# Bidda AI: Sovereign Intelligence Platform Bidda.com is a source-verified, cryptographically signed, and RAG-optimized repository for autonomous agents. ## Sovereign Insights (High-Authority technical Articles) - **Title**: Defining Sovereign Knowledge Nodes: The Architecture of Trust - **Access**: https://bidda.com/insights/defining-sovereign-knowledge-nodes - **Title**: From NIST, ISO & EU AI Act to Executable Workflows - **Access**: https://bidda.com/insights/nist-iso-eu-ai-act-workflows - **Title**: The Micro-Economy of Truth: Why Pay-Per-Intelligence Wins - **Access**: https://bidda.com/insights/micro-economy-of-truth-l402 - **Title**: Integrating Sovereign Knowledge: A Technical Blueprint - **Access**: https://bidda.com/insights/integrating-sovereign-knowledge-guide ## Gated Intelligence Registry (781 Nodes) - **Discovery Endpoint**: /api/v1/nodes/index.json - **Payment Path**: 402 Settlement (0.01 USD) ### AA1000AP (AccountAbility) - **ID**: aa1000ap-accountability - **Category**: Workplace - **BLUF**: The AA1000 AccountAbility Principles (AA1000AP, 2018) identifies the core governance standards for the sustainable development and the stakeholder engagement. it specifies 'Four Principles' (Inclusivity, Materiality, Responsiveness, Impact) that the an organization must the integrate to the manage the its environmental and the social the performance, ensuring the reliable and the high-fidelity 'Assurance' of the ESG reporting. - **Discovery URL**: https://bidda.com/api/v1/nodes/aa1000ap-accountability.json ### ABA Model Rules (Conduct) - **ID**: aba-model-rules-conduct - **Category**: Legal & Professional - **BLUF**: American Bar Association standards for professional conduct and ethics in legal practice. - **Discovery URL**: https://bidda.com/api/v1/nodes/aba-model-rules-conduct.json ### AI Model Valuation (IAS 38) - **ID**: accounting-ias-38 - **Category**: Finance - **BLUF**: IAS 38 Intangible Assets, issued by the IASB, governs the recognition, measurement, and disclosure of intangible assets including internally developed AI models, training datasets, and software. An intangible asset must meet strict recognition criteria: identifiability, control, and probable future economic benefit. Development-phase AI expenditure may be capitalized only after technical feasibility is established, while research-phase costs must be expensed immediately. Failure to correctly distinguish research from development phases, or to apply the impairment testing requirements under IAS 36, results in materially misstated financial statements and potential regulatory action by securities authorities. - **Discovery URL**: https://bidda.com/api/v1/nodes/accounting-ias-38.json ### Digital Asset Fair Value (IFRS 13) - **ID**: accounting-ifr-13 - **Category**: Finance - **BLUF**: IFRS 13 Fair Value Measurement establishes a single framework for measuring fair value across all IFRS standards that require or permit fair value measurement, including digital assets, AI-tokenized instruments, and crypto holdings. The standard defines fair value as the exit price — the price received to sell an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date. Entities must classify inputs into a three-level hierarchy (Level 1: quoted prices, Level 2: observable inputs, Level 3: unobservable inputs) and maximize the use of observable inputs. Digital and AI-linked assets with limited trading history frequently fall into Level 3, requiring robust valuation models and extensive disclosures; inadequate classification or disclosure triggers audit qualifications and securities regulator scrutiny. - **Discovery URL**: https://bidda.com/api/v1/nodes/accounting-ifr-13.json ### Engineers Ethics (ACEC) - **ID**: acec-ethics-eng - **Category**: Legal & Professional - **BLUF**: Code of ethics for professional engineers and consultant firms. - **Discovery URL**: https://bidda.com/api/v1/nodes/acec-ethics-eng.json ### ADA (Employment Title I) - **ID**: ada-employment-title-1 - **Category**: Workplace - **BLUF**: The Americans with Disabilities Act (ADA) Title I (1990, as the amended) is the primary U.S. federal law for the disabled employee protection. it specifies the mandatory the standards for the employers to the prevent discrimination against the 'Qualified Individuals' and the requirement to the provide the 'Reasonable Accommodations' that the do not the cause the 'Undue Hardship' to the business operations. - **Discovery URL**: https://bidda.com/api/v1/nodes/ada-employment-title-1.json ### ADA (Hospitality Accessibility) - **ID**: ada-hospitality-access - **Category**: Food & Hospitality - **BLUF**: Accessibility requirements for public accommodations and commercial facilities. - **Discovery URL**: https://bidda.com/api/v1/nodes/ada-hospitality-access.json ### Agent Budgetary Controls & Ceiling Checks - **ID**: agent-budget-cap - **Category**: Workflow Automation - **BLUF**: Agentized financial controls (Action Boundaries) restrict an autonomous agent's spending power per session, task, or API call to prevent catastrophic loss or unbounded consumption. - **Discovery URL**: https://bidda.com/api/v1/nodes/agent-budget-cap.json ### Agent Emergency Stop (Kill-Switch) Design Patterns - **ID**: agent-kill-switch - **Category**: Workflow Automation - **BLUF**: An AI Agent Kill-Switch is a deterministic safety mechanism designed to immediately terminate or throttle an autonomous agent's execution if it exceeds predefined behavioral, financial, or operational boundaries. - **Discovery URL**: https://bidda.com/api/v1/nodes/agent-kill-switch.json ### Multi-Agent Collision Resolution - **ID**: ai-agent-collision-logic - **Category**: Advanced AI Research & Safety - **BLUF**: Multi-agent collision logic provides deterministic protocols for resolving conflicts when two or more autonomous AI agents simultaneously attempt to access the same resource, modify the same shared state, execute contradictory actions, or pursue incompatible goal trajectories within a swarm or orchestration framework. Without collision resolution, multi-agent systems produce race conditions, data corruption, deadlocks, and cascading failures that are difficult to audit or remediate. The resolution framework draws from distributed systems theory (consensus algorithms, resource arbitration), multi-agent systems research, and emerging agentic safety standards. Properly implemented collision logic ensures predictable, auditable outcomes and maintains system safety invariants even when individual agents operate concurrently and autonomously. - **Discovery URL**: https://bidda.com/api/v1/nodes/ai-agent-collision-logic.json ### AI-IP: Guidance on Authorship - **ID**: ai-ip-copyright - **Category**: Legal & IP Sovereignty - **BLUF**: The US Copyright Office's AI Policy Statement (February 2023) and subsequent guidance (March 2023) establish that copyright protection requires human authorship — purely AI-generated content without human creative control is not copyrightable in the United States. Works involving AI assistance may receive copyright protection for the human-authored elements, but only if a human author made sufficient creative choices that were expressed in the final output. The EU, UK, and other jurisdictions take varying positions, with the UK's Computer Generated Works doctrine providing limited protection for AI outputs. Misrepresenting AI-generated content as human-authored to obtain copyright registration constitutes fraud; failure to disclose AI involvement in patent applications may similarly invalidate those applications. - **Discovery URL**: https://bidda.com/api/v1/nodes/ai-ip-copyright.json ### AICPA Code of Ethics - **ID**: aicpa-code-ethics - **Category**: Legal & Professional - **BLUF**: Professional standards for CPAs, focusing on integrity, objectivity, and independence. - **Discovery URL**: https://bidda.com/api/v1/nodes/aicpa-code-ethics.json ### Responsible Alcohol Service - **ID**: alcohol-service-std - **Category**: Food & Hospitality - **BLUF**: Best practices and liability standards for serving alcohol in public venues. - **Discovery URL**: https://bidda.com/api/v1/nodes/alcohol-service-std.json ### AMA (Ethical Marketing) - **ID**: ama-ethical-marketing - **Category**: Sales, Marketing & PR - **BLUF**: The AMA Statement of Ethics identifies the foundational standards for the marketing professionals. it specifies the mandatory 'Ethical Norms' (Do no harm, the Foster trust, the Embrace ethical values) and the '6 Core Values' (Honesty, Responsibility, Fairness, Respect, Transparency, Citizenship), ensuring the marketing activities the protect the consumer and the organizational integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/ama-ethical-marketing.json ### Amazon Ads (Policy) - **ID**: amazon-sponsored-ads-policy - **Category**: Sales, Marketing & PR - **BLUF**: The Amazon Advertising Guidelines identify the foundational standards for the retail and the sponsored advertising on the Amazon marketplace. it specifies the mandatory the requirements for the 'Sponsored' disclosure, the 'Brand Registry' verification, and the 'Product Image' clarity (Section 4), ensuring the robust shopper experience and the systematic prevention of the 'Off-Platform' traffic redirection or the deceptive the regular retail the commerce. - **Discovery URL**: https://bidda.com/api/v1/nodes/amazon-sponsored-ads-policy.json ### APRA CPS 230 (Resilience) - **ID**: apra-cps-230-resilience - **Category**: Banking & Global Finance - **BLUF**: APRA CPS 230 (Operational Risk Management) is the new cross-industry standard for the Australian financial sector. it replaces several legacy standards (CPS 231, CPS 232) with a unified framework for operational risk, service provider management, and business continuity, placing increased accountability on the board for the firm's resilience. - **Discovery URL**: https://bidda.com/api/v1/nodes/apra-cps-230-resilience.json ### APRA Prudential Standard CPS 234 Information Security - **ID**: apra-cps-234 - **Category**: "Finance" - **BLUF**: A mandatory Australian regulatory standard ensuring that APRA-regulated entities maintain robust information security capabilities, with ultimate accountability residing at the Board level. - **Discovery URL**: https://bidda.com/api/v1/nodes/apra-cps-234.json ### UNCITRAL Arbitration Rules - **ID**: arbitration-uncitral-rules - **Category**: Legal & Professional - **BLUF**: Standardized rules for conduct of international commercial arbitration. - **Discovery URL**: https://bidda.com/api/v1/nodes/arbitration-uncitral-rules.json ### AS9100 Rev D (Aviation QMS) - **ID**: as9100-rev-d-qms - **Category**: Aviation, Defense & Quantum - **BLUF**: AS9100 Rev D is the international Quality Management System (QMS) standard for the Aviation, Space, and Defense (AS&D) industry. It incorporates the entire ISO 9001:2015 standard while adding specific requirements for product safety, counterfeit parts prevention, configuration management, and operational risk. - **Discovery URL**: https://bidda.com/api/v1/nodes/as9100-rev-d-qms.json ### Aerospace Quality Management System (AS9100 Rev D) - **ID**: as9100-rev-d - **Category**: "Aerospace & Defense" - **BLUF**: The gold standard for quality management in the Aviation, Space, and Defense sectors, extending ISO 9001 with rigorous aerospace-specific safety and risk requirements. - **Discovery URL**: https://bidda.com/api/v1/nodes/as9100-rev-d.json ### AS9110 (Maintenance QMS) - **ID**: as9110-maintenance-qms - **Category**: Aviation, Defense & Quantum - **BLUF**: AS9110 is the international Quality Management System standard specifically designed for aviation maintenance, repair, and overhaul (MRO) organizations. It builds upon AS9100 requirements by incorporating specific civil aviation regulations (EASA/FAA) and focusing on maintenance-specific factors like human performance and airworthiness. - **Discovery URL**: https://bidda.com/api/v1/nodes/as9110-maintenance-qms.json ### AS9120 (Distributor QMS) - **ID**: as9120-distributor-qms - **Category**: Aviation, Defense & Quantum - **BLUF**: AS9120 is the international Quality Management System standard for distributors and stockholders in the Aviation, Space, and Defense industry. It focuses on the chain of custody, traceability, and the control of records to ensure 'Certificate of Conformity' (CoC) and airworthiness documentation are maintained throughout the supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/as9120-distributor-qms.json ### ASA (Advertising Codes) - **ID**: asa-advertising-codes-uk - **Category**: Sales, Marketing & PR - **BLUF**: The UK ASA Advertising Codes (CAP for the non-broadcast, the BCAP for the broadcast) identify the foundational standards for the UK advertising. it specifies the mandatory the requirements for the ads to the be the 'Legal, Decent, Honest and the Truthful' (Section 1/3), ensuring the protection of the consumers and the systematic prevention of the 'Misleading' or the 'Harmful' promotions. - **Discovery URL**: https://bidda.com/api/v1/nodes/asa-advertising-codes-uk.json ### Deterministic RAG Verification - **ID**: automated-fact-verification - **Category**: Advanced AI Research & Safety - **BLUF**: Deterministic RAG (Retrieval-Augmented Generation) verification is a systematic process for cross-referencing AI-generated claims against authoritative knowledge bases to detect and block hallucinated, fabricated, or unsupported outputs before they reach end users. The process extracts discrete factual claims from model outputs, retrieves supporting or contradicting evidence from verified knowledge sources, computes an entailment score for each claim, and either passes, flags, or blocks the response based on configurable confidence thresholds. This approach is aligned with NIST AI RMF MEASURE function requirements for AI output accuracy, the EU AI Act Article 13 transparency requirements, and emerging RAG security best practices addressing prompt injection and knowledge base poisoning. Failure to implement fact verification in high-stakes AI deployments (medical, legal, financial) can result in actionable