Validate models that change every week.
Continuous Operational Assurance for Enterprise AI. Traditional MRM cycles assume annual revalidation. Foundation models change weekly. Reign provides continuous validation infrastructure: approved-model registry, cryptographic versioning, drift detection, validation harnesses, change packets. Built around your existing MRM playbook.
The MRM practitioner problem
The cycle was annual. The model is weekly.
MRM playbooks are mature for traditional models. But foundation models update weekly, agentic systems chain tools dynamically, and prompts evolve continuously. The validation team is asked to certify systems that no longer match the snapshot they validated. Reign fixes the substrate so the playbook still works.
Validation drift. By the time annual validation completes, the production model has drifted from the validated baseline. The evidence is stale before it's filed.
Reproducibility gaps. Validation runs depend on engineering for telemetry. Datasets aren't versioned alongside results. Re-running a validation a quarter later doesn't produce the same artifact.
Material-change ambiguity. Was a prompt template revision a material change? A provider version bump? A tool addition? Without a documented PCCP, every change becomes a judgment call. And judgment calls don't hold up in examination.
Effective challenge erosion. When validators depend on model owners for telemetry, independence is compromised. Sample-based testing can't cover thousands of daily inferences.
MRM citations, mapped to Reign
Section-level framework mapping.
The mapping the validation team needs. Citation by citation, with the Reign component that produces the evidence.
| Framework / Section | Validation Question | Reign Component | Evidence Reign Delivers |
|---|---|---|---|
| SR 26-2. Model Validation | Is independent validation evidence reproducible and complete? | Model Risk Validation validation harnesses | Validation harnesses run on demand and on schedule. Evaluation datasets, prompts, expected outputs, and pass/fail criteria are versioned and reproducible. Conceptual soundness, process verification, and outcomes-based testing artifacts attach to the model record. |
| SR 26-2. Ongoing Monitoring | Are deployed models continuously monitored for drift and performance decay? | Model Risk Validation drift detection | Statistical drift monitors on every approved model. Performance, fairness, and stability benchmarks tracked against validation baseline. Materiality thresholds with second-line escalation. Out-of-tolerance events trigger re-validation workflows. |
| FDA PCCP. Predetermined Change Control Plan | Are model changes governed by a predetermined plan with reviewer attribution? | Change packets in Model Risk Validation | Cryptographically versioned change packets aligned to PCCP scope. Each packet contains the change, the validation evidence, the reviewer, and the rollback plan. Material changes are flagged for second-line review before deployment. |
| EU AI Act Art. 15. Accuracy, Robustness, Cybersecurity | Is lifecycle robustness and cybersecurity continuously demonstrated? | AI Gateway + Model Risk Validation | Continuous robustness testing through validation harnesses. Cybersecurity controls at the Gateway. Prompt-injection detection, jailbreak monitoring, exfiltration prevention. Article 15 evidence is generated continuously, not assembled annually. |
| ISO 42001 §9.1. Performance Evaluation | Is the AI Management System measured against documented criteria? | Audit Ledger (CAVR) | Performance evaluation evidence flows directly from the Audit Ledger (CAVR). Documented criteria, monitoring data, internal-audit findings, and management-review inputs are all framework-mapped. ISO 42001 §9.1 packets are exportable on demand. |
| FINOS AIGF v2.0. Model Risk Controls | Are AI-specific model risk controls operating as designed? | Four-Component Spine | AIGF model-risk controls map directly to Reign components. Inventory, validation, monitoring, change control, incident response, and reporting evidence are produced continuously and assembled into AIGF-aligned reporting packs. |
The validation lifecycle
Continuous validation, end to end.
Validation isn't a milestone. It's a lifecycle. Reign instruments every phase. Pre-deployment to decommissioning. So practitioners have evidence on demand.
Phase 1
Pre-deployment Validation
Validation harness runs against the candidate model. Conceptual soundness review, process verification, outcomes-based testing. All evidence attached to the change packet before approval.
Phase 2
Approved-Model Registry Entry
Model is registered with risk tier, validator attribution, validation evidence, and approved deployment scope. Cryptographic versioning. Read-only audit access for the third line.
Phase 3
Continuous Monitoring
Drift monitors, performance benchmarks, fairness metrics, exception rates. All running continuously. Materiality thresholds set per model. Alerts route to model owner, validator, and second line.
Phase 4
Material Change Detection
When provider, version, prompt template, or behavior crosses the material-change threshold, the system flags it. The model is locked to the prior approved version until re-validated, or the change is approved through PCCP-aligned workflow.
Phase 5
Re-Validation
Validation harness re-runs. Independent challenge happens against the current production model. Not a snapshot from twelve months ago. Validators have read-only evidence access.
