Decision before action - executive briefing.
What leadership should know about consequential AI: current public state, proof before impact, and fail-closed decisions before action.
Leadership should start with the current posture.
Start with the current public posture, then route security, procurement, or licensing to the correct next step. The same state bundle now powers all reviewer views.
Verify → Permit → Gate
Evidence is replayed offline. Missing signatures or missing pointers must yield HOLD (fail‑closed).
Attach to a ticket
One URL, one ZIP, one PDF — deterministic verification (PASS / FAIL / HOLD).
- DSSE URL (1) — evidence pointers:
/.well-known/mvg-procurement-ticket-pack.dsse.json - Ticket Pack ZIP (1) — offline verifiers + receipts
- Security Review Packet (1) — architecture + threat model + evidence pointers
Tip: DSSE Viewer can generate Copy for Jira / ServiceNow blocks.
Identity & responsibility
Procurement diligence starts with: who we are and who can stop a release. MVG publishes both as receipts.
- Company (KYB) — verified entity + official channels
- Governance — stop authority + escalation path + incident posture
Audit door: Trust Center (Copy for auditors).
Measured impact — not promises
- Side effect prevention: unpermitted action attempts → HOLD/DENY rate
- Audit replay success: reproducible offline verification rate
- Time to approval: procurement ticket completion time (method published)
Not a certification. Signed artifacts are authoritative; web pages are display-only.