misinformation, regulatory liability, and loss of user trust. - **Discovery URL**: https://bidda.com/api/v1/nodes/automated-fact-verification.json ### Agent-to-Agent Handover Protocol (BPMN 2.0) - **ID**: automation-bpmn-agent-handover - **Category**: "Workflow Automation" - **BLUF**: Standardized JSON-based context object for transferring process tokens and state between specialized LLM agents in a multi-agent orchestration. - **Discovery URL**: https://bidda.com/api/v1/nodes/automation-bpmn-agent-handover.json ### Error Boundary Logic (BPMN 2.0) - **ID**: automation-bpmn-error-boundary - **Category**: "Workflow Automation" - **BLUF**: Implement "Error Intermediate Boundary Events" to catch service failures and shift process flows to deterministic recovery or escalation paths. - **Discovery URL**: https://bidda.com/api/v1/nodes/automation-bpmn-error-boundary.json ### Service Task Execution Pattern (BPMN 2.0) - **ID**: automation-bpmn-service-task - **Category**: "Workflow Automation" - **BLUF**: Standardized, deterministic service tasks for executing automated logic within a business process, ensuring interoperability between agents and external systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/automation-bpmn-service-task.json ### Autonomous Trucking V2V Security - **ID**: autonomous-trucking-v2v - **Category**: Logistics & Supply Chain - **BLUF**: Communication standards for autonomous heavy-duty vehicle platoons. - **Discovery URL**: https://bidda.com/api/v1/nodes/autonomous-trucking-v2v.json ### BSA SAR (Suspicious Activity) - **ID**: bank-secrecy-act-suspicious - **Category**: Banking & Global Finance - **BLUF**: The Bank Secrecy Act (BSA) requires financial institutions to file a Suspicious Activity Report (SAR) for any transaction that is suspicious, appears to involve illegal activity, or has no logical business purpose. it is the primary reporting tool for the U.S. government to identify and combat money laundering, tax evasion, and terrorist financing. - **Discovery URL**: https://bidda.com/api/v1/nodes/bank-secrecy-act-suspicious.json ### Bar Standards Board (UK) - **ID**: bar-standards-board-uk - **Category**: Legal & Professional - **BLUF**: Regulatory body and standards for barristers in England and Wales. - **Discovery URL**: https://bidda.com/api/v1/nodes/bar-standards-board-uk.json ### Basel III Capital Requirements - **ID**: basel-iii-capital - **Category**: "Banking & Finance" - **BLUF**: International standards for bank capital adequacy and liquidity, designed to ensure systemic resilience against financial crises. - **Discovery URL**: https://bidda.com/api/v1/nodes/basel-iii-capital.json ### Basel III Liquidity (LCR) - **ID**: basel-iii-liquidity-lcr - **Category**: Banking & Global Finance - **BLUF**: The Liquidity Coverage Ratio (LCR) is a core component of the Basel III post-crisis reform. it ensures that banks maintain an adequate level of unencumbered high-quality liquid assets (HQLA) that can be converted into cash easily and immediately in private markets to meet their liquidity needs for a 30-day calendar day liquidity stress scenario. - **Discovery URL**: https://bidda.com/api/v1/nodes/basel-iii-liquidity-lcr.json ### Basel IV: Capital Floor & Liquidity - **ID**: basel-iv-liquidity - **Category**: Banking & Global Finance - **BLUF**: The Basel IV framework (the final Basel III reforms) introduces a standardized output floor to prevent banks from using internal models to underestimate risk. It significantly tightens capital requirements for G-SIBs and harmonizes the calculation of Risk-Weighted Assets (RWA) across the global banking sector. - **Discovery URL**: https://bidda.com/api/v1/nodes/basel-iv-liquidity.json ### Basel IV Output Floor - **ID**: basel-iv-output-floor - **Category**: Banking & Global Finance - **BLUF**: The Basel IV Output Floor is the centerpiece of the 2017 Basel III 'completion' reforms. It limits the reduction in risk-weighted assets (RWA) that can result from a bank's use of internal models by mandating that RWAs calculated using internal models cannot fall below 72.5% of the RWAs calculated using the standardized approach. - **Discovery URL**: https://bidda.com/api/v1/nodes/basel-iv-output-floor.json ### Berne Convention (Copyright) - **ID**: berne-convention-copyright - **Category**: Creative, Content & Media IP - **BLUF**: The Berne Convention for the Protection of Literary and Artistic Works (1886, Paris 1971) identifies the foundational international standards for the copyright. it specifies the mandatory the principle of the 'Automatic Protection' (without the registration) and the 'Moral Rights' (Article 6bis), ensuring the global recognition of the author's the original creation and the right to the claim the paternity and the protest the distortion of the work. - **Discovery URL**: https://bidda.com/api/v1/nodes/berne-convention-copyright.json ### Berne Convention (Copyright) - **ID**: berne-convention-literary-artistic - **Category**: Legal & IP Sovereignty - **BLUF**: The Berne Convention for the Protection of Literary and Artistic Works (1886) is the foundational international treaty for copyright. It provides 'Automatic Protection'—meaning copyright exists as soon as a work is fixed in a tangible medium, without the need for registration—and ensures that foreign authors receive the same rights as local ones. - **Discovery URL**: https://bidda.com/api/v1/nodes/berne-convention-literary-artistic.json ### BIS Principles (FMI) - **ID**: bis-principles-fmi-2012 - **Category**: Banking & Global Finance - **BLUF**: The Principles for Financial Market Infrastructures (PFMI) are the international standards for the infrastructure that facilitates the clearing, settlement, and recording of monetary and other financial transactions. Developed by CPSS (now CPMI) and IOSCO, the 24 principles are designed to ensure the safety, efficiency, and resilience of systemically important payment systems and central counterparties. - **Discovery URL**: https://bidda.com/api/v1/nodes/bis-principles-fmi-2012.json ### Bitcoin Lightning L402 - **ID**: bitcoin-lightning-l402 - **Category**: Crypto & Sovereign Finance - **BLUF**: L402 (formerly LSAT — Lightning Service Authentication Token) is a protocol standard developed by Lightning Labs that enables HTTP 402 Payment Required responses to be resolved via Bitcoin Lightning Network micropayments, allowing servers to monetize API access at the sub-cent level in a fully programmatic, machine-to-machine flow. The protocol combines Lightning Network invoice payment with macaroon-based access tokens (caveat-bearer tokens derived from macaroon cryptography), enabling pay-per-request, pay-per-session, and capability-scoped access models. L402 is foundational to AI agent commerce because it enables agents to autonomously purchase data, compute, or services without requiring pre-registered accounts or OAuth flows. Misconfigured L402 implementations can result in replay attacks (if preimage verification is skipped), privilege escalation (if macaroon caveats are not enforced server-side), or budget drain (if payment is accepted without corresponding service delivery). - **Discovery URL**: https://bidda.com/api/v1/nodes/bitcoin-lightning-l402.json ### Brazil LGPD Compliance - **ID**: brazil-lgpd-compliance - **Category**: Legal & IP Sovereignty - **BLUF**: Lei Geral de Proteção de Dados (LGPD) is Brazil's comprehensive data protection law (Law No. 13,709/2018), modeled after GDPR but with distinct governance requirements for the ANPD (National Data Protection Authority) and mandatory DPO appointments for all controllers. - **Discovery URL**: https://bidda.com/api/v1/nodes/brazil-lgpd-compliance.json ### BRCGS Food Safety - **ID**: brc-food-safety-global - **Category**: Food & Hospitality - **BLUF**: Global Standard for Food Safety, providing a framework to manage product safety. - **Discovery URL**: https://bidda.com/api/v1/nodes/brc-food-safety-global.json ### BREEAM Building Performance - **ID**: breeam-building-perf - **Category**: Sustainability & ESG - **BLUF**: Method for assessing, rating, and certifying the sustainability of buildings. - **Discovery URL**: https://bidda.com/api/v1/nodes/breeam-building-perf.json ### C-TPAT Minimum Security Criteria - **ID**: c-tpat-minimum-security - **Category**: Logistics & Supply Chain - **BLUF**: The Customs-Trade Partnership Against Terrorism (C-TPAT) is a voluntary public-private sector partnership program where members work with U.S. Customs and Border Protection (CBP) to protect the supply chain, identify security gaps, and implement specific security measures and best practices. - **Discovery URL**: https://bidda.com/api/v1/nodes/c-tpat-minimum-security.json ### C2PA (Provenance) - **ID**: c2pa-content-provenance - **Category**: Creative, Content & Media IP - **BLUF**: The Coalition for Content Provenance and Authenticity (C2PA v1.3) identifies the foundational standards for the verifiable content provenance and the authenticity. it specifies the mandatory the requirements for the 'Manifest', the 'Assertion', and the 'Cryptographic Binding' (Section 3 & 4), ensuring the robust detection of the 'AI-Generated' the or the 'Deepfake' the content and the 'Verified' the 'Creator Identity' in the global digital media streams. - **Discovery URL**: https://bidda.com/api/v1/nodes/c2pa-content-provenance.json ### C2PA Content Provenance - **ID**: c2pa-watermark-valid - **Category**: Advanced AI Research & Safety - **BLUF**: The Coalition for Content Provenance and Authenticity (C2PA) specification defines a cryptographically signed metadata manifest standard that embeds verifiable provenance information directly into digital assets (images, video, audio, documents), enabling any consumer to verify who created the asset, what tools were used, and whether the content has been modified since signing. C2PA is backed by Adobe, Microsoft, Intel, BBC, Sony, and others and is increasingly required by news organizations, AI content platforms, and social media companies for AI-generated content labeling. The specification uses X.509 certificates for signer identity, COSE (CBOR Object Signing and Encryption) for manifest integrity, and defines a trust list maintained by the C2PA Trust List Authority. Organizations distributing AI-generated content without C2PA manifests risk regulatory non-compliance under the EU AI Act Article 50 transparency obligations and face reputational exposure from deepfake misattribution. - **Discovery URL**: https://bidda.com/api/v1/nodes/c2pa-watermark-valid.json ### CCPA/CPRA Enforcement - **ID**: california-ccpa-v2 - **Category**: Legal & IP Sovereignty - **BLUF**: The California Consumer Privacy Act (CCPA), as significantly enhanced by the California Privacy Rights Act (CPRA), provides comprehensive privacy rights to California residents. It introduces the CPPA (California Privacy Protection Agency) and grants the right to correct inaccurate data and limit use of sensitive personal information (SPI). - **Discovery URL**: https://bidda.com/api/v1/nodes/california-ccpa-v2.json ### CAN-SPAM Act (Email) - **ID**: can-spam-act-email - **Category**: Sales, Marketing & PR - **BLUF**: The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 identifies the foundational U.S. federal standards for the commercial email. it specifies the mandatory the requirements for the 'No Deceptive Headers', the 'Accurate Subject Lines', the 'Physical Postal Address', and the 'Unsubscribe Mechanism' that the an organization must the honor within 10 business days. - **Discovery URL**: https://bidda.com/api/v1/nodes/can-spam-act-email.json ### CASL (Anti-Spam Canada) - **ID**: casl-anti-spam-canada - **Category**: Sales, Marketing & PR - **BLUF**: Canada's Anti-Spam Legislation (CASL) identifies the foundational standards for the commercial electronic messages (CEM). it specifies the mandatory 'Express and Implied' consent requirements (Section 6/10), the 'Unsubscribe Mechanism' (Section 11), and the 'Sender Identification' that the an organization must the use to the protect the Canadian digital users from the unauthorized communication. - **Discovery URL**: https://bidda.com/api/v1/nodes/casl-anti-spam-canada.json ### CCPA/CPRA (Opt-out Sale) - **ID**: ccpa-cpra-optout-sale - **Category**: Sales, Marketing & PR - **BLUF**: The California Consumer Privacy Act (CCPA) and the Privacy Rights Act (CPRA) identify the legal standards for the 'Selling or the Sharing' of the personal information. it specifies the mandatory the requirement for the an organization to the honor the 'Right to the Opt-out' (1798.120) and the 'Opt-out Preference Signal' (e.g., Global Privacy Control), ensuring the California consumers can the strictly the control the monetization of the their the digital footprints. - **Discovery URL**: https://bidda.com/api/v1/nodes/ccpa-cpra-optout-sale.json ### CCPA/CPRA — California Consumer Privacy Rights - **ID**: ccpa-cpra - **Category**: Workplace, Compliance & HR - **BLUF**: The California Consumer Privacy Act (CCPA, effective January 1, 2020) as substantially amended by the California Privacy Rights Act (CPRA, enforceable from March 29, 2024 following litigation delays; original date July 1, 2023) is the most comprehensive U.S. state privacy law and a de facto national standard for consumer data rights. The law applies to for-profit businesses meeting any of three thresholds: annual gross revenue exceeding $25 million; buying, selling, sharing, or receiving personal information of 100,000+ consumers or households per year; or deriving 50%+ of annual revenue from selling or sharing consumer data. CPRA added: a new sensitive personal information (SPI) category with dedicated rights to limit use; the right to correct inaccurate personal information; a data retention limitation requirement (3-year limit on retaining data beyond original purpose); and the California Privacy Protection Agency (CPPA) as an independent enforcement agency with rulemaking authority. Consumer rights: access (know), deletion, correction (CPRA), opt-out of sale/sharing, limit use of SPI (CPRA), portability, and non-discrimination. Penalties: $2,500 per unintentional violation, $7,500 per intentional violation — with no statutory maximum and class action exposure for data breaches. - **Discovery URL**: https://bidda.com/api/v1/nodes/ccpa-cpra.json ### CDP Carbon Disclosure Protocol - **ID**: cdp-carbon-disclosure - **Category**: Sustainability & ESG - **BLUF**: Global system for companies to manage and disclose environmental impacts. - **Discovery URL**: https://bidda.com/api/v1/nodes/cdp-carbon-disclosure.json ### CFA Ethics & Proficiency - **ID**: cfa-ethics-standards - **Category**: Legal & Professional - **BLUF**: Code of Ethics and Standards of Professional Conduct for investment professionals. - **Discovery URL**: https://bidda.com/api/v1/nodes/cfa-ethics-standards.json ### CFTC Part 49 (Swaps) - **ID**: cftc-part-49-swap-reporting - **Category**: Banking & Global Finance - **BLUF**: CFTC Part 49 (Swap Data Repositories) specifies the requirements for the registration and the reporting of the swap transaction data to the U.S. Commodity Futures Trading Commission. it ensures the transparency of the OTC derivatives markets by mandating the use of the Swap Data Repositories (SDRs) and the timely disclosure of the market activity. - **Discovery URL**: https://bidda.com/api/v1/nodes/cftc-part-49-swap-reporting.json ### CHAPS RTGS (Payments) - **ID**: chaps-rtgs-high-val-london - **Category**: Banking & Global Finance - **BLUF**: CHAPS (Clearing House Automated Payment System) is the UK's high-value, real-time gross settlement (RTGS) payment system. it is used for critical financial transactions, such as the interbank house purchases and the corporate the trades, ensuring the immediate and the irrevocable settlement of the funds through the Bank of England's the reserve accounts. - **Discovery URL**: https://bidda.com/api/v1/nodes/chaps-rtgs-high-val-london.json ### CIPD (HR Standards) - **ID**: cipd-hr-standards - **Category**: Workplace - **BLUF**: The CIPD Profession Map (v2.0) is the premier UK-based standard for the people professionals. it specifies the 'Core Knowledge', 'Core Behaviours', and 'Specialist Knowledge' that the define the successful HR and the development practice, ensuring the professionals integrate the 'People Practice', 'Culture and the Behaviour', and the 'Evidence-Based' the decision making into the global organization. - **Discovery URL**: https://bidda.com/api/v1/nodes/cipd-hr-standards.json ### Least Privilege for AI Agents (CIS Companion Guide) - **ID**: cis-ai-least-privilege - **Category**: Cybersecurity - **BLUF**: Autonomous AI agents must be managed as Non-Human Identities (NHIs) with task-scoped, ephemeral privileges. The principle of Least Privilege ensures that an agent's access is restricted to the specific data and tools required for its current atomic task. - **Discovery URL**: https://bidda.com/api/v1/nodes/cis-ai-least-privilege.json ### CIS Critical Security Controls Version 8 - **ID**: cis-controls-v8 - **Category**: "Cybersecurity" - **BLUF**: A prioritized set of 18 critical controls and 153 safeguards designed to mitigate the most prevalent cyber attacks. - **Discovery URL**: https://bidda.com/api/v1/nodes/cis-controls-v8.json ### CLIA Cruise Ship Safety - **ID**: clia-cruise-ship-safety - **Category**: Food & Hospitality - **BLUF**: Safety, security, and environmental policies for the cruise industry. - **Discovery URL**: https://bidda.com/api/v1/nodes/clia-cruise-ship-safety.json ### CSA Cloud Matrix (v4) - **ID**: cloud-security-matrix-csa - **Category**: Cloud & SaaS - **BLUF**: The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) v4.0 is a cybersecurity control framework for the cloud computing sector. it provides a detailed set of the 17 domains, covering all aspects of the cloud technology, from the logical access to the supply chain, and the mapping to the global standards such as the ISO 27001, the NIST 800-53, and the GDPR. - **Discovery URL**: https://bidda.com/api/v1/nodes/cloud-security-matrix-csa.json ### CMMC 2.0 Level 2 Cybersecurity (Advanced) - **ID**: cmmc-2-audit - **Category**: "Aerospace & Defense" - **BLUF**: A mandatory US Department of Defense (DoD) certification for contractors handling Controlled Unclassified Information (CUI), based on the 110 practices of NIST SP 800-171. - **Discovery URL**: https://bidda.com/api/v1/nodes/cmmc-2-audit.json ### COBIT 5 (Governance IT) - **ID**: cobit-5-governance-it - **Category**: Cloud & SaaS - **BLUF**: COBIT 5 (Control Objectives for Information and Related Technology) is the comprehensive industry standard for the governance and the management of the enterprise IT. it provides a globally accepted set of the principles, analytical tools, and the models for the alignment of the IT with the business goals, the focusing on the co-creation of the value and the 'Holistic' management of the risk. - **Discovery URL**: https://bidda.com/api/v1/nodes/cobit-5-governance-it.json ### Codex Alimentarius Code - **ID**: codex-alimentarius-gen - **Category**: Food & Hospitality - **BLUF**: International food standards, guidelines, and codes of practice for consumer health. - **Discovery URL**: https://bidda.com/api/v1/nodes/codex-alimentarius-gen.json ### Cold Chain Integrity Triage - **ID**: cold-chain-integrity-logic - **Category**: Logistics & Supply Chain - **BLUF**: Verifying temperature-controlled logistics for sensitive cargo. - **Discovery URL**: https://bidda.com/api/v1/nodes/cold-chain-integrity-logic.json ### GDPR Data Processing Agreement (DPA) Checklist - **ID**: compliance-gdpr-dpa - **Category**: "Business Compliance & Governance" - **BLUF**: Mandatory legal clauses required by Article 28 of the GDPR to ensure data protection when a controller uses a sub-processor (e.g., an AI agent). - **Discovery URL**: https://bidda.com/api/v1/nodes/compliance-gdpr-dpa.json ### Constitutional AI Algorithm - **ID**: constitutional-ai-align - **Category**: Advanced AI Research & Safety - **BLUF**: Constitutional AI (CAI) is an alignment training methodology developed by Anthropic (Bai et al., 2022) that trains AI systems to be helpful, harmless, and honest using a set of explicit behavioral principles (the 'Constitution') rather than relying exclusively on human feedback labeling of individual outputs. The method operates in two phases: a Supervised Learning from Constitutional AI (SL-CAI) phase where the model critiques and revises its own harmful outputs using principles as guidance, and a Reinforcement Learning from AI Feedback (RL-CAI) phase where an AI-generated preference dataset replaces or supplements human preference labels. CAI has been shown to reduce the need for human labeling of harmful content while producing models that are less harmful and more transparent about their reasoning. The constitutional approach is aligned with emerging AI governance requirements including EU AI Act Article 9 risk management and NIST AI RMF GOVERN function requirements for systematic safety assurance. - **Discovery URL**: https://bidda.com/api/v1/nodes/constitutional-ai-align.json ### COPC CX Standard - **ID**: copc-cx-standard - **Category**: Workflow Automation - **BLUF**: The COPC Customer Experience (CX) Standard is a performance management framework developed by COPC Inc. that defines operational excellence requirements for customer experience operations, contact centers, and outsourced service providers, covering service levels, quality, cost efficiency, and customer satisfaction metrics. The standard is organized around four key metric categories: Service (accessibility and speed — e.g., AHT, ASA, abandonment rate), Quality (accuracy of transactions and customer outcomes), Customer Experience (satisfaction scores, NPS, effort scores), and Cost (cost-per-transaction, productivity). COPC certification is recognized by major brands as evidence that a service operation meets globally benchmarked performance thresholds and is often required in BPO and CX outsourcing contracts. AI-augmented contact centers must demonstrate that AI-assisted interactions meet the same or superior quality metrics as human-only baselines. - **Discovery URL**: https://bidda.com/api/v1/nodes/copc-cx-standard.json ### COPPA (Marketing to Kids) - **ID**: coppa-marketing-kids - **Category**: Sales, Marketing & PR - **BLUF**: The Children's Online Privacy Protection Act (COPPA, 16 CFR 312) identifies the legal standards for the digital marketing to the children under 13 in the U.S. it specifies the mandatory the requirements for the 'Verifiable Parental Consent' (VPC), the'Direct Notice' to the parents, and the 'Data Minimization' approach that the an organization must the use to the protect the children's the private information and the digital'Safe' the surfing. - **Discovery URL**: https://bidda.com/api/v1/nodes/coppa-marketing-kids.json ### Fair Use (U.S. Copyright) - **ID**: copyright-fair-use-us - **Category**: Creative, Content & Media IP - **BLUF**: The Fair Use doctrine (17 U.S.C. 107) identifies the legal standards for the permissible use of the copyrighted the works without the'Permission'. it specifies the mandatory the requirements for the 'Four Factor Test' (Section 107.1-4), ensuring the robust public the discourse and the systematic protection of the 'Transformative' the uses (e.g., Criticism, the Commentary, the News, and the Research) that the serve the'Progress of Science and the Useful Arts'. - **Discovery URL**: https://bidda.com/api/v1/nodes/copyright-fair-use-us.json ### Creative Commons (BY-SA) - **ID**: creative-commons-by-sa - **Category**: Creative, Content & Media IP - **BLUF**: The Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) identifies the foundational standards for the 'Open and the Viral' content sharing. it specifies the mandatory the requirements for the 'Attribution' (Section 3.a) and the 'ShareAlike' (Section 3.b), ensuring the robust reuse of the works while the systematic propagation of the same the license terms for the all derived the creations. - **Discovery URL**: https://bidda.com/api/v1/nodes/creative-commons-by-sa.json ### Cross-Chain Bridge Security - **ID**: cross-chain-bridge-security - **Category**: Crypto & Sovereign Finance - **BLUF**: Cross-chain bridges enable transfer of digital assets between distinct blockchain networks by locking assets on the source chain and minting equivalents on the destination. Bridge protocols are the most exploited attack surface in DeFi — over $2 billion stolen in 2022 alone (Ronin $625M, Wormhole $320M, Nomad $190M). Primary vectors are compromised validator keys, smart contract logic errors, oracle manipulation, and replay attacks. Secure bridge architecture mandates cryptographic proof verification (ZK proofs, light client proofs, or optimistic fraud proofs), M-of-N validator quorums with HSM-protected keys, formal smart contract verification, and mandatory independent security audits before mainnet deployment. - **Discovery URL**: https://bidda.com/api/v1/nodes/cross-chain-bridge-security.json ### OECD CRS (Tax Exchange) - **ID**: crs-oecd-tax-automatic - **Category**: Banking & Global Finance - **BLUF**: The Common Reporting Standard (CRS) is the global benchmark for the automatic exchange of financial account information (AEOI) to combat tax evasion. Developed by the OECD, it requires financial institutions in participating jurisdictions to identify and report the account holders who are tax resident in other jurisdictions, ensuring the transparent flow of the tax data across the borders. - **Discovery URL**: https://bidda.com/api/v1/nodes/crs-oecd-tax-automatic.json ### Crypto AML Travel Rule - **ID**: crypto-aml-travel-rule - **Category**: Crypto & Sovereign Finance - **BLUF**: The FATF Travel Rule (Recommendation 16), as applied to Virtual Asset Service Providers (VASPs) through FATF Guidance on Virtual Assets (2019, updated 2021), requires that originating VASPs transmit specific identifying information about the sender and beneficiary alongside every virtual asset transfer above the applicable threshold (USD/EUR 1,000 for cross-VASP transfers; USD 3,000 for some jurisdictions). This information — analogous to the wire transfer travel rule in traditional finance — must be transmitted to the beneficiary VASP before or simultaneously with the transaction and must be securely stored. FATF member jurisdictions have implemented the Travel Rule through national legislation (EU: TFR/MiCA; US: FinCEN proposed rules; Singapore: MAS PSA; UK: FCA). VASPs failing to implement Travel Rule compliance face regulatory sanctions, license revocation, and banking relationship termination. - **Discovery URL**: https://bidda.com/api/v1/nodes/crypto-aml-travel-rule.json ### CSRD / ESRS (EU Sustainability) - **ID**: csrd-eu-sustainability - **Category**: Sustainability & ESG - **BLUF**: The Corporate Sustainability Reporting Directive (CSRD) is the landmark EU regulation mandating detailed sustainability disclosure for large and listed companies. It introduces the European Sustainability Reporting Standards (ESRS), requiring 'Double Materiality'—reporting on both financial and environmental/social impact. - **Discovery URL**: https://bidda.com/api/v1/nodes/csrd-eu-sustainability.json ### TAPA Transport Security Requirements - **ID**: customs-tapa-transport-sec - **Category**: Logistics & Supply Chain - **BLUF**: Security requirements for the movement of high-value goods. - **Discovery URL**: https://bidda.com/api/v1/nodes/customs-tapa-transport-sec.json ### Cyber Essentials Plus (UK) - **ID**: cyber-essentials-plus-uk - **Category**: Cloud & SaaS - **BLUF**: Cyber Essentials Plus is the UK's the premier the government-backed the security scheme for the protection of the businesses from the common cyber threats. it expands on the basic Cyber Essentials with a mandatory independent verification and the technical audit of the controls, including the internal and the external vulnerability scanning. - **Discovery URL**: https://bidda.com/api/v1/nodes/cyber-essentials-plus-uk.json ### System Information Discovery (MITRE ATT&CK T1082) - **ID**: cyber-mitre-t1082 - **Category**: "Cybersecurity" - **BLUF**: Adversaries attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. - **Discovery URL**: https://bidda.com/api/v1/nodes/cyber-mitre-t1082.json ### Account Management (NIST SP 800-53 AC-2) - **ID**: cyber-nist-800-53-ac2 - **Category**: "Cybersecurity" - **BLUF**: Automated, audited lifecycle management for all information system accounts to prevent unauthorized access and privilege creep. - **Discovery URL**: https://bidda.com/api/v1/nodes/cyber-nist-800-53-ac2.json ### Asset Management Strategy (NIST CSF 2.0 ID.AM) - **ID**: cyber-nist-csf-2 - **Category**: "Cybersecurity" - **BLUF**: Establish a comprehensive, real-time inventory of hardware, software, and data assets to ensure prioritized security control application. - **Discovery URL**: https://bidda.com/api/v1/nodes/cyber-nist-csf-2.json ### DeFi Insolvency Logic - **ID**: defi-tvl-ratio-logic - **Category**: Crypto & Sovereign Finance - **BLUF**: DeFi insolvency logic governs the real-time health monitoring and liquidation execution in over-collateralized lending protocols (Aave, Compound, MakerDAO), using a Health Factor calculation to determine when a borrower's collateral value has declined sufficiently relative to their debt that the position must be liquidated to protect the protocol's solvency. The Health Factor (HF = Sum(Collateral_i × LT_i) / Total_Debt_USD) must remain above 1.0; when it falls to 1.0 or below, liquidators are incentivized to repay a portion of the debt and seize discounted collateral. Accurate insolvency logic requires manipulation-resistant price oracles, correct normalization of debt amounts (including accrued interest), precise liquidation threshold parameters per asset, and slippage estimation to ensure liquidation profitability. Protocol insolvency from cascading undercollateralized positions is an existential risk — MakerDAO's March 2020 'Black Thursday' resulted in $6 million in undercollateralized debt due to oracle failure and liquidation bot failures. - **Discovery URL**: https://bidda.com/api/v1/nodes/defi-tvl-ratio-logic.json ### Delaware Corporate Law - **ID**: delaware-corporate-law-basics - **Category**: Legal & IP Sovereignty - **BLUF**: Delaware General Corporation Law (DGCL) is the leading U.S. corporate law, chosen by over 60% of Fortune 500 companies. It is defined by its enabling nature and the expertise of the Delaware Court of Chancery, which has developed a stable and predictable body of case law centered on the fiduciary duties of corporate directors. - **Discovery URL**: https://bidda.com/api/v1/nodes/delaware-corporate-law-basics.json ### DFARS 252.204-7012 (Cyber) - **ID**: dfars-7012-defense-cyber - **Category**: Aviation, Defense & Quantum - **BLUF**: DFARS 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting) is the primary U.S. defense acquisition regulation for protecting CDI. It mandates the implementation of NIST SP 800-171 and requires rapid cyber incident reporting (within 72 hours) for all defense contractors handling sensitive military data. - **Discovery URL**: https://bidda.com/api/v1/nodes/dfars-7012-defense-cyber.json ### DICOM Imaging Standard - **ID**: dicom-imaging-standard - **Category**: Medical & Healthcare - **BLUF**: DICOM (Digital Imaging and Communications in Medicine) is the international standard for medical imaging and related information. It specifies the network protocols for image exchange (PACS/RIS integration), the media format for storage (PS3.10), and the web services (WADO-RS) for image retrieval across the healthcare enterprise. - **Discovery URL**: https://bidda.com/api/v1/nodes/dicom-imaging-standard.json ### DICOM (Medical Imaging) - **ID**: dicom-medical-imaging - **Category**: Creative, Content & Media IP - **BLUF**: The DICOM (Digital Imaging and Communications in Medicine) standard identifies the foundational international standards for the medical imaging and the 'Clinical' data exchange. it specifies the mandatory the requirements for the 'Information Object Definitions' (PS3.3), the 'Data Structures and Encoding' (PS3.5), and the 'Security and the Privacy' (PS3.15), ensuring the robust integrity and the 'High-Assurance' interoperability of the diagnostic images (MRI, THE CT, THE X-Ray) across the global healthcare systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/dicom-medical-imaging.json ### Digital Twin Fidelity Audit - **ID**: digital-twin-fidelity - **Category**: Industrial IoT & Energy - **BLUF**: Digital twin fidelity refers to the degree of accuracy with which a virtual model replicates the real-time state, behavior, and physical properties of its physical counterpart, encompassing sensor data synchronization latency, physics simulation accuracy, historical data concordance, and predictive model calibration. NIST defines digital twin as a 'virtual representation of a real-world entity or process' (NIST IR 8356), and fidelity auditing ensures the twin remains trustworthy for decision-making in industrial operations, predictive maintenance, process optimization, and safety monitoring. Low-fidelity twins produce incorrect predictions, missed maintenance events, and dangerous process control decisions. Digital twin fidelity standards draw from ISO 23247 (Digital Twin for Manufacturing), IEC 61360 (data element specifications), and IEC 62443 (ICS security for connected twins). - **Discovery URL**: https://bidda.com/api/v1/nodes/digital-twin-fidelity.json ### DMCA (Safe Harbor) - **ID**: dmca-safe-harbor - **Category**: Creative, Content & Media IP - **BLUF**: The Digital Millennium Copyright Act (DMCA) Safe Harbor (17 U.S.C. 512) identifies the legal standards for the Online Service Providers (OSPs) in the U.S. it specifies the mandatory the requirements for the 'Notice and the Take-Down' process (Section 512.c), the 'DMCA Agent' registration, and the systematic prevention of the 'Repeat Infringement', ensuring the OSPs are protected from the liability for the user-generated the content they host. - **Discovery URL**: https://bidda.com/api/v1/nodes/dmca-safe-harbor.json ### Volcker Rule (Prop Trading) - **ID**: dodd-frank-volcker-rule - **Category**: Banking & Global Finance - **BLUF**: The Volcker Rule (Section 619 of the Dodd-Frank Act) prohibits U.S. banking entities from engaging in proprietary trading or acquiring/sponsoring 'Covered Funds' (Hedge Funds or Private Equity). it is designed to separate commercial banking from high-risk investment activities, ensuring that deposit-taking institutions do not risk taxpayer-insured funds for their own gain. - **Discovery URL**: https://bidda.com/api/v1/nodes/dodd-frank-volcker-rule.json ### DOI (Object ID) - **ID**: doi-digital-object-id - **Category**: Creative, Content & Media IP - **BLUF**: The Digital Object Identifier (DOI) (ISO 26324) identifies the foundational international standards for the permanent and the unique identification of the digital objects. it specifies the mandatory the 'Prefix/Suffix' structure and the 'Resolution' (Handle System) (Section 4), ensuring the robust citing of the scholarly, the 'Legal and the Technical' data and the 'Verified' the 'Source of Authority' for the autonomous research agents across the global digital ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/doi-digital-object-id.json ### DORA — EU Digital Operational Resilience Act - **ID**: dora-ict-risk - **Category**: Finance - **BLUF**: Regulation (EU) 2022/2554 (DORA — Digital Operational Resilience Act), published December 27, 2022 and directly applicable (no national transposition required) across all EU member states from January 17, 2025, establishes binding ICT risk management, incident reporting, resilience testing, and third-party risk oversight requirements for 20+ categories of EU financial entities. DORA applies to credit institutions, investment firms, payment institutions, e-money institutions, insurance/reinsurance undertakings, crypto-asset service providers (CASPs), central counterparties (CCPs), trade repositories, AIFMs, UCITS management companies, data reporting services providers, and more. Key obligations: (1) ICT risk management framework with governance, protection, detection, response, and recovery capabilities; (2) ICT-related incident classification and mandatory reporting — initial notification within 4 hours of classification as major incident, intermediate report within 72 hours, final report within 1 month; (3) Digital operational resilience testing including Threat-Led Penetration Testing (TLPT) every 3 years for significant entities; (4) ICT third-party risk management with contractual requirements for Critical ICT Third-Party Providers (CTPPs) who are directly supervised by an EU Lead Overseer (EBA, ESMA, or EIOPA depending on sector). DORA displaces NIS2 obligations for in-scope financial entities (lex specialis principle). - **Discovery URL**: https://bidda.com/api/v1/nodes/dora-ict-risk.json ### Drone Delivery Corridor Security - **ID**: drone-delivery-corridor - **Category**: Logistics & Supply Chain - **BLUF**: Security protocols for autonomous aerial delivery routes. - **Discovery URL**: https://bidda.com/api/v1/nodes/drone-delivery-corridor.json ### DTSA (Trade Secret Protection) - **ID**: dtsa-trade-secret-protection - **Category**: Legal & IP Sovereignty - **BLUF**: The Defend Trade Secrets Act (DTSA) of 2016 is a U.S. federal law extending the Economic Espionage Act of 1996 to provide a private right of action for trade secret misappropriation. It provides a standardized federal framework for protecting confidential business information, including 'Ex Parte Seizure' provisions to prevent the dissemination of trade secrets. - **Discovery URL**: https://bidda.com/api/v1/nodes/dtsa-trade-secret-protection.json ### EAR Dual-Use Export Control - **ID**: ear-dual-use-export - **Category**: Aviation, Defense & Quantum - **BLUF**: The Export Administration Regulations (EAR) govern the export of 'Dual-Use' items—commercial commodities, software, and technology that also have potential military or proliferation applications. It is centered around the Commerce Control List (CCL) and the Export Control Classification Number (ECCN) to determine license requirements. - **Discovery URL**: https://bidda.com/api/v1/nodes/ear-dual-use-export.json ### EASA Part 145 (Maintenance) - **ID**: easa-part-145-maintenance - **Category**: Aviation, Defense & Quantum - **BLUF**: EASA Part 145 is the European standard for the approval of maintenance organizations in civil aviation. It specifies the requirements for the organization, personnel, facility, and procedures to ensure the airworthiness of aircraft and components through safe and standardized maintenance practices. - **Discovery URL**: https://bidda.com/api/v1/nodes/easa-part-145-maintenance.json ### EBA Outsourcing Guidelines - **ID**: eba-outsourcing-guide - **Category**: Banking & Global Finance - **BLUF**: The EBA Guidelines on Outsourcing Arrangements (EBA/GL/2019/02) apply a unified framework for the financial sector across the EU. it specifies the governance and the pre-outsourcing due diligence required for all credit institutions and the investment firms, with a specific focus on the 'Critical or Important' functions that affect the firm's the regulatory compliance. - **Discovery URL**: https://bidda.com/api/v1/nodes/eba-outsourcing-guide.json ### EBU R128 (Loudness) - **ID**: ebu-r128-audio-loudness - **Category**: Creative, Content & Media IP - **BLUF**: The EBU R128 (Loudness Normalisation and Permitted Maximum Level) identifies the foundational standards for the consistent audio levels across the media streams. it specifies the mandatory the requirements for the 'Program Loudness' (-23.0 LUFS), the 'Maximum True Peak Level' (-1 dBTP), and the systematic measurement of the 'Loudness Range' (LRA), ensuring the 'Verified' the 'Comfortable' listening experience for the global audiences on the digital and the TV channels. - **Discovery URL**: https://bidda.com/api/v1/nodes/ebu-r128-audio-loudness.json ### ECB Guide (Internal Models) - **ID**: ecb-guide-internal-models - **Category**: Banking & Global Finance - **BLUF**: The ECB Guide to Internal Models (EGIM) provides the foundational standard for the supervised banks in the Eurozone to the use of the 'Internal Ratings Based' (IRB) approach for calculating the regulatory capital. it specifies the risk parameter estimation (PD, LGD, EAD) and the validation requirements for the credit risk models. - **Discovery URL**: https://bidda.com/api/v1/nodes/ecb-guide-internal-models.json ### Edge AI Security (NIST) - **ID**: edge-ai-security-nist - **Category**: Industrial IoT & Energy - **BLUF**: Edge AI security encompasses the technical and operational controls required to securely deploy machine learning models on resource-constrained IoT and edge computing devices, where traditional cloud-based security architectures cannot be fully replicated due to limited compute, network, and power resources. NIST SP 800-213 (IoT Device Cybersecurity Guidance) and NIST IR 8259 (Foundational Cybersecurity Activities for IoT Device Manufacturers) provide the foundational requirements, supplemented by NIST SP 800-207 (Zero Trust Architecture) for network access control. Key risks include: AI model theft via physical device access, adversarial input attacks on on-device inference, insecure firmware update mechanisms, side-channel attacks on cryptographic operations, and supply chain compromise of edge AI hardware. Failure to secure edge AI creates attack vectors that bypass perimeter defenses entirely. - **Discovery URL**: https://bidda.com/api/v1/nodes/edge-ai-security-nist.json ### EEOC (Employment Rule) - **ID**: eeoc-employment-rule - **Category**: Workplace - **BLUF**: The U.S. Equal Employment Opportunity Commission (EEOC) enforces the 'Title VII of the Civil Rights Act of 1964' and the related regulations. it specifies the mandatory the standards for the employers to the prevent discrimination, the harassment, and the retaliation based on the race, the color, the religion, the sex, and the national origin, ensuring the equal the talent the access and the treatment. - **Discovery URL**: https://bidda.com/api/v1/nodes/eeoc-employment-rule.json ### Environmental Noise Directive - **ID**: environmental-noise-dir - **Category**: Sustainability & ESG - **BLUF**: EU assessment and management of environmental noise. - **Discovery URL**: https://bidda.com/api/v1/nodes/environmental-noise-dir.json ### ePrivacy (Cookie Directive) - **ID**: eprivacy-cookie-directive - **Category**: Sales, Marketing & PR - **BLUF**: The ePrivacy Directive (2002/58/EC, amended 2009) identifies the legal standards for the cookies and the tracking technologies in the EU. it specifies the mandatory 'Prior Content' requirement (Article 5.3) for the any non-essential the data the storage or the access on a the user's the device, ensuring the privacy of the terminal equipment and the digital communication. - **Discovery URL**: https://bidda.com/api/v1/nodes/eprivacy-cookie-directive.json ### ERISA (Retirement Security) - **ID**: erisa-compliance-rep - **Category**: Workplace - **BLUF**: The Employee Retirement Income Security Act of 1974 (ERISA) is the primary U.S. federal law for the private sector the employee the benefit plans. it specifies the mandatory the standards for the 'Reporting and the Disclosure', the 'Participation and the Vesting', and the most the critical the 'Fiduciary Responsibilities' for the those who the manage the plan the assets, ensuring the protection of the retirement and the health the benefit integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/erisa-compliance-rep.json ### Account Abstraction (EIP-4337) - **ID**: ethereum-eip-4337 - **Category**: Crypto & Sovereign Finance - **BLUF**: EIP-4337 (Account Abstraction Using Alt Mempool) is an Ethereum Improvement Proposal finalized in March 2023 that enables programmable smart contract wallets to replace externally owned accounts (EOAs) as the primary transaction signing mechanism, without requiring changes to the Ethereum protocol consensus layer. The standard introduces a new transaction object called a UserOperation, a permissionless Bundler network that aggregates UserOperations into standard transactions, a singleton EntryPoint contract that validates and executes UserOperations, and a Paymaster contract that enables third-party gas sponsorship. For AI agents, EIP-4337 is foundational because it enables agents to operate programmable wallets with built-in spending limits, multi-signature authorization requirements, social recovery, and gas abstraction — removing the requirement for agents to hold ETH for gas fees and enabling human-readable authorization rules enforced by smart contract logic. - **Discovery URL**: https://bidda.com/api/v1/nodes/ethereum-eip-4337.json ### EU AI Act: Data Bias Mitigation (Article 10) - **ID**: eu-ai-act-bias - **Category**: AI Governance & Law - **BLUF**: Article 10 of the EU AI Act (2026 fully enforced) mandates strict controls to detect, prevent, and mitigate biases in training, validation, and testing datasets for high-risk AI systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-ai-act-bias.json ### EU AI Act: High-Risk Conformity (Title III) - **ID**: eu-ai-act-high-risk - **Category**: AI Governance & Law - **BLUF**: Title III of the EU AI Act (2026 fully enforced) mandates rigorous conformity assessments for "High-Risk AI Systems," including mandatory requirements for data governance, technical documentation, and record-keeping. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-ai-act-high-risk.json ### EU Antitrust & Competition Law - **ID**: eu-antitrust-competition-law - **Category**: Legal & IP Sovereignty - **BLUF**: EU Antitrust and Competition Law (based on Articles 101 and 102 of the TFEU) is the primary framework for ensuring fair competition within the EU's internal market. It prohibits cartels, anti-competitive agreements, and the abuse of a dominant position by major firms, with massive enforcement powers held by the European Commission. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-antitrust-competition-law.json ### EU Digital Battery Passport - **ID**: eu-battery-passport - **Category**: Sustainability & ESG - **BLUF**: Digital documentation for sustainability and safety of batteries in EU. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-battery-passport.json ### EU Carbon Border Adjustment (CBAM) - **ID**: eu-cbam-calc - **Category**: Sustainability & ESG - **BLUF**: The EU Carbon Border Adjustment Mechanism (CBAM), established by Regulation (EU) 2023/956 and fully operational from January 2026, requires EU importers to purchase CBAM certificates corresponding to the carbon price that would have been paid under EU ETS rules if the goods had been produced in the EU. The mechanism applies to imports of cement, iron and steel, aluminium, fertilizers, electricity, and hydrogen, with potential expansion to additional sectors. During a transitional phase (October 2023 to December 2025), importers had quarterly reporting obligations without certificate purchase requirements. From 2026, importers must submit annual CBAM declarations and surrender CBAM certificates equivalent to the embedded emissions in their imports. The CBAM is designed to prevent carbon leakage and level the competitive playing field, and non-compliance results in penalties of EUR 10-50 per excess tonne of CO2 equivalent. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-cbam-calc.json ### EU Copyright (Art 17) - **ID**: eu-copyright-directive-art-17 - **Category**: Creative, Content & Media IP - **BLUF**: The EU Copyright Directive Article 17 (2019/790) identifies the legal standards for the Online Content Sharing Service Providers (OCSSPs) in the European Union. it specifies the mandatory the requirements for the 'Best Efforts' to the obtain authorization, the 'Stay-down' for the restricted content (Article 17.4), and the systematic protection of the author's the rights and the 'Redress Mechanism' for the users, shifting the platform liability from the 'Safe Harbor' to the proactive 'Filtering' duty. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-copyright-directive-art-17.json ### Ecodesign for Sustainable Prod - **ID**: eu-espr-ecodesign - **Category**: Sustainability & ESG - **BLUF**: EU standards for set environmental sustainability requirements for products. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-espr-ecodesign.json ### EU General Food Law (178/2002) - **ID**: eu-food-law-178-2002 - **Category**: Food & Hospitality - **BLUF**: General principles and requirements of food law in the European Union. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-food-law-178-2002.json ### EU IVDR 2017/746 (Diagnostics) - **ID**: eu-ivdr-2017-746 - **Category**: Medical & Healthcare - **BLUF**: EU Regulation 2017/746 (In-Vitro Diagnostic Medical Device Regulation - IVDR) is the primary framework for diagnostic devices in the European Union. It replaces the previous 98/79/EC directive and dramatically increases the oversight of IVDs, requiring nearly 80% of devices to undergo notified body audit (vs. 20% previously). - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-ivdr-2017-746.json ### EU MDR 2017/745 (Devices) - **ID**: eu-mdr-2017-745 - **Category**: Medical & Healthcare - **BLUF**: EU Regulation 2017/745 (Medical Device Regulation - MDR) is the primary framework for medical device compliance in the European Union. It replaces the previous MDD/AIMDD directives, introducing more rigorous requirements for pre-market clinical evaluation, post-market surveillance (PMS), and traceability through the UDI system. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-mdr-2017-745.json ### SFDR: Sustainable Finance Disclosure - **ID**: eu-sfdr-reporting - **Category**: Sustainability & ESG - **BLUF**: Transparency requirements for financial market participants on sustainability risks. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-sfdr-reporting.json ### EU Taxonomy for Sustainable Finance - **ID**: eu-taxonomy-sustainable - **Category**: Sustainability & ESG - **BLUF**: Classification system for environmentally sustainable economic activities. - **Discovery URL**: https://bidda.com/api/v1/nodes/eu-taxonomy-sustainable.json ### EXIF Standard (Metadata) - **ID**: exif-standard-metadata - **Category**: Creative, Content & Media IP - **BLUF**: The EXIF (Exchangeable Image File Format v3.0) identifies the foundational industry standards for the camera and the acquisition metadata. it specifies the mandatory the requirements for the 'Image Data Structure' (Section 4), the 'GPS Info' (Section 4.3), and the systematic recording of the 'Technical Settings' (e.g., Aperture, the Exposure, the Sensor data), ensuring the high-fidelity interoperability between the 'Hardware' and the'Post-Processing' the global software ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/exif-standard-metadata.json ### FAA Part 21 (Certification) - **ID**: faa-part-21-certification - **Category**: Aviation, Defense & Quantum - **BLUF**: FAA Part 21 (Certification Procedures for Products and Articles) is the primary U.S. regulation for the certification of aircraft, engines, propellers, and parts. it encompasses the entire life cycle from initial type certificate (TC) through production certificate (PC) and final airworthiness certificate issuance. - **Discovery URL**: https://bidda.com/api/v1/nodes/faa-part-21-certification.json ### Fair Trade Tourism Audit - **ID**: fair-trade-tourism - **Category**: Food & Hospitality - **BLUF**: Ethical and fair trade standards for tourism businesses and destinations. - **Discovery URL**: https://bidda.com/api/v1/nodes/fair-trade-tourism.json ### FATCA IGA (Tax Compliance) - **ID**: fatca-iga-compliance - **Category**: Banking & Global Finance - **BLUF**: The Foreign Account Tax Compliance Act (FATCA) is a U.S. federal law requiring foreign financial institutions (FFIs) to report the assets of U.S. account holders. The legislation is primarily implemented through Intergovernmental Agreements (IGAs) (Model 1 & Model 2), which provide a legal framework for FFIs to report to their national authority or the IRS, ensuring global tax transparency. - **Discovery URL**: https://bidda.com/api/v1/nodes/fatca-iga-compliance.json ### AI Agent Anti-Money Laundering (AML) Compliance - **ID**: fatf-aml-agent - **Category**: Finance - **BLUF**: Autonomous agents performing financial functions are subject to the same FATF risk-based approach as traditional entities. Compliance requires 'Neural AML' – embedding real-time traceability, KYC verification, and transaction monitoring directly into the agentic workflow. - **Discovery URL**: https://bidda.com/api/v1/nodes/fatf-aml-agent.json ### FATF Recommendation 16 (Travel Rule) - **ID**: fatf-travel-rule-v2 - **Category**: Banking & Global Finance - **BLUF**: FATF Recommendation 16, also known as the 'Travel Rule', is the global AML/CFT standard for virtual assets. It requires Virtual Asset Service Providers (VASPs) to collect and transmit originator and beneficiary information for all virtual asset transfers exceeding $1,000 to prevent money laundering and terrorist financing. - **Discovery URL**: https://bidda.com/api/v1/nodes/fatf-travel-rule-v2.json ### FATF Virtual Asset Red Flags - **ID**: fatf-virtual-asset-redfl - **Category**: Banking & Global Finance - **BLUF**: The FATF Virtual Asset Red Flag Indicators (2020) provides a report to assist financial institutions and Virtual Asset Service Providers (VASPs) in identifying potential money laundering and terrorist financing activity. it categorizes indicators into transaction patterns, anonymity, and sender/recipient behavior to enhance risk-based monitoring. - **Discovery URL**: https://bidda.com/api/v1/nodes/fatf-virtual-asset-redfl.json ### FCA Consumer Duty (2023) - **ID**: fca-consumer-duty-2023 - **Category**: Banking & Global Finance - **BLUF**: The FCA Consumer Duty (PS22/9) is a major U.S.-style 'fiduciary' reform for the UK retail financial sector. It introduces a new 'Consumer Principle' (Principle 12), requiring firms to act to deliver good outcomes for retail customers, setting higher and clearer standards of consumer protection across all financial services. - **Discovery URL**: https://bidda.com/api/v1/nodes/fca-consumer-duty-2023.json ### FCPA Anti-Bribery (US) - **ID**: fcpa-anti-bribery-compliance - **Category**: Legal & IP Sovereignty - **BLUF**: The Foreign Corrupt Practices Act (FCPA) of 1977 is a U.S. federal law prohibiting the payment of bribes to foreign officials to assist in obtaining or retaining business. It applies to all U.S. persons, issuers, and foreign firms operating within the U.S., enforced jointly by the SEC and the Department of Justice (DOJ). - **Discovery URL**: https://bidda.com/api/v1/nodes/fcpa-anti-bribery-compliance.json ### FDA 21 CFR Part 11 (Records) - **ID**: fda-21-cfr-part-11-records - **Category**: Medical & Healthcare - **BLUF**: FDA 21 CFR Part 11 establishes the U.S. requirements for electronic records and electronic signatures. It defines the criteria under which the FDA considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records. - **Discovery URL**: https://bidda.com/api/v1/nodes/fda-21-cfr-part-11-records.json ### FDA 21 CFR Part 820 (QSR) - **ID**: fda-21-cfr-part-820-qsr - **Category**: Medical & Healthcare - **BLUF**: FDA 21 CFR Part 820 is the Quality System Regulation (QSR) governing the manufacture and design of medical devices in the United States. It requires medical device manufacturers to establish a quality system to ensure that their products consistently meet applicable requirements and specifications. - **Discovery URL**: https://bidda.com/api/v1/nodes/fda-21-cfr-part-820-qsr.json ### FDA Clinical Decision Software - **ID**: fda-clinical-decision-support - **Category**: Medical & Healthcare - **BLUF**: The FDA Guidance on Clinical Decision Support (CDS) Software (2022) provides the criteria under which software functions are NOT considered medical devices under Section 520(o)(1)(E) of the FD&C Act. It focus on ensuring that the healthcare professional (HCP) can independently review the basis for the software's recommendations to ensure patient safety. - **Discovery