How to Adopt It

Ninety days to a working program, five years to vendor pressure that actually moves

"Adoption is not a project. It is a pressure campaign. Every registry entry you create makes the next one easier. Every questionnaire you send makes the next vendor answer faster."

Part 1 named the governance gap. Part 2 showed the framework: Score, Registry, Control, six KPIs, three categories, ten rules. Part 3 is the playbook. Ninety days to a working v0. Twelve months to a steady-state program. Two years to the point where your vendors answer the questionnaire without asking what it is.

The Four Phase Adoption Roadmap

CIRCUIT is designed to be adopted in a sequence a normal enterprise security team can actually execute. The staffing assumed: one CISO or AI governance lead as sponsor, one program manager, one or two security engineers part-time, and collaboration from ML, platform, and procurement.

Phase 1 — Foundation (Days 0–90)

Goal: a working registry with entries, a questionnaire in flight, and a dashboard you can demo.

  • Stand up the registry. Clone the reference schema from the GitHub repo. Put it in the same Git org as your other IaC. Wire it into your existing agent or model inventory.
  • Seed every known model at IMS 0. Do not try to be accurate. Just be complete. An IMS 0 entry is better than no entry.
  • Issue "Show Me Your Circuits" to your top ten AI vendors. Not the long tail. The ten that touch the most users or the most sensitive data. Set a 30-day response window.
  • Dashboard v0. A read-only render of the registry, CRS computed, band coloring, and nothing else. Ship it behind SSO.
  • Write the policy addendum. One page. Registry exists, ten rules apply, AIGC uses CRS bands as the approval ladder. Get it signed.
Phase 1 Exit Criteria

Registry in production · ≥ 90% of known models have a v0 entry · Ten questionnaires out · Dashboard visible to the AIGC · Policy signed

Phase 2 — Inventory (Days 90–180)

Goal: accurate baselines, first circuit-aware red team, Category C triaged.

  • Baseline IMS across the fleet. Most entries will land at IMS 1 (behavioral logs). Some will reach IMS 2. A handful of Category A models with ML team support will reach IMS 3.
  • Measure the six KPIs on the top quartile by CRS. Focus on Red and Amber-adjacent systems. Use Gemma Scope 2 for Gemma-based systems. Use circuit-tracer and Neuronpedia for Category A.
  • First circuit-aware red team. Scope to the two or three highest CRS systems. Tag findings with MITRE ATLAS technique IDs (AML.T0051 prompt injection, AML.T0043 model evasion, AML.T0018 backdoor ML model).
  • Close Category C gaps. Any Category C system currently configured in a High-tier autonomous or irreversible workflow violates Rule 9. Reclassify, add human-in-the-loop gates, or migrate.
Phase 2 Exit Criteria

IMS baselines on 100% of fleet · Six KPIs on top-quartile systems · At least one red team report · Zero Rule 9 violations

Phase 3 — Operate (Days 180–365)

Goal: the program runs on a quarterly rhythm and regulators have something to read.

  • Quarterly cycle. Every quarter: refresh ACFR, recompute CRS, update KPI time series, review vendor questionnaire responses, run the executive summary.
  • CI/CD gates. A model cannot deploy without a current entry. A material model update cannot deploy without a new registry version and a re-measured Stability KPI.
  • EU AI Act documentation filed. Use the regulatory posture dashboard view to generate Article 11 technical documentation. File it.
  • First vendor escalations. Publicly named vendors who refuse to answer the questionnaire move to an RFP disadvantage list.

Phase 4 — Mature (Year 2+)

Goal: continuous interpretability on flagships, vendor market moves.

  • Automated KPI pipeline. Nightly re-measurement of SAE fidelity, robustness suites, stability diffs. KPI drift alerts.
  • IMS 5 on flagships. The one or two most consequential models reach continuous interpretability. Circuit diffs attach to every model PR.
  • Vendor pressure campaign. By year two, you are not the only customer asking. Analyst firms are citing CIRCUIT. Category B vendors start publishing attribution graph evidence per version.

The Vendor Questionnaire — "Show Me Your Circuits"

The questionnaire is 29 questions across four sections: Identity and Provenance (Section A), Interpretability Evidence (Section B), Safety and Red-Teaming (Section C), and Contractual and Audit Posture (Section D). Each answer is coded Acceptable, Partial, or Unacceptable, and the coded answers drop directly into registry section 5.

Category Typical Score Representative Answers
A — Self-hosted open weights ~93% Acceptable SAEs on file, attribution graphs available, ACFR tracked, stability KPIs measured on every update
B — API / Foundation model ~48% Acceptable Public research partial, no per-version circuit guarantees, eval deltas published, NIST RMF alignment documented
C — Embedded vendor AI ~14% Acceptable Model version redacted, circuit evidence out of scope, no stability commitments, updates land without notice

These figures are illustrative expected values derived from the structural access differences between categories, not results of a published vendor survey. Replace with your own observed scores as responses accumulate.

"Category A vendors tend to land around 93% Acceptable. Category B around 48%. Category C around 14%. The gap is the market opportunity, and the questionnaire is the instrument that makes the gap visible on a single page."

The Questionnaire is a Conversation, Not a Gate

A 14% score does not mean you cannot use the vendor. It means you document the 14%, you apply compensating controls, you enforce Rule 9, and you write "does not answer interpretability questions" in your renewal discussion. Vendors respond to persistence.

