the contemporaneous proof per AI system and per risk class, or the function produces a narrative document that gestures at evidence held in fragmented places by named individuals who may or may not still be in role.
The first answer is a defensible institutional posture. The second is the founder’s memory dressed as governance.
The Evidence Register Architecture defines the canonical structure that turns the first answer from aspiration into operational practice. Without it, the Defensibility Posture Statement is a narrative built on a fragmented evidence base, and the Annual Audit cannot sample the function’s defensibility claims to any meaningful standard.
Legal AI OS Relevance
The Evidence Register Architecture sits at the intersection of Pillar P4 (Governance, Risk & Defensible AI) and the Governance Layer (Layer G). It produces evidence for two Defensibility Elements:
- DE-2 Methodology transparency — the register’s own structure and population discipline evidence that the function operates a documented evidence methodology
- DE-3 Evidence framework — the register is the evidence framework; a populated, current register is the substrate of DE-3 by definition
Anchoring to Bands 3, 4, and 5 (Integrated → Optimised → Defensible), the Module is the operational instrument that distinguishes a Band-3 function (governance integrated across the operating layers) from a Band-2 function (governance present but evidence fragmented). At Band 4 the register is operated at quarterly cadence with audit-readiness scoring. At Band 5 the register feeds an institutional Defensibility posture defensible to a regulator across all nine canonical Risk Taxonomy classes. Methodology v2026.1.
Pillar Alignment
Pillar 4 (Governance, Risk & Defensible AI) is the institutional capability that holds AI accountable through documented proof. Every other Pillar produces work; Pillar 4 produces evidence that the work was governed. The Evidence Register is the operational substrate where that evidence lives.
The Pillar 4 posture this Module advances: from defensibility-claim-without-substrate to one row per AI system × per Risk Taxonomy class, with named evidence holder, last-verified date, and audit-readiness score.
Operating Layer Impact
The Governance Layer (Layer G) is where institutional constraint operates. The Evidence Register is the Layer-G artefact that every other Layer feeds. Strategy Layer (S) decisions write into the register at the Concept-stage gate. Execution Layer (E) workflow runs write into it at the Operate-stage cadence. Measurement Layer (M) telemetry produces some of the records the register indexes. Optimisation Layer (O) variance decisions write into it at the quarterly refresh.
The register itself does not operate the function — it records what the function operated. That recording discipline is what turns the function’s defensibility from claim into evidence.
Maturity Band Relevance
The Module strengthens the Defensibility lens of the Maturity Stack.
From Band
To Band
Defensibility-lens shift
3 — Integrated
4 — Optimised
Register exists → register is operated at quarterly cadence with audit-readiness scoring per row
4 — Optimised
5 — Defensible
Quarterly cadence → register feeds the institutional Defensibility posture; gap remediation enforced through the Governance Cadence
5 — Defensible
(sustaining)
Defensible posture durable across capability churn; annual external attestation possible
Functions below Band 3 typically build their first register from zero — 4 hours per system; the initial pass is a substantial undertaking and benefits from advisory. Band 3+ functions operate the quarterly refresh in 1 hour per system. Functions at Band 5 may have an external attester sample-audit the register annually.
Operational Outcomes
Operating the Architecture produces four institutional artefacts:
Artefact
Purpose
DPS evidence stream
Evidence Register — per AI system × per Risk Taxonomy class
The primary governance substrate; what evidence is held, by whom, when last verified
DE-2 + DE-3 (primary)
DPS Evidence Framework section input
The register’s structure feeds the Statement’s Element 3 directly
DE-3
Audit-readiness scoring summary
Each row scored against the audit-readiness rubric: held, indexed, verified-within-window, retention-compliant
DE-3
Gap remediation list with named owners and target dates
Empty cells in high-severity classes (1, 2, 6, 7) become standing remediation items in the Governance Cadence (GOV-15)
DE-2 + DE-3
Records are retained per the regulatory limitation period for the longest-running applicable jurisdiction, plus the full lifecycle of the AI system.
Defensibility and Governance Considerations
The Module produces evidence for DE-2 (Methodology transparency) and DE-3 (Evidence framework). The DE-3 production is canonical — the Evidence Register is the evidence framework at operational scale.