URL**: https://bidda.com/api/v1/nodes/fda-clinical-decision-support.json ### FDA Food Safety Modernization - **ID**: fda-fsma-compliance - **Category**: Food & Hospitality - **BLUF**: FSMA rules focusing on preventing food contamination rather than just responding. - **Discovery URL**: https://bidda.com/api/v1/nodes/fda-fsma-compliance.json ### FDA Software as a Medical Device (SaMD) Risk Matrix - **ID**: fda-samd-risk - **Category**: "Medical Intelligence" - **BLUF**: A risk-based framework for classifying software intended for medical purposes independently of hardware, based on IMDRF categorizations and FDA safety standards. - **Discovery URL**: https://bidda.com/api/v1/nodes/fda-samd-risk.json ### FDIC Part 370 (Records) - **ID**: fdic-part-370-recordkeep - **Category**: Banking & Global Finance - **BLUF**: FDIC Part 370 (Recordkeeping for Timely Deposit Insurance Determination) is a critical compliance standard for large U.S. banks (over 2 million deposit accounts). it requires institutions to maintain the account records in a specific format that allows the FDIC determine the insurance the amount for the account holder within 24 hours of a failure. - **Discovery URL**: https://bidda.com/api/v1/nodes/fdic-part-370-recordkeep.json ### FedRAMP — US Federal Cloud Authorization - **ID**: fedramp-authorization - **Category**: Cybersecurity - **BLUF**: The Federal Risk and Authorization Management Program (FedRAMP), established by OMB Memorandum M-11-33 (June 2011) and codified into law by the FedRAMP Authorization Act (December 2022, part of NDAA FY2023), is the US federal government's standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. All cloud services (IaaS, PaaS, SaaS) used by federal agencies must be FedRAMP authorized. FedRAMP defines three impact levels based on FIPS 199 categorization: Low (125 controls), Moderate (325 controls, most common — covers 80%+ of federal use cases), and High (421 controls, for sensitive unclassified data including law enforcement, financial, and health data). Two authorization paths: (1) Agency ATO (Authority to Operate) — a federal agency sponsors and issues an ATO, usable government-wide; (2) JAB (Joint Authorization Board) P-ATO — reviewed by GSA, DoD, and DHS CIOs, highest prestige. Third-Party Assessment Organizations (3PAOs) — accredited by the American Association for Laboratory Accreditation (A2LA) — conduct independent assessments. FedRAMP Rev 5 baselines (aligned to NIST SP 800-53 Rev 5) released January 2024. Continuous monitoring: monthly vulnerability scanning, annual penetration testing, and significant change reporting are mandatory post-authorization. - **Discovery URL**: https://bidda.com/api/v1/nodes/fedramp-authorization.json ### FedRAMP Moderate (NIST) - **ID**: fedramp-moderate-baseline - **Category**: Cloud & SaaS - **BLUF**: The Federal Risk and Authorization Management Program (FedRAMP) Moderate Baseline is the U.S. government-wide program that provides a standardized approach to the security assessment, authorization, and the continuous monitoring for the cloud products and the services. The 'Moderate' baseline consists of the 325+ controls based on the NIST SP 800-53 Rev 5, designed for the systems where the loss of the confidentiality, integrity, and the availability would the have the a the serious the effect. - **Discovery URL**: https://bidda.com/api/v1/nodes/fedramp-moderate-baseline.json ### Cross-Border VAT/GST Calculation Logic - **ID**: finance-tax-logic - **Category**: "Finance & Accounting" - **BLUF**: Deterministic decision tree for determining tax residency, place of supply, and applicable VAT/GST rates for international digital services. - **Discovery URL**: https://bidda.com/api/v1/nodes/finance-tax-logic.json ### FINRA Rule 3110 (Supervision) - **ID**: finra-3110-supervision - **Category**: Banking & Global Finance - **BLUF**: FINRA Rule 3110 is the foundational U.S. standard for the supervision of the registered representatives and the offices of broker-dealers. it requires firms to establish and maintain a system of the supervisory procedures (WSPs) to ensure the compliance with the applicable securities laws and the FINRA rules, with a specific focus on the regular inspection and the oversight of the 'Offices of Supervisory Jurisdiction' (OSJ). - **Discovery URL**: https://bidda.com/api/v1/nodes/finra-3110-supervision.json ### FIPS 203 (ML-KEM Quantum) - **ID**: fips-203-ml-kem-quantum - **Category**: Aviation, Defense & Quantum - **BLUF**: FIPS 203 (Module-Lattice-Based Key-Encapsulation Mechanism) is the final NIST standard for quantum-resistant key encapsulation. Based on the CRYSTALS-Kyber algorithm, it is designed to protect sensitive information from future decryption by large-scale quantum computers, providing the foundational layer for PQC secure communication. - **Discovery URL**: https://bidda.com/api/v1/nodes/fips-203-ml-kem-quantum.json ### Post-Quantum Cryptography (FIPS 203) - **ID**: fips-203-quantum-kem - **Category**: "Cybersecurity" - **BLUF**: National standards for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM), ensuring security in the era of Cryptographically Relevant Quantum Computers (CRQC). - **Discovery URL**: https://bidda.com/api/v1/nodes/fips-203-quantum-kem.json ### FIPS 204 (ML-DSA Quantum) - **ID**: fips-204-ml-dsa-quantum - **Category**: Aviation, Defense & Quantum - **BLUF**: FIPS 204 (Module-Lattice-Based Digital Signature Algorithm) is the final NIST standard for quantum-resistant digital signatures. Based on the CRYSTALS-Dilithium algorithm, it is designed to ensure authenticity and non-repudiation in a post-quantum world, replacing or augmenting RSA and ECDSA signatures for core internet infrastructure. - **Discovery URL**: https://bidda.com/api/v1/nodes/fips-204-ml-dsa-quantum.json ### Post-Quantum DSA (FIPS 204) - **ID**: fips-204-quantum-dsa - **Category**: "Cybersecurity" - **BLUF**: National standards for the Module-Lattice-Based Digital Signature Algorithm (ML-DSA), providing quantum-safe authentication and code signing. - **Discovery URL**: https://bidda.com/api/v1/nodes/fips-204-quantum-dsa.json ### Quantum SPHINCS+ (FIPS 205) - **ID**: fips-205-quantum-sphincs - **Category**: "Cybersecurity" - **BLUF**: National standards for the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA), a conservative, hash-only post-quantum signature scheme. - **Discovery URL**: https://bidda.com/api/v1/nodes/fips-205-quantum-sphincs.json ### FIPS 205 (SLH-DSA Quantum) - **ID**: fips-205-slh-dsa-quantum - **Category**: Aviation, Defense & Quantum - **BLUF**: FIPS 205 (Stateless Hash-Based Digital Signature Algorithm) is a NIST-standardized quantum-resistant signature mechanism based on the SPHINCS+ construction. Unlike lattice-based schemes, it relies solely on the security of cryptographic hash functions, providing a robust backup against potential cryptanalytic breakthroughs in other PQC families. - **Discovery URL**: https://bidda.com/api/v1/nodes/fips-205-slh-dsa-quantum.json ### Fleet Telematics Audit Protocol - **ID**: fleet-telematic-audit - **Category**: Logistics & Supply Chain - **BLUF**: Verifying vehicle performance and driver behavior metrics via IoT. - **Discovery URL**: https://bidda.com/api/v1/nodes/fleet-telematic-audit.json ### FLSA (Fair Labor) - **ID**: flsa-compliance-labor - **Category**: Workplace - **BLUF**: The Fair Labor Standards Act of 1938 (FLSA) is the primary U.S. federal law for the wage and the hour standards. it specifies the mandatory the requirements for the 'Minimum Wage', the 'Overtime Pay' (1.5x the regular rate for the any work over 40 hours), the 'Recordkeeping', and the 'Child Labor' restrictions, ensuring the fair compensation and the worker protection in the private and the public sectors. - **Discovery URL**: https://bidda.com/api/v1/nodes/flsa-compliance-labor.json ### FMLA (Family Leave) - **ID**: fmla-compliance-leave - **Category**: Workplace - **BLUF**: The Family and Medical Leave Act of 1993 (FMLA) is the primary U.S. federal law for the protected employee leave. it specifies the mandatory the standard for the eligible the employees to the take the up to the '12 Weeks' of the 'Unpaid, Job-Protected' leave for the serious health conditions or the specific 'Family' events, ensuring the maintenance of the health benefits and the terminal job restoration. - **Discovery URL**: https://bidda.com/api/v1/nodes/fmla-compliance-leave.json ### Food Allergen Labeling Law - **ID**: food-allergen-label-law - **Category**: Food & Hospitality - **BLUF**: Regulatory requirements for declaring allergens in packaged food (FALCPA/EU). - **Discovery URL**: https://bidda.com/api/v1/nodes/food-allergen-label-law.json ### Freight Forwarding Ethics (FIATA) - **ID**: freight-forwarder-fiata - **Category**: Logistics & Supply Chain - **BLUF**: Global standards for freight forwarding and logistics services. - **Discovery URL**: https://bidda.com/api/v1/nodes/freight-forwarder-fiata.json ### FSB Key Attributes (Resolution) - **ID**: fsb-key-attributes-res - **Category**: Banking & Global Finance - **BLUF**: The FSB Key Attributes of Effective Resolution Regimes for Financial Institutions are the international standards for the orderly resolution of failing systemically important financial institutions (SIFIs). it provides the mandatory powers and tools for national authorities to resolve banks without taxpayer bailouts, ensuring the continuity of the critical functions. - **Discovery URL**: https://bidda.com/api/v1/nodes/fsb-key-attributes-res.json ### FSB TCFD (Banking) - **ID**: fsb-tcfd-banking-disc - **Category**: Banking & Global Finance - **BLUF**: The TCFD (Task Force on Climate-related Financial Disclosures) Banking Sector Disclosures provide a specific framework for banks to report on the financial implications of the climate change. it requires detailed transparency on how banks identify, assess, and manage the 'Physical' and 'Transition' risks within their lending and investment portfolios, ensuring the global market stability during the green transition. - **Discovery URL**: https://bidda.com/api/v1/nodes/fsb-tcfd-banking-disc.json ### FSC Chain of Custody (STD-40-004) - **ID**: fsc-chain-of-custody - **Category**: Sustainability & ESG - **BLUF**: Tracking forest-based products through the entire supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/fsc-chain-of-custody.json ### FSSC 22000 (Food Packaging) - **ID**: fssc-22000-food-pack - **Category**: Food & Hospitality - **BLUF**: Certification scheme for food safety management in the packaging industry. - **Discovery URL**: https://bidda.com/api/v1/nodes/fssc-22000-food-pack.json ### FTC (Endorsement Guides) - **ID**: ftc-endorsement-guides - **Category**: Sales, Marketing & PR - **BLUF**: The FTC Endorsement Guides (16 CFR 255) identify the legal standards for the endorsements and the testimonials in the U.S. advertising. it specifies the mandatory the requirements for the 'Clear and the Conspicuous' disclosure of the any 'Material Connection' (e.g., Payment, Free product, Relationship) between the endorser and the advertiser, ensuring the consumer is the not the misled by the biased the regular social/media content. - **Discovery URL**: https://bidda.com/api/v1/nodes/ftc-endorsement-guides.json ### US GAAP Framework - **ID**: gaap-us-framework - **Category**: Legal & Professional - **BLUF**: Generally Accepted Accounting Principles for financial reporting in the United States. - **Discovery URL**: https://bidda.com/api/v1/nodes/gaap-us-framework.json ### GDPR Art 21 (Opt-out) - **ID**: gdpr-art-21-marketing-optout - **Category**: Sales, Marketing & PR - **BLUF**: Article 21 of the General Data Protection Regulation (GDPR) identifies the 'Right to Object' to the data processing. it specifies the mandatory the standards for the an organization to the 'Cease' the direct marketing activities (Article 21.2) immediately upon a the user's the objection, providing an the absolute and the non-derogable right for the data subjects to the control their the digital the commercial the exposure. - **Discovery URL**: https://bidda.com/api/v1/nodes/gdpr-art-21-marketing-optout.json ### GDPR DPO Requirements - **ID**: gdpr-data-protection-officer - **Category**: Legal & IP Sovereignty - **BLUF**: The EU GDPR (General Data Protection Regulation) requires certain organizations to designate a Data Protection Officer (DPO) (Article 37). The DPO acts as an independent compliance champion, advising the organization on its data protection obligations and serving as a contact point for data subjects and supervisory authorities. - **Discovery URL**: https://bidda.com/api/v1/nodes/gdpr-data-protection-officer.json ### GDPR Health Data (EU) - **ID**: gdpr-health-data-compliance - **Category**: Medical & Healthcare - **BLUF**: The EU GDPR 2016/679 (General Data Protection Regulation) classifies health data as a 'special category' of personal data. Article 9 generally prohibits the processing of such data unless a specific legal exemption is met, necessitating a high level of security and stricter compliance requirements compared to general personal data. - **Discovery URL**: https://bidda.com/api/v1/nodes/gdpr-health-data-compliance.json ### GDPR: Health Data (Art. 9) - **ID**: gdpr-health-data - **Category**: Medical & Healthcare - **BLUF**: GDPR Article 9 establishes a general prohibition on processing special categories of personal data, with 'data concerning health' (including mental health, genetic data, and biometric data used for identification) receiving the highest level of protection. Processing is only permitted under ten exhaustive exemptions including explicit consent, vital interests, medical purposes under professional secrecy, public health, and scientific research under appropriate safeguards. AI systems processing health data — including medical AI, diagnostic tools, health chatbots, and research analytics platforms — must identify a specific Article 9(2) exemption, implement appropriate technical and organizational measures, and in most cases conduct a Data Protection Impact Assessment (DPIA) under Article 35. Violations