Glossary
Definitions for the Adjudon-specific eigennames and the regulatory references this site cites. Each entry links to its primary reference page. Entries are alphabetical.
Jump: A · B · C · D · E · F · G · H · I · M · N · O · P · R · S · T
A
ADL (Adjudon Decision Language)
The typed customer-authoring surface for Adjudon policies (v0.1). Compiles
to AWS Cedar via policyCompiler.compileV1ToCedar. The textual surface uses
predicate-call syntax (e.g. confidence_below(0.7)); the JSON IR shape is
produced by adlLifter.liftV1ToAdl. See ADL v0.1 Reference.
Auditor role
The fifth OrgMember role (alongside owner / admin / member / viewer), added
in Phase 3 Track B.2. Read-only access to the policy-engine compliance
surface (GET /api/policies/audit/auditor-view). Designed for external
auditors (PwC, BaFin examiners, EU AI Act notified bodies) — they see
every fired policy, break-glass override, and approval transition without
the ability to mutate anything.
Annex III
The list of high-risk AI use cases in the EU AI Act (Regulation (EU) 2024/1689) covering credit scoring, recruitment, education, law enforcement, migration, and administration of justice. Deployer of Annex III systems carries the FRIA obligation under Art. 27. See EU AI Act Compliance.
adj_live_ / adj_agent_
The two Adjudon API-key prefixes. adj_live_<64-hex> is a
workspace-level key; adj_agent_<48-hex> is per-agent. The prefix
is recognised by GitHub's secret scanner. See
Authentication.
AuditLog
The Operations Audit Log: the second SHA-256 chain, distinct from
the Decision Hash Chain, that records admin events (policy edits,
key rotations, login). Read-access requires admin or owner role.
B
Break-glass
The Phase 2 Track B.4 emergency-override path on the multi-stakeholder
approval workflow. An admin or owner can bypass the 3-role separation
by typing the literal phrase BREAK GLASS plus a ≥50-character
justification. The action records viaBreakGlass: true,
breakGlassJustification: <text>, the actor identity, and the
timestamp on the immutable audit chain. Surfaced in the Auditor View
with a critical-severity badge. See Policy Governance.
BaFin
The German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht) — the supervisor for credit institutions, payment institutions, insurers, and investment firms in Germany; the canonical reader of DORA Art. 19 incident reports for German entities.
C
Cedar
The AWS-authored policy language and evaluation engine (open-source,
CNCF Sandbox, peer-reviewed formal semantics). Adjudon's Policy Engine
compiles ADL down to Cedar for production evaluation via the
cedarSubstrate wrapper. The substrate choice was made per ADR-PE-07
because Cedar carries formal mathematical guarantees that hand-rolled
evaluators do not. See ADL v0.1 Reference.
chainHash
The SHA-256 link of every Decision Hash Chain row, computed as
sha256(prevHash || payloadDigest || sequence || createdAt). See
Audit Log & Security.
Cohen's κ
Inter-rater agreement statistic (Cohen 1960). Computed in
policyEffectivenessService as (po - pe) / (1 - pe) where po is
observed agreement (engine decision vs reviewer verdict) and pe is
chance agreement under independence. κ ≥ 0.6 = substantial agreement,
the conventional bar for a policy that's pulling its weight. See
Policy Effectiveness.
Confidence Engine
The three-pillar score generator: base probability, variance across
ensemble passes, and historical precedent. Outputs a
confidenceScore (0.0–1.0) and tags like LOW_CONFIDENCE.
CRA
The EU Cyber Resilience Act (Regulation (EU) 2024/2847). Art. 11 sets the manufacturer-reporting cadence (24h / 72h / 14d) tracked by the Multi-Clock.
D
Decision Audit Layer
Adjudon's product category. Sits downstream of the LLM rail; records every AI decision into a tamper-evident chain. Distinct from prompt-layer guardrails (Lakera, CalypsoAI, NeMo Guardrails).
DecisionTrace
The per-decision record. Carries inputContext, outputDecision,
confidenceScore, tags, status, and a back-reference to its
HashChainEntry.
DORA
The EU Digital Operational Resilience Act (Regulation (EU) 2022/2554), enforceable since 17 January 2025. Art. 30 governs the exit-plan obligation. See DORA Compliance.
E
eu-central-1
AWS Frankfurt. Adjudon's primary database (MongoDB Atlas) and API server (Fly.io) both run here. See Data Residency & GDPR.
F
Frankfurt
Adjudon's sole residency — MongoDB Atlas, Fly.io (API +
embedding sidecar), and every other sub-processor operate from
eu-central-1 or another EU region. No data leaves the EU, end
to end (since 2026-05-11).
FRIA
Fundamental Rights Impact Assessment. Required under EU AI Act Art. 27
for Annex III deployers. Adjudon's FRIA model carries its own
chainHash, separate from the Decision Hash Chain. See
FRIA Wizard.
G
GDPR
The EU General Data Protection Regulation (Regulation (EU) 2016/679). Adjudon is a Data Processor under Art. 28; customer is the Data Controller. See Data Residency & GDPR.