All nine Risk Taxonomy 2026 classes are covered by the register. The classes whose empty cells carry highest severity:
Class
Why an empty cell here is material
Class 1 — Hallucination
If the function cannot show evidence of hallucination controls per system, the regulator’s first question has no answer
Class 2 — Data leakage
Empty cell here is a structural failure of vendor data protection (DAT-03) — block until populated
Class 6 — Shadow AI
Empty cell here means the function does not know what is being used; block until reconciled with the AI BoM
Class 7 — Professional conduct exposure
Empty cell here is structural exposure under ABA Model Rule 5.3 — block until supervisor accountability documented
Empty cells in Class 1, 2, 6, or 7 are publication blockers for the Defensibility Posture Statement. The Governance Cadence treats them as standing remediation items until populated.
For Agentic Tier (Tier 3 + Tier 4) capability, the register requires:
- A row per capability per class
- A linkage to the Delegation-Authority Register (GOV-14) entry for the capability
- A linkage to the Materiality Calibration (GOV-16) row for each in-scope decision type
- The Evidence Register’s autonomous-action audit record per the Agentic Governance Charter (GOV-08)
The editorial-independence attestation applies — the Module makes no vendor-specific evidence-platform recommendations.
Institutional Use Cases
Use case 1 — A 200-lawyer in-house function at Band 3. The function had three AI systems and a narrative DPS. Standing up the Evidence Register produced 27 rows (3 × 9 classes); seven cells were empty on first population; four of those seven were Class 1 or 2. The Governance Cadence treated the four as immediate remediation; within two quarters all 27 cells were populated with verified evidence. The DPS Evidence Framework section moved from narrative to row-by-row defensible.
Use case 2 — A 14-partner firm at Band 4 adding Agentic Tier capability. The new Tier-3 capability triggered nine new rows (one per Risk Class). Three rows required new evidence streams that did not exist before: Class 9 (Accountability dilution) was satisfied by the Delegation-Authority Register entry (GOV-14); Class 1 was satisfied by the autonomous-action audit record per GOV-08; Class 8 (Professional conduct) required a new supervisor-attestation cadence. The capability did not deploy until all three streams were operational and the rows populated.
Use case 3 — A global energy GC office at Band 5. The function holds 18 capabilities × 9 classes = 162 rows. External attestation samples 18 rows per year (one per capability) and reports findings to the Audit Committee. The audit-readiness scoring rubric is the basis for the sampling and the score-trend over time is itself board-reported governance evidence.
Recommended Stakeholders
RACI role
Stakeholders
Owner
Legal Operations Lead
Approvers
General Counsel · Risk and Compliance
Contributors
AI Task Force · Engineering / IT
Informed
Board · Audit Committee · CIO / CISO
The Legal Operations Lead operates the register; the AI Task Force (STR-07) is the standing forum where empty cells and audit-readiness deltas are reviewed; the GC signs the quarterly DPS Evidence Framework section update.
Implementation Complexity
Dimension
Specification
First run per system
4 hours
Quarterly refresh per system
1 hour
Cross-team dependencies
IT (evidence holder identification) · Risk (class assessment) · Procurement (vendor evidence streams)
Self-serve viability
Partial — first run benefits from advisory; quarterly refresh is self-serve
Advisory recommendation
Programme Design for functions building the register from zero across more than 5 capabilities; Strategic Retainer for functions operating Tier 3+ capability at scale
The Module is methodology-versioned (v2026.1); each row’s last verified date and audit-readiness score are themselves the operating telemetry.
Inputs
Input
Source
AI system list
Capability Portfolio (SUS-10)
Risk Taxonomy 2026 class exposure map per system
GOV-04 + per-system risk assessment
Previous Evidence Register (quarterly refresh)
Self
Audit findings and close-call reports
Internal audit + GOV-05 incident records
Vendor AI BoM with evidence-stream attestations
VEN-07
Framework — the 9×n Register
Register structure
The canonical structure is a matrix: one row per AI system per Risk Taxonomy class. For n AI systems, the register is 9n rows.
