DEV Community

Srinivas Kondepudi
Srinivas Kondepudi

Posted on

Chron Intelligence Phase 1 complete: SOC 2, ISO 27001, EU AI Act, and NIST AI RMF, deterministically, with no AI in the execution path

Chron Intelligence Phase 1

Phase 1 of Chron Intelligence is complete. Chron now supports four deterministic compliance frameworks for AI coding sessions — SOC 2, ISO 27001, EU AI Act, and NIST AI RMF — with the same finding workflow across all of them.

This post covers how the framework layer works, why we kept AI out of the execution path, and where it's going next.

The problem we are solving

AI coding tools now touch auth code, modify Terraform, handle credentials, change deployment pipelines, and update risk scoring logic. Most teams have no structured record of this. When an auditor asks "what did your AI assistant do to access-control code last quarter?" — the answer is usually silence.

Chron fixes the audit trail. The review layer turns that trail into compliance evidence.

How the review layer works

chron review --framework=soc2
chron review --framework=iso27001
chron review --framework=euaiact
chron review --framework=nist-ai-rmf
Enter fullscreen mode Exit fullscreen mode

Each command scans your Chron session history and flags findings against the selected framework. No model inference. No API calls. Pure pattern matching on structured events Chron already captured — code_change, secret_detected, tool_call.

The rule engine is deterministic: a rule fires if the path contains a keyword or a secret was detected. That is the entire execution path. No model decides what counts.

Four frameworks, same workflow

SOC 2 — 5 rules

Controls: CC6.1, CC6.6, CC6.7, CC7.2, CC8.1

Covers AI touching access-control code, credential detection, infrastructure/deployment changes, logging/monitoring changes, and data retention logic.

ISO 27001:2022 Annex A — 6 rules

Controls: A.8.2, A.8.3, A.8.12, A.8.20, A.8.24, A.8.31

Covers privileged access changes, access restriction code, sensitive data in session, network security config, cryptographic code, and production environment files.

EU AI Act (Regulation 2024/1689) — 6 rules

Controls: Art. 9, Art. 10, Art. 12, Art. 13, Art. 14

Covers risk management/guardrails (Art. 9), data governance and sensitive data (Art. 10), record-keeping/audit logging (Art. 12), transparency/explainability code (Art. 13), and human oversight mechanisms (Art. 14).

NIST AI RMF 1.0 — 7 rules

Controls: GOVERN 1.1/1.2, GOVERN 6.1/6.2, MAP 1.1/5.1, MAP 3.5, MEASURE 2.1/2.5, MEASURE 2.7, MANAGE 2.2/4.1

Covers AI governance policy changes, human oversight code, risk assessment/threat modelling, sensitive data in session, model evaluation pipelines, monitoring/drift detection, and incident response/fallback code.

Finding workflow

Every finding has a stable SHA-256 ID — deterministic from rule_id:session_id. It does not change between runs. You act on it once:

chron review accept abc12345 --note="reviewed with security team, PR #512 approved"
chron review dismiss abc12345 --note="test fixture, not production code"
chron review resolve abc12345 --note="credential rotated, no commit exposure confirmed"
Enter fullscreen mode Exit fullscreen mode

Next run, reviewed findings do not reappear as noise. New findings — from sessions since your last review — surface cleanly. --all shows everything including reviewed items.

HTML evidence report

chron review --framework=nist-ai-rmf --output=report.html
Enter fullscreen mode Exit fullscreen mode

Generates a printable HTML report. Each framework produces the correct cover page: "NIST AI Risk Management Framework (AI RMF 1.0)", "not an AI RMF assessment", Article-specific methodology for EU AI Act, Annex A for ISO 27001. The disclaimer is always on page one: findings are potential review items, not violations.

Why no AI in the execution path

The obvious question: why not ask a model to evaluate findings?

Two reasons.

You cannot audit an AI's reasoning. If a model decides a finding is real or dismissed, there is no inspectable rule to challenge. Human-designed rules are reviewable, editable, and arguable. If a rule fires on a test fixture, you dismiss it with a note. If the rule is wrong, you open an issue.

Models overclaim. A model asked "does this violate CC6.1?" will give a confident-sounding answer. That answer is not evidence. A licensed CPA or ISO 27001 auditor needs to evaluate whether your controls were suitably designed and operated effectively — a judgement call that no model output replaces.

The constraint that keeps this trustworthy: AI explains, never decides. Rules execute deterministically. AI will eventually help generate evidence narratives and answer natural-language questions about your session history — but the findings themselves come from rules a human can read and reason about.

Honest coverage

Chron does not cover every control in any of these frameworks. A full SOC 2 examination covers CC1–CC5 (governance, communication, risk assessment) which require board records and policy documents — not session logs. NIST AI RMF has ~70 subcategories; Chron's rule pack touches 11 of them.

The honest architecture:

Chron today:
  AI session evidence → targeted deterministic controls

Chron next:
  AI session evidence + policy docs + CI/CD + repo evidence → broader coverage
  Each control marked: covered / needs_evidence / manual_review / out_of_scope

CLAIIM:
  organisation-wide evidence + approvals + policies → full governance workflow
Enter fullscreen mode Exit fullscreen mode

Phase 2 adds control maps for every framework — so users can see exactly which controls Chron covers from session logs and which need additional evidence sources.

What's next

  • Control maps — full list of every control in each framework, classified as covered, needs_evidence, manual_review, or out_of_scope
  • Session risk scoring — deterministic risk score at session close based on findings, severity, and code-change volume
  • chron risk --since=30d — top risky sessions, risk reasons, trend view
  • Multi-session pattern detection — repeated control triggers across sessions
  • Evidence connect — bring in policy docs, CI/CD events, repo signals to unlock broader framework coverage

Try it

npm install -g chron-mcp
Enter fullscreen mode Exit fullscreen mode

Already installed:

chron update
Enter fullscreen mode Exit fullscreen mode

Add to Claude Code, Cursor, Windsurf, or any MCP-compatible tool. Run chron doctor to verify. Start a session. Then:

chron review --framework=nist-ai-rmf --output=report.html
Enter fullscreen mode Exit fullscreen mode

204 tests. Four frameworks. One workflow. If you're handling AI governance questions in a SOC 2, ISO 27001, EU AI Act, or NIST AI RMF context — I'd like to hear what you're running into.

Top comments (0)