The Regulatory Crosswalk — CIRCUIT as Safe Harbor

CIRCUIT is not a regulation. It is a way of producing the evidence regulations require, faster and more credibly than writing it from scratch.

Framework Requirement CIRCUIT Evidence
EU AI Act Art. 9Risk managementRegistry sections 1, 2, 4, 7; CRS and its history
EU AI Act Art. 11Technical documentationFull registry export; circuit inventory; KPI baselines
EU AI Act Art. 13Transparency to deployersIMS ≥ 2 evidence; vendor transparency section
EU AI Act Art. 14Human oversightDecision Consequence Weight; compensating controls
EU AI Act Art. 15Accuracy, robustness, cybersecurityKPI baselines (Robustness, Stability, ACFR); circuit-aware red team
NIST AI RMF MEASURE 2.9Interpretability methodsIMS evidence; KPI measurements; circuit inventory
NIST AI RMF MANAGERisk prioritization and responseCRS-driven approval ladder; ten hard rules
ISO/IEC 42001 Annex A.6.2AI system design and operationLifecycle section; CI/CD gates; material update logging
SR 11-7Model risk, conceptual soundnessIMS evidence ratchet; circuit inventory; stability KPI
SOC 2 TSCCommon Criteria, Processing IntegrityRegistry as control artifact; dashboards as monitoring evidence
CSA AICMAI controls matrixDirect map across all eight registry sections
MITRE ATLASAdversarial ML technique catalogRed team section tags by technique ID (AML.T0051, etc.)
OWASP LLM Top 10Application layer LLM failuresCompensating controls section addresses each applicable item

Why This Must Be an Open Standard

A proprietary interpretability framework is a contradiction in terms. Four reasons:

  • Interpretability governance is a collective action problem. One CISO sending one vendor questionnaire is a support ticket. Two hundred CISOs sending the same questionnaire is a market force.
  • Regulators need a reference implementation to point to. Ambiguous obligations produce inconsistent enforcement.
  • Open schema means portable registry data. Open YAML means you can switch interpretability tool vendors without re-keying thousands of entries.
  • Security only benefits the community when the community shares it. CIRCUIT builds on decades of open work by NIST, MITRE, OWASP, and CSA.

"The goal is not for any one organization to own this framework. The goal is for the industry to have one."

The Call to Action

For CISOs. Do one of the ten hard rules this week. If you do one, make it Rule 1. Create the registry, seed it with your ten most critical systems at IMS 0, and put it in front of the AI governance committee at the next meeting.

For AI vendors. Answer the questionnaire. Honestly. An honest 14% beats a dishonest 80% because your customer's security team will read both. Category B labs, publish per-version attribution graph evidence on representative behaviors.

For regulators. Treat CIRCUIT-equivalent evidence as a safe harbor for EU AI Act Articles 13–15, NIST AI RMF MEASURE 2.9, and SR 11-7 conceptual soundness obligations. Cite the framework in guidance. The framework is open source and maintained in public.

For analyst firms. Benchmark vendors against the "Show Me Your Circuits" questionnaire. Gartner AI TRiSM Magic Quadrants, Forrester AEGIS Waves, and IDC MarketScape evaluations should include a CIRCUIT questionnaire score as a standard dimension.

What to Do Monday

One registry entry. One questionnaire. One conversation with your AIGC. You can have all three done by end of week. The rest is a program.

The Open Release

CIRCUIT v1.1.0 is released at github.com/jumpmindinc/circuit-framework. The artifacts:

  • Framework document (this paper, plus a formal spec)
  • Registry schema (YAML, with JSON Schema validators)
  • Dashboard reference implementation (open source, runs against the YAML registry)
  • "Show Me Your Circuits" questionnaire (29 questions, coding rubric, example responses)
  • Regulatory crosswalks (EU AI Act, NIST AI RMF plus GenAI Profile, ISO 42001, SR 11-7, SOC 2, CSA AICM, MITRE ATLAS, OWASP LLM Top 10, Gartner AI TRiSM, Forrester AEGIS)
  • Worked examples (Category A, B, and C walkthroughs with filled registry entries, questionnaire responses, CRS calculations)
  • Pilot integrations for Gemma Scope 2, the openai/circuit-sparsity toolkit, circuit-tracer and Neuronpedia, and commercial platforms

The Vision

Picture the enterprise AI market eighteen months from now. Every RFP has a row that says "Provide your latest 'Show Me Your Circuits' response." Every foundation model vendor publishes attribution graph evidence with each version bump, the way they today publish MMLU and HumanEval deltas. Every SaaS AI feature discloses the underlying model, the update cadence, and the behavioral evaluation suite. Every security team has a dashboard where the board can see CRS exposure by business unit and drill into any model in two clicks.

Every CISO can answer the question I asked in my first AI governance meeting — when this model makes a bad decision, how will we know which part of the model made it? — with something other than silence and a slide.

We are nowhere near that world today. We are closer than we were a year ago. The interpretability research is real, the tooling is commercial, the regulations are binding, and the security function is accountable. All that is left is the standard. CIRCUIT is ours. Take it, use it, improve it, ignore us.

Just show me your circuits.

This is the end of the three-part series. The consolidated white paper is available now.

Read the Full White Paper →