GENESIS_HASH
The chain-start sentinel. Sixty-four zeros for the Decision Hash
Chain, the literal string "0" for the Operations Audit Log; never
re-keyed.
H
HashChainEntry
A single row in the Decision Hash Chain. Carries sequence,
traceId, prevHash, payloadDigest, chainHash, and
createdAt. See Hash Chain API.
I
Idempotency-Key
The header that lets a client retry a mutating call safely. Adjudon auto-generates one from the request payload if the client does not supply it. See Quickstart.
IncidentClock
A regulatory deadline clock attached to an Incident. Carries a
regulator enum (gdpr, aiact, dora, nis2, cra), an
articleRef, and checkpoints[].
M
MDCG 2019-11
The Medical Device Coordination Group's guidance on the qualification and classification of software under MDR/IVDR. Rule 11 places most clinical-AI software at Class IIa or higher. See Medtech Compliance.
MDR
The EU Medical Device Regulation (Regulation (EU) 2017/745). Article 10(8) sets the manufacturer-retention obligation: 10 years for non-implantable, 15 years for implantable.
Multi-Clock
The Multi-Clock Incident Hub: five parallel regulator clocks (GDPR
Art. 33, EU AI Act Art. 73, DORA Art. 19, NIS2 Art. 23, CRA Art. 11)
running off one Incident. See
Multi-Clock Incidents.
N
NIS2
EU Network and Information Security Directive 2 (Directive (EU) 2022/2555). Art. 23 sets the significant-incident reporting cadence (24h / 72h / 30d).
O
OpenAI exception (retired 2026-05-11)
Historical term. Until 2026-05-11, OpenAI L.L.C. (USA) was listed as a Adjudon sub-processor for Confidence Engine Pillar-3 embedding generation under GDPR Chapter V SCCs. On that date the call was migrated to a self-hosted TEI sidecar in Frankfurt and OpenAI was removed from the sub-processor list. The term is preserved in the glossary so older procurement documents that reference it can be mapped to the current state. See Sub-Processors.
P
payloadDigest
A trace's sha256(canonicalJson(traceView)). Computed at chain-append
time and stable across soft-delete / GDPR Art. 17 nullification.
PolicyTranscript
Per-evaluation immutable record (Phase 1 Track D) emitted by
policyTranscriptService.emit every time a policy fires on a trace.
Pinned to the firing PolicyVersion via policyVersionHash; the trace
value of every condition that evaluated TRUE is PII-scrubbed at write
time per Cardinal Rule #4; chained to the daily Merkle anchor which
carries a D-Trust qSeal. The court-admissibility unit. See
Policy Governance.
PolicyVersion
Append-only versioning chain (Phase 1 Track C) for every Policy
document. Each Policy update creates a new PolicyVersion with
canonicalContentHash = SHA-256(JCS-canonicalised text) and
priorVersionHash linking back. Mutations are rejected by Mongoose
pre-hooks (Cardinal Rule #5). A regulator replaying a 2-year-old
PolicyTranscript fetches the EXACT policy text in force at that
moment via the version hash.
Policy Engine
The deterministic gate that decides 201 (approve), 202 (flag for
review), or 403 (block) on every trace. Priority: block > flag > notify > approve.
R
ReviewItem
A row on the Review Queue: a flagged decision awaiting human
oversight per EU AI Act Art. 14. Linked back to its
DecisionTrace by traceId.
S
SCCs
Standard Contractual Clauses under GDPR Chapter V. Historical relevance only: previously the legal mechanism for the OpenAI embedding transfer (retired 2026-05-11). Adjudon currently has no third-country sub-processor and no SCCs in force.
Sandbox / Scale / Governance / Enterprise / Custom
The five Adjudon plan tiers. Hash-chain audit, Multi-Clock incidents, and the FRIA Wizard are available from Governance upward. See Plans & Features.
Shapley values
Game-theoretic attribution of contribution (Shapley 1953). Adjudon computes EXACT Shapley over the 2^N condition subsets for policies with N ≤ 10 conditions (1024 evaluations max); for N > 10 the spike currently throws and the dashboard surfaces "Shapley unavailable" (KernelSHAP Monte-Carlo is Phase 2 D.4 scaffolding). The values are over fire-rate, not over precision — per Huang & Marques-Silva 2023 we never present per-decision Shapley as a causal explanation. See Policy Effectiveness.
SPRT (Sequential Probability Ratio Test)
Wald 1947. Adjudon's canary-deployment decision algorithm
(policyCanaryService.sprtDecision). Once both the canary AND the
production-baseline cohorts have each accumulated ≥30 samples, the
log-likelihood ratio is compared against two Wald bounds (A, B) to
emit one of three decisions: promote (canary matches production),
revert (canary worse than production within tolerance), or
inconclusive (gather more samples). Mapped to UI labels accept /
reject / continue. See Policy Governance.
T
tamper-evident
The Adjudon chain detects modification loudly via the next entry's
prevHash mismatch; it does not prevent the write. The accurate
phrase is tamper-evident, never tamper-proof.
TPSP
ICT third-party service provider, per DORA Art. 3(19). Adjudon is a TPSP for any financial entity that uses it to support a critical or important function.