July 8, 2026 · 7 min read

What evidence buyers actually accept for your AI answers

When a reviewer reads the AI section of your security questionnaire, they are separating two kinds of answers without telling you which is which: what you say you do, and what you can show you do. The first kind fills the box. The second kind ends the review. Here is the hierarchy, from the answer that stalls a deal to the one that closes it.

Level 0: the assertion

"We redact PII before sending to the model." "Agent actions are logged." "We follow NIST AI RMF." These are claims. A careful reviewer reads them as unverified, and a burned one reads them as things to test. On their own they extend the review, because the next email is always "can you show us?"

Level 1: the artifact

A named mechanism instead of a promise. Not "we redact," but "a deterministic pass plus a local NER model strips SSNs, account numbers, and names before egress, here is the config." Not "we log," but the schema of what a log entry contains. Artifacts move faster than assertions because the reviewer can evaluate the thing, not your description of it.

Level 2: the trustworthy record

This is the level most vendors miss, and it is where regulated buyers actually live. A log you keep is not the same as a record the buyer can trust. The question a reviewer asks in an incident is not "do you have logs" but "could someone have quietly changed them." If an administrator can edit or delete an entry without a trace, the record proves nothing when it matters most.

Tamper-evidence closes that gap. A hash chain, where each entry commits to the previous one, makes any edit or gap detectable, so the record's integrity is verifiable rather than trusted. A signature on each entry, ideally from a validated cryptographic module rather than a hand-rolled routine, gives you non-repudiation that holds up when a counterparty is motivated to challenge it. At this level the record stops being a dashboard and becomes evidence.

Level 3: buyer-verifiable proof

The top of the hierarchy is a record the buyer can check without trusting you at all. They hit a verification endpoint, or you hand them an export, and they confirm the chain is intact themselves. Given a specific past decision, you reproduce exactly what the agent saw and did. This is the answer that reviewers stop pushing on, because there is nothing left to ask. It is also the answer almost no vendor can give, which is precisely why it closes deals.

Why this hierarchy is worth money now

Security-review friction became a revenue problem this year, not a compliance chore. Drata acquired SafeBase to automate exactly this pain on the vendor side. But the incumbents automate the document layer: they help you write and reuse answers. The evidence layer, proving what your agents actually did at runtime, is a different job, and it is the one that turns a Level 1 answer into a Level 3 one. If your deal is stalling on the AI section, the fix is usually not a better-written policy. It is moving one level up the hierarchy.

FAQ

Is a written policy enough to pass the AI section?

Sometimes, for lower-stakes buyers. For anyone regulated or buying agents that touch their data, a policy is the floor. They increasingly ask you to show the control working, not just describe it.

What is the difference between a log and evidence?

A log is a record you keep. Evidence is a record the other side can trust. The gap is tamper-resistance: if an admin can quietly edit or delete an entry, a reviewer cannot rely on it, so it is a log but not evidence.

Do buyers really verify evidence, or just ask for it?

Most ask and read. The mature ones spot-check: they pick one claim and ask you to reproduce it. Being able to replay a specific past decision is what separates a real answer from a confident one.

We are pre-SOC 2. Can we still give strong evidence?

Yes. SOC 2 is organizational assurance. AI-section evidence is about your models and agents specifically, and you can produce inventory, data-flow, and runtime records without a completed audit.

Not sure which level your answers sit at? The 2-minute AI-CAIQ readiness check scores where your deal will stall, and the Review Kit turns each gap into an answer at the level reviewers accept. For the full question list with answer guidance, see the 20 questions, answered.

Written by Dmitrii Karataev. Twenty years in infrastructure and security. Runs AI governance inside a US consumer-finance company. Sources linked inline; corrections welcome at hello@daylite.ai.