Column
Content
Source
System
Canonical name from Capability Portfolio
SUS-10
Class
One of the nine Risk Taxonomy 2026 classes
Risk Taxonomy canon
Evidence held
One-line description of the proof record (e.g., “Quarterly hallucination eval result, GOV-09 protocol”)
Operational
Evidence holder
Named individual or system
RACI
Storage location
Canonical store with retention compliance
IT
Last verified
Date
Operational
Audit-readiness score
0–4 per scoring rubric
Audit-readiness rubric
Next review
Date
Operational
Gap status
Open / In remediation / Closed
Operational
Linked artefacts
Evidence Register entry IDs from related Modules
Cross-ref
Audit-readiness scoring rubric
Score
Criterion
0
No evidence held
1
Evidence claimed but not located on demand
2
Evidence located but not within retention SLA
3
Evidence located, within SLA, indexed
4
Evidence located, within SLA, indexed, sampled-attested within the quarter
Score-3 is the publication floor for the DPS Evidence Framework section. Score-4 is the institutional-grade target.
Population sequence
Step
Activity
Output
1
Capability Portfolio confirms in-scope system list
n systems × 9 classes = n × 9 rows
2
For each system, identify the evidence stream per class
First-pass evidence held / not-held flag
3
For each held-evidence cell, name the holder, storage, last-verified date
Populated rows
4
Apply the audit-readiness scoring rubric per row
Score per row
5
Identify all gaps (score 0 or 1) and route to remediation list
Gap list with owners
6
Identify Class 1/2/6/7 gaps and escalate to next Governance Cadence
Standing remediation agenda
Quarterly refresh discipline
Activity
Cadence
Output
Per-row last-verified date refresh
Quarterly
Updated dates
Per-row audit-readiness re-score
Quarterly
Score delta
New-capability rows added
On capability deployment
New rows
Decommissioned-capability rows archived
On capability sunset
Archive entries with retention-clock continuation
Gap remediation status update
Quarterly
Gap-list delta
Class 1/2/6/7 gap escalation
Quarterly
DPS publication block until cleared
Worked Example
A 200-lawyer in-house function at Band 3 stands up the register across the canonical 4-hours-per-system initial pass.
Activity
Output
Hour 1 — System 1 (contract review tool): identify evidence streams per class
9 cells populated; 2 gaps (Class 1, Class 6)
Hour 2 — System 1: name holders, storage, last-verified per held cell
Rows scored 2–3
Hour 3 — Systems 2 + 3 baseline (research-augmentation, eDiscovery): same pattern
18 additional cells; 5 additional gaps
Hour 4 — Audit-readiness scoring across all 27 rows; gap list compiled
First Evidence Register v1.0
Class 1 gap (System 1) routed to GOV-09 (Eval Harness) for remediation in the next quarter. Class 6 gap (System 1) routed to the AI Task Force for AI BoM reconciliation. By quarter 2 both gaps populated, scored 3, and the DPS Evidence Framework section published with row-by-row defensible evidence.
Common Failure Modes
Failure mode
Detection signal
Recovery
Register exists but not refreshed
Last-verified dates older than the quarterly cadence
Bind refresh to the Governance Cadence; require Chair sign-off
Evidence holder named but not in role
Cell named “Legal Operations Manager” with no specific individual; turnover loses the audit trail
Name individuals + role; transition entries on departure
Audit-readiness scores stale
Scores from last quarter applied this quarter without re-evaluation
Quarterly re-score is mandatory; binary attestation per row
Gap remediation slips
Class 1/2/6/7 gap open beyond two quarters
Escalate to GC + Audit Committee; treat as DPS publication block
Storage retention non-compliant
Evidence claimed held but retention window lapsed
Standing IT check on retention vendor configuration
New capability not added to register
AI BoM has system n+1 but register still has n × 9 rows
Bind register addition to the Capability Portfolio (SUS-10) refresh
External attestation finding ignored
Audit finding flagged but not actioned by next Governance Cadence
Bind attestation findings to standing remediation list
Edge Cases
The Module does not apply when:
- The function operates no AI capability — no AI BoM, no systems, no register rows. Run STR-07 + GOV-02 first; the Register activates when the first capability deploys.
- The function operates under a parent organisation’s enterprise-wide Evidence Register — the Module produces sub-rows that feed the parent’s enterprise register; the function’s own register is the sub-extract.
- The function operates AI capability in a jurisdiction whose regulator mandates an alternative evidence-register structure — the structure adapts; the discipline remains.
- The function is at Band 1 or 2 — the Module is premature; build Bands 1-2 through CHG-01 + GOV-01/02/03 first, then deploy the Evidence Register at the Band 3 transition.