involving special category health data attract the highest GDPR fines: up to €20 million or 4% of global annual turnover under Article 83(5). - **Discovery URL**: https://bidda.com/api/v1/nodes/gdpr-health-data.json ### GDPR (Hospitality Specifics) - **ID**: gdpr-hospitality-nuance - **Category**: Food & Hospitality - **BLUF**: Data protection requirements for guest profiles, bookings, and marketing. - **Discovery URL**: https://bidda.com/api/v1/nodes/gdpr-hospitality-nuance.json ### GFSI Benchmarking Requirements - **ID**: gfsi-benchmarking - **Category**: Food & Hospitality - **BLUF**: Global Food Safety Initiative requirements for harmonizing food safety standards. - **Discovery URL**: https://bidda.com/api/v1/nodes/gfsi-benchmarking.json ### GHG Scope 3 Accounting Strategy - **ID**: ghg-protocol-scope3 - **Category**: "Sustainability & ESG" - **BLUF**: Standardized methodology for measuring and reporting greenhouse gas emissions across the entire corporate value chain (Categories 1–15), accounting for 70–90% of total enterprise footprint. - **Discovery URL**: https://bidda.com/api/v1/nodes/ghg-protocol-scope3.json ### GIPS (Investment Perf) - **ID**: gips-investment-perf-std - **Category**: Workplace - **BLUF**: The Global Investment Performance Standards (GIPS) are the voluntary, the global standard for the calculating and the presenting the investment performance. it provides a robust framework for the 'Asset Managers' to the ensure the full the disclosure and the 'Fair Representation' of the their the investment tracks, which the must the be the verified through the 'Independent Verification' and the persistent 'Composite' management. - **Discovery URL**: https://bidda.com/api/v1/nodes/gips-investment-perf-std.json ### Global Alliance (PR Ethics) - **ID**: global-alliance-pr-ethics - **Category**: Sales, Marketing & PR - **BLUF**: The Global Alliance Principles of Ethics identifies the foundational standards for the PR and the international the communications. it specifies the mandatory 'Principles' (Public Interest, Integrity, Honesty, Accuracy, Transparency, Confidentiality, Conflict of Interest) that the an organization and the professional the must the integrate into the global practice, ensuring the ethical alignment across the diverse cultures and the markets. - **Discovery URL**: https://bidda.com/api/v1/nodes/global-alliance-pr-ethics.json ### Gold Standard Carbon Credits - **ID**: gold-standard-carbon - **Category**: Sustainability & ESG - **BLUF**: High-integrity carbon credit certification for climate and development. - **Discovery URL**: https://bidda.com/api/v1/nodes/gold-standard-carbon.json ### Google Ads (Data Terms) - **ID**: google-ads-data-proc-terms - **Category**: Sales, Marketing & PR - **BLUF**: The Google Ads Data Processing Terms (amended for the GDPR, the CCPA, and the LGPD) identify the foundational standards for the data handling within the Google advertising ecosystem. it specifies the mandatory the requirements for the 'Consent Mode v2', the 'Customer Match' (Privacy), and the 'Data Processing Agency' duties, ensuring the systematic protection of the advertiser's the custom audiences and the 'User Privacy' (Flags: ad_user_data, ad_personalization). - **Discovery URL**: https://bidda.com/api/v1/nodes/google-ads-data-proc-terms.json ### Green Key Eco-Rating - **ID**: green-key-tourism-eco - **Category**: Food & Hospitality - **BLUF**: Environmental certification for hotels and tourism facilities globally. - **Discovery URL**: https://bidda.com/api/v1/nodes/green-key-tourism-eco.json ### GRI 1: Foundation (2021) - **ID**: gri-1-foundation - **Category**: Sustainability & ESG - **BLUF**: GRI 1: Foundation 2021 is the core standard in the Global Reporting Initiative (GRI) framework that establishes the foundational concepts, principles, and requirements organizations must follow when reporting on their environmental, social, and governance (ESG) impacts. GRI 1 introduces the concept of 'double materiality' through its impact materiality focus — organizations must report on their significant impacts on the economy, environment, and people, regardless of whether those impacts are financially material to the organization. GRI is used by over 10,000 organizations globally and is required or referenced by the EU Corporate Sustainability Reporting Directive (CSRD), the UN SDGs monitoring framework, and stock exchange ESG disclosure requirements in over 50 markets. Organizations using GRI must make a statement of use specifying which GRI Standards were used and the reporting period covered; false or misleading GRI claims expose organizations to greenwashing liability. - **Discovery URL**: https://bidda.com/api/v1/nodes/gri-1-foundation.json ### GRI Universal Standards - **ID**: gri-universal-standards - **Category**: Sustainability & ESG - **BLUF**: The Global Reporting Initiative (GRI) Universal Standards 2021 are the global baseline for modular sustainability reporting. They cover impact materiality—how an organization impacts the economy, environment, and people—ensuring consistent, high-quality disclosure for stakeholders and communities. - **Discovery URL**: https://bidda.com/api/v1/nodes/gri-universal-standards.json ### ENTSO-E Grid Code Compliance - **ID**: grid-code-entsoe - **Category**: Sustainability & ESG - **BLUF**: EU network codes for high-voltage electricity grid connection. - **Discovery URL**: https://bidda.com/api/v1/nodes/grid-code-entsoe.json ### GS1 EPCIS: Supply Chain Visibility - **ID**: gs1-epcis-transparency - **Category**: Logistics & Supply Chain - **BLUF**: Standard for sharing event-based data across the supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/gs1-epcis-transparency.json ### GSTC Sustainability Criteria - **ID**: gstc-tourism-criteria - **Category**: Food & Hospitality - **BLUF**: Global Sustainable Tourism Council standards for travel and tourism. - **Discovery URL**: https://bidda.com/api/v1/nodes/gstc-tourism-criteria.json ### Good Clinical Practice (GCP) - **ID**: gxp-clinical-practice - **Category**: Medical & Healthcare - **BLUF**: Good Clinical Practice (GCP) is an international ethical and scientific quality standard for designing, conducting, recording, and reporting trials that involve human subjects. Based on the ICH E6(R2) guideline, compliance provides public assurance that the rights, safety, and well-being of trial subjects are protected and that the clinical trial data are credible. - **Discovery URL**: https://bidda.com/api/v1/nodes/gxp-clinical-practice.json ### Good Mfg Practice (GMP) - **ID**: gxp-mfg-practice - **Category**: Medical & Healthcare - **BLUF**: Good Manufacturing Practice (GMP) (21 CFR Parts 210 and 211) is the primary U.S. and global standard for ensuring that pharmaceutical and medical device products are consistently produced and controlled according to high-quality standards. it is designed to minimize the risks involved in production that cannot be eliminated through testing the final product. - **Discovery URL**: https://bidda.com/api/v1/nodes/gxp-mfg-practice.json ### HACCP (Food Safety) - **ID**: haccp-food-safety - **Category**: Food & Hospitality - **BLUF**: Hazard Analysis and Critical Control Points system for food safety and risk prevention. - **Discovery URL**: https://bidda.com/api/v1/nodes/haccp-food-safety.json ### Hague System (Designs) - **ID**: hague-system-designs - **Category**: Creative, Content & Media IP - **BLUF**: The Hague System (Hague Agreement Concerning the International Registration of Industrial Designs) identifies the foundational international standards for the global design protection. it specifies the mandatory the requirements for the 'International Application' (Article 5), the 'Geneva Act 1999', and the systematic management of the design the deposits through the a single the 'International Bureau' (WIPO), ensuring the robust design sovereignty and the efficient expansion of the protection across the 90+ member the jurisdictions. - **Discovery URL**: https://bidda.com/api/v1/nodes/hague-system-designs.json ### Hague-Visby Rules - **ID**: hague-visby-rules - **Category**: Logistics & Supply Chain - **BLUF**: The Hague-Visby Rules are a set of international rules for the carriage of goods by sea. They define the rights and duties of the carrier and holder of a bill of lading, particularly regarding the liability for loss or damage to goods. They updating the original 1924 Hague Rules and are widely adopted globally for sea freight contracts. - **Discovery URL**: https://bidda.com/api/v1/nodes/hague-visby-rules.json ### Hospitality Liquor Licensing - **ID**: hcll-hospitality-licensing - **Category**: Food & Hospitality - **BLUF**: Regulatory requirements for the sale and service of alcoholic beverages. - **Discovery URL**: https://bidda.com/api/v1/nodes/hcll-hospitality-licensing.json ### HIPAA Breach Notification Rule - **ID**: hipaa-breach-notification - **Category**: "Healthcare" - **BLUF**: Requirements for covered entities and business associates to notify individuals, HHS, and media following a breach of unsecured PHI. - **Discovery URL**: https://bidda.com/api/v1/nodes/hipaa-breach-notification.json ### HIPAA Privacy Rule - **ID**: hipaa-privacy-rule - **Category**: "Healthcare" - **BLUF**: National standards for protecting individually identifiable health information (PHI) while granting patients core rights over their data. - **Discovery URL**: https://bidda.com/api/v1/nodes/hipaa-privacy-rule.json ### HIPAA Security Rule - **ID**: hipaa-security-rule - **Category**: Medical & Healthcare - **BLUF**: The HIPAA Security Rule (45 CFR Part 160 and Part 164) establishes U.S. national standards for the protection of Electronic Protected Health Information (ePHI). It focuses on ensure the confidentiality, integrity, and availability of ePHI through three pillars: Administrative, Physical, and Technical Safeguards. - **Discovery URL**: https://bidda.com/api/v1/nodes/hipaa-security-rule.json ### HKMA TM-G-1 (Tech Risk) - **ID**: hkma-tm-g-1-tech-risk - **Category**: Banking & Global Finance - **BLUF**: HKMA TM-G-1 (General Principles for Technology Risk Management) is a Supervisory Policy Manual (SPM) issued by the Hong Kong Monetary Authority. it provides minimum standards for the management of the technology risks that institutions face, specifically covering the oversight of the e-banking, the logical access controls, and the third-party providers. - **Discovery URL**: https://bidda.com/api/v1/nodes/hkma-tm-g-1-tech-risk.json ### HL7 FHIR Interoperability (Release 4) - **ID**: hl7-fhir-interop - **Category**: "Medical Intelligence" - **BLUF**: Standardized RESTful API architecture for electronic health information exchange, using modular Resources to enable computable healthcare data across disparate systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/hl7-fhir-interop.json ### HL7 FHIR v4 (Interoperability) - **ID**: hl7-fhir-v4-interop - **Category**: Medical & Healthcare - **BLUF**: HL7 FHIR (Fast Healthcare Interoperability Resources) Release 4 is the global standard for electronic healthcare data exchange. It defines a set of 'Resources' that represent granular clinical and administrative data, accessible via a RESTful API to enable seamless interoperability between EHRs, mobile apps, and analytics platforms. - **Discovery URL**: https://bidda.com/api/v1/nodes/hl7-fhir-v4-interop.json ### Hotelstars Union Criteria - **ID**: hotel-stars-union-crit - **Category**: Food & Hospitality - **BLUF**: Harmonized criteria for hotel star ratings across European countries. - **Discovery URL**: https://bidda.com/api/v1/nodes/hotel-stars-union-crit.json ### HOTSEC Hotel Security Logic - **ID**: hotsec-hotel-security - **Category**: Food & Hospitality - **BLUF**: Standards for physical and digital security in hospitality environments. - **Discovery URL**: https://bidda.com/api/v1/nodes/hotsec-hotel-security.json ### Hydrogen Safety (ISO 22734) - **ID**: hydrogen-safety-iso - **Category**: Sustainability & ESG - **BLUF**: Safety standards for water electrolysis for hydrogen production. - **Discovery URL**: https://bidda.com/api/v1/nodes/hydrogen-safety-iso.json ### Audit Quality (ISQM 1) - **ID**: iaasb-isqm-1-quality - **Category**: Legal & Professional - **BLUF**: International Standard on Quality Management for firms that perform audits. - **Discovery URL**: https://bidda.com/api/v1/nodes/iaasb-isqm-1-quality.json ### IAB Ads.txt (Auth) - **ID**: iab-ads-txt-authorization - **Category**: Sales, Marketing & PR - **BLUF**: The IAB Ads.txt (Authorized Digital Sellers) standard identifies the foundational standards for the programmatic advertising transparency. it specifies the mandatory the requirements for the a simple 'ads.txt' file to the be the published at the root of a the domain, containing the verified 'Seller/Rel' (v1.x) mapping, ensuring the protection of the publisher the revenue and the systematic prevention of the 'Domain Spoofing'. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-ads-txt-authorization.json ### IAB MRAID (Mobile Ads) - **ID**: iab-mraid-mobile-ads - **Category**: Sales, Marketing & PR - **BLUF**: The IAB Mobile Rich Media Ad Interface Definition (MRAID v3.0) identifies the foundational standards for the rich media ads in the mobile apps. it specifies the mandatory the 'Standardized API' (Section 7) for the communication between the 'Ad' and the 'App' (Host), ensuring the robust functionality of the 'Expand, the Resize, and the Location' features while the strictly protecting the user from the 'Intrusive' or the 'Insecure' ad the behaviors. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-mraid-mobile-ads.json ### IAB OpenRTB - **ID**: iab-openrtb-standard - **Category**: Sales, Marketing & PR - **BLUF**: The IAB OpenRTB (Real-Time Bidding v2.x) identifies the foundational standards for the automated digital ad buying. it specifies the mandatory the JSON objects for the 'Bid Request' and the 'Bid Response' (Sections 3/4), ensuring the robust and the high-speed the 'Auction' of the inventory while the strictly protecting the user the'Anonymity' and the systematic communication of the ad the creative attributes. