Advanced2-3 hoursPython · Python

Compliance & Evidence Agent

Fast Start

What you will have in minutes

A locally running, ECZ-ID-backed agent scaffold with resolver-verifiable identity hooks, a credential manifest, and Resolver verification ready to run.

What you do first — in order

1Get starter scaffold— copy starters/[kit-slug]/ from the Developer Gateway2Install dependencies— Python 3.10+ or Node 18+3Go to TrustOps /start— acquire ECZ-ID credentials4Paste credentials— into your config file5Run locally— test identity flows6Verify via Resolver— confirm verifiable status7Deploy into your environment— no vendor lock-in

What comes back from TrustOps

Agent ECZ-ID(s)
Credential manifest (JSON, discovery only)
API keys issued in TrustOps

Success looks like

Resolver returns a resolver-verifiable state for your Agent ECZ-ID. You can share it with any party without an account.

1What This Kit Builds

An automated compliance evidence collector and audit trail assembler with ECZ-ID provenance anchoring. This agent continuously gathers compliance evidence, maps it to regulatory frameworks, and produces resolver-verifiable audit packages designed for organisations where compliance is not optional.

2Who It Is For

Compliance teams, GRC professionals, and developers building automated compliance workflows. Ideal for regulated industries (finance, healthcare, critical infrastructure) where every piece of compliance evidence must be traceable to a resolver-verifiable identity.

3Why ECZ-ID Matters Here

Compliance evidence without verified provenance is just documentation. ECZ-ID transforms compliance outputs into resolver-verifiable, identity-anchored evidence packages that regulators, auditors, and insurers can independently verify.

4Architecture

Evidence Collector

Automated collection of compliance evidence from configured data sources with identity context.

Framework Mapper

Maps collected evidence to regulatory framework requirements (ISO, SOC2, GDPR, EU AI Act).

Provenance Anchoring

Every piece of evidence is anchored to verified ECZ-ID identity with immutable provenance chains.

Audit Trail Assembler

Produces structured audit packages with complete provenance from evidence to identity.

Report Generator

Generates compliance reports with embedded trust metadata and verification endpoints.

Continuous Monitoring

Ongoing evidence-state monitoring with identity-anchored alerting.

5Build Steps Overview

Clone the compliance evidence starter

Pull the template with regulatory framework scaffolding.

Install dependencies

Install the ECZ-ID SDK, evidence processing libraries, and framework templates.

Select regulatory frameworks

Configure which compliance frameworks your agent will map evidence against.

Define evidence sources

Specify where the agent collects compliance evidence from.

Review provenance patterns

Understand how evidence anchoring works before credentialing.

Trust Map

Required Passports

ECZ-ID Business PassportAgent CredentialRisk & Policy Passport

Recommended Passports

Dataset PassportCyber Resilience PassportSoftware Supply Chain Passport

Relevant Packages

KYA Ready Pack™Cyber Governance Pack

What Each Enables

ECZ-ID Business Passport: Organisation identity anchoring all compliance evidence

Agent Credential: Verified compliance agent identity for audit trails

Risk & Policy Passport: Formal attestation of compliance capabilities

Dataset Passport: Verification of evidence data source provenance

6TrustOps Credentialing Checkpoint

TrustOps Credentialing Checkpoint

Pause here to acquire your required ECZ-ID trust objects

This is a designed pause point in your build process. Before continuing, you need to acquire the required ECZ-ID passports and credentials from TrustOps. This midpoint credentialing approach ensures your agent is built with resolver-verifiable identity from the start—not bolted on after the fact.

Required Passports

ECZ-ID Business Passport
Agent Credential
Risk & Policy Passport

Recommended Passports

Dataset Passport
Cyber Resilience Passport
Software Supply Chain Passport

Relevant Packages

KYA Ready Pack™Cyber Governance Pack

What You Must Acquire in TrustOps

ECZ-ID Business Passport

Enables: Parent identity for your compliance infrastructure

Agent Credential

Enables: Resolver-verifiable identity for the compliance evidence agent

Risk & Policy Passport

Enables: Attestation of risk posture and policy compliance capabilities

Dataset Passport (recommended)

Enables: Verification of evidence data source provenance

What You Bring Back from TrustOps

Agent ECZ-ID

Compliance agent’s resolver-verifiable identity string

Risk & Policy Credential

Attestation of compliance capabilities and framework coverage

API Keys

Production ECZ-ID API keys for evidence anchoring

Evidence Signing Keys

Keys for signing compliance evidence with resolver-verifiable identity

Continue in TrustOps View Required ECZ-ID Package

9Return and Complete Integration

With your TrustOps credentials in hand, return here to complete the final build steps.

Inject compliance credentials

Add Agent ECZ-ID and evidence signing keys to the agent configuration.

Configure evidence anchoring

Wire ECZ-ID provenance anchoring into every evidence collection path.

Map framework requirements

Complete the mapping of evidence sources to regulatory framework requirements.

Test evidence collection

Run the agent in sandbox and verify evidence provenance chains.

Validate audit packages

Confirm generated audit packages are resolver-verifiable.

10Verify Through Resolver

Verify agent identity

Query the compliance agent’s ECZ-ID through Resolver.

Verify evidence provenance

Trace any piece of compliance evidence back to its verified source through Resolver.

Audit report verification

Verify the complete audit package, including all embedded trust metadata.

Check continuous compliance

Look up ongoing evidence-state and monitoring evidence records.

Verify with Resolver

11Deploy Into Your Environment

ECZ-ID-backed agents are portable. Your resolver-verifiable identity travels with your agent regardless of deployment target after TrustOps and Resolver checks. No vendor lock-in.

Secure cloud environments (AWS GovCloud, Azure Government)

On-premise data centres

Hybrid cloud with data residency controls

Air-gapped environments

Kubernetes with security policies

Managed compliance platforms

12Limits & Non-Claims

This kit does not provision credentials. All credentialing happens through TrustOps.
This kit does not replace legal compliance advice. It provides infrastructure for evidence management.
Evidence quality depends on source data quality and collection configuration.
Regulatory framework mappings are templates that require customisation.
Compliance attestation through ECZ-ID does not constitute legal certification.

Ready to Build This Agent?

Start with the build steps above, credential through TrustOps, and deploy your resolver-verifiable agent anywhere.

Continue in TrustOps View All Starter Kits