Runback already computes live, per-control status against EU AI Act, ISO 42001, NIST AI RMF, and APRA CPS 230 from your actual run data — the same dashboard your team uses today. This integration exposes that same data to EAAPL through a separate, read-only key, so its evidence pack reflects a verified status instead of a self-reported checkbox.
The compliance_read key is deliberately narrower than the ingest key your agents use — it resolves to exactly one endpoint and returns only control status, coverage counts, and evidence links. It cannot ingest, and it never sees a prompt, a tool payload, or customer data. Generate one from Settings (Enterprise plans) and hand it to EAAPL instead of your ingest key.
| Runback capability | CPS 230 control | Evidence type |
|---|---|---|
| Alert rules + audit ledger | Incident identification & escalation | ledger |
| Signed, hash-chained audit trail | Incident recording | audit_log |
| Policy engine fail-open/fail-closed | Business continuity — critical operations | policy_block |
| Compliance report export | Operational risk review & reporting | report |
Same underlying mapping used in the in-app Regulatory dashboard — nothing computed twice, nothing EAAPL-specific about the numbers themselves.
The key exists today — generate one from Settings. EAAPL's side of the pull is rolling out to design partners first; tell us about your setup and we'll get you connected.