Phase 6
Decommissioning
When a model is retired, the audit chain captures decommissioning evidence. Final monitoring data, rollback artifacts, reason for retirement. Nothing leaves the registry without a full record.
For your role on the MRM team
Built for the four hands that touch validation.
Model Risk Validators
Read-only evidence access. Validation harnesses you can re-run. Drift telemetry on your timeline. Independent challenge without depending on model owners for every artifact.
Independent Challenge Team
Effective challenge enforced by segregation-of-duties at the Gateway. Population-level evidence. Not sampled. Reproducible queries against the same evidence corpus produce identical artifacts.
Model Inventory Owners
Single source of truth for approved models. Risk tier, validation status, drift state, change history, deprecation date. All visible in real time. No more inventory reconciliation work.
Quants and Validation Engineers
Validation harnesses as code. Evaluation datasets, prompts, expected outputs, and pass/fail criteria versioned alongside the model. Reproducibility is the default.
Mapped to your validation cadence
Continuous evidence, on every validation timeline.
Weekly Drift Alerts
Real-time monitor outputDrift, performance, fairness, and exception monitors fire continuously. Weekly digest summarizes which models crossed thresholds, which require attention, and which require re-validation.
Monthly Challenger Reviews
Challenger model comparisonsSide-by-side performance and fairness comparisons between champion and challenger models. Validation harnesses run identical evaluation against both. Promotion or rejection is evidence-driven.
Quarterly MRM Committee
Live MRM dashboardApproved-model inventory, drift events, validation status, change activity, exception backlog. All pulled directly from the audit chain. Walkthrough-ready for the second line and audit committee.
Annual Validation Cycle
Validation packets per modelIndependent validation evidence assembled per SR 26-2 model validation standards. Conceptual soundness, process verification, outcomes-based testing. Framework-mapped and submission-ready for examiners.
Explore the four components
Model Risk Validation is the MRM core. The other three keep it honest.
Model Risk Validation
Approved-model registry, validation harnesses, drift detection, change packets. The MRM core.
ExploreAI Gateway
Policy at the edge. Effective-challenge enforcement. Identity-bound model calls.
ExploreAudit Ledger (CAVR)
Continuous audit chain. Performance, drift, exception evidence. Population-level.
ExploreAssurance Packs
SR 26-2, E-23, EU AI Act, FINOS AIGF. Framework-mapped, submission-ready.
ExploreMRM practitioner questions, answered.
- How do validation harnesses work in Reign?
- Validation harnesses are versioned alongside the model. Each harness contains evaluation datasets, prompts, expected outputs, scoring rubric, and pass/fail thresholds. Harnesses run on demand, on a schedule, and on every material change. Output is attached to the model record and accessible to validators with read-only evidence access. No dependency on the model owner.
- Can we bring our own evaluation datasets?
- Yes. Bring-your-own evaluation is a first-class workflow. Validation teams can register evaluation datasets. Including proprietary, regulatory, and adversarial sets. In the harness library. Datasets are versioned, access-controlled, and reusable across models. Validation results are reproducible against the registered dataset version.
- How does Reign handle effective challenge for foundation models?
- Effective challenge is enforced through segregation-of-duties at the Gateway. The same identity cannot both develop and approve a model change. Validators have read-only evidence access. They don't depend on the model owner for telemetry. Population-level evidence replaces sample-based testing. The approval chain is part of the audit record.
- What does the change packet contain?
- Every change packet contains the change description, the new model version (or prompt or tool configuration), the validation evidence, the reviewer attribution, the deployment scope, the rollback plan, and the policy that authorized the change. Material changes are flagged for second-line review before deployment. Cryptographically versioned and immutable once committed.
- How does Reign integrate with our existing MRM platform?
- Reign produces structured artifacts that integrate with ServiceNow GRC, Archer, OneTrust, Workiva, and similar platforms via API or scheduled export. Reign extends, it doesn't replace, your existing model inventory and validation workflows. AI-specific telemetry (Gateway logs, drift, change packets) flows into the workflows your team already runs.
- When can MRM teams pilot Reign?
- AI Gateway is live today. Model Risk Validation, Audit Ledger (CAVR), and Assurance Packs are available through the Reign Design Partner Program. Schedule a 60-minute walkthrough with our team. We'll show validation harnesses, drift monitors, and change packets running against your specific model class.
Show me how Reign extends my MRM playbook.
Sixty-minute deep-dive with our team. We'll show validation harnesses, drift monitors, and change packets running against your specific model class. And walk through how Reign integrates with your existing MRM platform.