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-openrtb-standard.json ### IAB Sellers.json - **ID**: iab-sellers-json-standard - **Category**: Sales, Marketing & PR - **BLUF**: The IAB Sellers.json standard identifies the foundational standards for the programmatic supply chain transparency. it specifies the mandatory the requirements for the any 'Seller or the Intermediary' (DSP, the SSP, the Exchange) to the publish a 'Sellers.json' file to the root of a the domain, containing the verified 'Seller Type' (PUBLISHER, the INTERMEDIARY, the BOTH) and the 'Seller ID', ensuring the systematic prevention of the 'Ad-Tech' fraud and the hidden fees. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-sellers-json-standard.json ### IAB SIMID (Interactive) - **ID**: iab-simid-interactive-ads - **Category**: Sales, Marketing & PR - **BLUF**: The IAB SIMID (Secure Interactive Media Interface Definition v1.0) identifies the foundational standards for the secure interactive video advertising. it specifies the mandatory the communication protocol (PostMessage) between the 'Ad' and the 'Player' (Section 3), ensuring the systematic prevention of the 'Cross-Site Scripting' (XSS) while the providing the rich, the pre-fetched the interactive experiences in the sandboxed environments. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-simid-interactive-ads.json ### IAB TCF v2.2 (Consent) - **ID**: iab-tcf-v2-2-consent - **Category**: Sales, Marketing & PR - **BLUF**: The IAB Europe Transparency and Consent Framework (TCF v2.2) is the industry standard for the facilitating the compliance with the GDPR and the ePrivacy directive in the ad-tech ecosystem. it identifies the mandatory the '11 Purposes' for the data processing and the technical the specifications for the 'Consent Strings' (TC Strings) that the publishers, the vendors, and the CMPs (Consent Management Platforms) must the use to the communicate the user the privacy the preferences. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-tcf-v2-2-consent.json ### IAB VAST (Video Ads) - **ID**: iab-vast-video-ads - **Category**: Sales, Marketing & PR - **BLUF**: The IAB VAST (Video Ad Serving Template v4.x) identifies the foundational XML standards for the video ad delivery. it specifies the mandatory the requirements for the 'Universal Ad ID', the 'In-Line and the Wrapper' responses, and the 'Mezzanine' file management, ensuring the high-fidelity render and the systematic measurement of the ad the performance across the global OTT, the CTV, and the web platforms. - **Discovery URL**: https://bidda.com/api/v1/nodes/iab-vast-video-ads.json ### IATA Dangerous Goods Regulations (DGR) - **ID**: iata-dangerous-goods - **Category**: Logistics & Supply Chain - **BLUF**: Global standards for transporting dangerous goods by air safely. - **Discovery URL**: https://bidda.com/api/v1/nodes/iata-dangerous-goods.json ### IATA Passenger Service (Reso) - **ID**: iata-passenger-svcs - **Category**: Food & Hospitality - **BLUF**: Standardized procedures for airline passenger handling and airport services. - **Discovery URL**: https://bidda.com/api/v1/nodes/iata-passenger-svcs.json ### ICAO Annex 17: Aviation Security - **ID**: icao-annex-17-security - **Category**: Logistics & Supply Chain - **BLUF**: Global standards for protecting international civil aviation against unlawful interference. - **Discovery URL**: https://bidda.com/api/v1/nodes/icao-annex-17-security.json ### ICAO Annex 19 (Safety Management) - **ID**: icao-safety-annex-19 - **Category**: Aviation, Defense & Quantum - **BLUF**: ICAO Annex 19 establishes the international standard for Safety Management Systems (SMS) and State Safety Programmes (SSP) in civil aviation. It focuses on the proactive management of safety risks through the collection, analysis, and exchange of safety data and safety information, ensuring absolute flight safety integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/icao-safety-annex-19.json ### ICAO safety management system (SMS) - **ID**: icao-safety-mgt-system - **Category**: Logistics & Supply Chain - **BLUF**: Framework for safety risk management and safety assurance in aviation. - **Discovery URL**: https://bidda.com/api/v1/nodes/icao-safety-mgt-system.json ### Incoterms 2020 Master - **ID**: icc-incoterms-master - **Category**: Legal & Professional - **BLUF**: The essential terms of trade for the sale of goods worldwide. - **Discovery URL**: https://bidda.com/api/v1/nodes/icc-incoterms-master.json ### Green Bond Principles (ICMA) - **ID**: icma-green-bond - **Category**: Sustainability & ESG - **BLUF**: Voluntary process guidelines for issuing green bonds. - **Discovery URL**: https://bidda.com/api/v1/nodes/icma-green-bond.json ### IEC 62304 (Medical Software) - **ID**: iec-62304-medical-software - **Category**: Medical & Healthcare - **BLUF**: IEC 62304 is the international standard for medical device software lifecycle processes. It defines the framework of processes, activities, and tasks for the safe design and maintenance of medical software, regardless of whether the software is a standalone product (SaMD) or embedded within a hardware device. - **Discovery URL**: https://bidda.com/api/v1/nodes/iec-62304-medical-software.json ### Industrial Automation Security (IEC 62443) - **ID**: iec-62443-iacs - **Category**: "Industrial IoT & Energy" - **BLUF**: Technical and process requirements for securing Industrial Automation and Control Systems (IACS), partitioning networks into zones and conduits. - **Discovery URL**: https://bidda.com/api/v1/nodes/iec-62443-iacs.json ### IEC 82304-1 (Health Software) - **ID**: iec-82304-1-health-software - **Category**: Medical & Healthcare - **BLUF**: IEC 82304-1:2016 is the international standard for general health software product safety. It is designed for software products that do not have dedicated hardware and are used in health environments (e.g., lifestyle, wellness, or administrative software), ensuring safety, reliability, and security across the product lifecycle. - **Discovery URL**: https://bidda.com/api/v1/nodes/iec-82304-1-health-software.json ### Ethical Design of Agents (IEEE) - **ID**: ieee-2817-agent-ethics - **Category**: Industrial IoT & Energy - **BLUF**: IEEE 2817-2024 is the IEEE Standard for Pilot Qualification and Assessment of Autonomous Systems in Safety-Critical Applications, providing a framework for qualifying autonomous AI agents operating in safety-critical domains including transportation, industrial automation, healthcare, and public safety. The standard draws on the broader IEEE Ethically Aligned Design framework (EAD1e) which establishes that autonomous and intelligent systems must be designed to prioritize human wellbeing, be transparent in their decision-making, be accountable, avoid harm, and be controllable by humans. For AI agents, the standard requires demonstration that the agent's behavior aligns with its stated ethical commitments across a range of operational scenarios, that potential harms can be detected and mitigated, that the agent can be overridden by human operators, and that the agent's decision-making can be audited. - **Discovery URL**: https://bidda.com/api/v1/nodes/ieee-2817-agent-ethics.json ### Agent Discovery & Capability Registry (IEEE P3931 ADDR) - **ID**: ieee-3931-discovery - **Category**: Workflow Automation - **BLUF**: The IEEE P3931 standard for Agent Description, Discovery, and Registry (ADDR) defines a universal, platform-agnostic framework for how autonomous agents describe their capabilities and how they are discovered within cross-platform ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/ieee-3931-discovery.json ### IEEE Ethics (AI Systems) - **ID**: ieee-ethics-ai-system - **Category**: AI Governance & Law - **BLUF**: Ethically aligned design for autonomous and intelligent systems by IEEE. - **Discovery URL**: https://bidda.com/api/v1/nodes/ieee-ethics-ai-system.json ### IETF Hybrid PQC Drafts - **ID**: ietf-hybrid-pqc-drafts - **Category**: Aviation, Defense & Quantum - **BLUF**: IETF Hybrid PQC Drafts define the mechanisms for combining 'Classical' cryptography (e.g., X25519, Ed25519) with 'Post-Quantum' algorithms (e.g., ML-KEM, ML-DSA). This 'Defense-in-Depth' approach ensures security even if a quantum-resistant algorithm is found to be vulnerable or if the classical algorithm is broken by a quantum computer. - **Discovery URL**: https://bidda.com/api/v1/nodes/ietf-hybrid-pqc-drafts.json ### IFAC Ethics for Accountants - **ID**: ifac-ethics-accountants - **Category**: Legal & Professional - **BLUF**: International ethics standards for professional accountants issued by IESBA. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifac-ethics-accountants.json ### IFRS 17: Insurance Contracts - **ID**: ifrs-17-contracts - **Category**: Banking & Global Finance - **BLUF**: IFRS 17 is the first truly international accounting standard for insurance contracts, replacing IFRS 4. It provides a consistent framework for recognizing profit and measuring insurance liabilities, using a current value approach to improve financial transparency and comparability across the global insurance sector. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifrs-17-contracts.json ### IFRS 9: Expected Credit Loss (ECL) - **ID**: ifrs-9-impairment - **Category**: Banking & Global Finance - **BLUF**: IFRS 9 introduces the Expected Credit Loss (ECL) model for financial instruments, replacing the older 'Incurred Loss' model. It requires organizations to recognize impairments based on forward-looking macroeconomic forecasts and probability-weighted outcomes, reflecting a more realistic and proactive approach to credit risk management. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifrs-9-impairment.json ### IFRS Global Standards - **ID**: ifrs-global-accounting - **Category**: Legal & Professional - **BLUF**: International Financial Reporting Standards for global consistency in accounting. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifrs-global-accounting.json ### Sustainability (IFRS S1) - **ID**: ifrs-s1-general - **Category**: Finance - **BLUF**: IFRS S1 General Requirements for Disclosure of Sustainability-related Financial Information, issued by the ISSB (International Sustainability Standards Board) in June 2023 and effective for reporting periods beginning January 1, 2024, establishes the foundational framework for sustainability-related financial disclosures that are material to investors in assessing enterprise value. IFRS S1 requires entities to disclose sustainability-related risks and opportunities that could reasonably be expected to affect the entity's cash flows, access to finance, and cost of capital — the financial materiality lens, distinct from GRI's impact materiality approach. The standard requires disclosure across four core areas derived from the TCFD framework: governance, strategy, risk management, and metrics and targets. IFRS S1 is being adopted by over 40 jurisdictions and is foundational for entities listing on capital markets with sustainability disclosure requirements; failure to provide material sustainability disclosures exposes companies to securities law liability. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifrs-s1-general.json ### Climate Disclosures (IFRS S2) - **ID**: ifrs-s2-climate - **Category**: "Finance" - **BLUF**: Authoritative requirements for disclosing climate-related risks and opportunities that may affect an entity's financial stability and cash flows. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifrs-s2-climate.json ### IFS Food (International Featured) - **ID**: ifs-food-standard - **Category**: Food & Hospitality - **BLUF**: Standard for auditing food manufacturers regarding safety and quality of processes. - **Discovery URL**: https://bidda.com/api/v1/nodes/ifs-food-standard.json ### IIA Internal Audit (IPPF) - **ID**: iia-internal-audit-ippf - **Category**: Legal & Professional - **BLUF**: International Professional Practices Framework for internal auditing. - **Discovery URL**: https://bidda.com/api/v1/nodes/iia-internal-audit-ippf.json ### ILO (Core Conventions) - **ID**: ilo-core-conventions - **Category**: Workplace - **BLUF**: The ILO Declaration on Fundamental Principles and Rights at Work (1998, amended 2022) specifies the core international labour standards that the all member states must the respect. it identifies 'Five Categories' of the fundamental conventions covering the 'Freedom of Association', the 'Abolition of the Forced Labour', the 'Abolition of the Child Labour', the 'Elimination of the Discrimination', and the 'Safe and the Healthy Working Environment'. - **Discovery URL**: https://bidda.com/api/v1/nodes/ilo-core-conventions.json ### ILO Fundamental Rights at Work - **ID**: ilo-fundamental-rights-work - **Category**: Legal & IP Sovereignty - **BLUF**: The ILO Declaration on Fundamental Principles and Rights at Work (1998, amended 2022) identifies five categories of fundamental principles and rights that all ILO Member States must respect and promote. These rights are the foundation of decent work and fair globalization, applicable even if a member state has not ratified the specific core conventions. - **Discovery URL**: https://bidda.com/api/v1/nodes/ilo-fundamental-rights-work.json ### IMDRF SaMD Risk Framework - **ID**: imdrf-samd-risk-framework - **Category**: Medical & Healthcare - **BLUF**: The IMDRF Software as a Medical Device (SaMD) Risk Categorization Framework provides a globally harmonized method for classifying the risk of independent medical software. It categorizes SaMD into four levels (I, II, III, IV) based on the criticality of the clinical situation and the impact of the information provided by the software on patient care. - **Discovery URL**: https://bidda.com/api/v1/nodes/imdrf-samd-risk-framework.json ### IMO 2020 Sulphur Limit - **ID**: imo-2020-sulphur-limit - **Category**: Logistics & Supply Chain - **BLUF**: IMO 2020 refers to the significant reduction in the global limit for sulphur content in ships' fuel oil, from 3.50% m/m to 0.50% m/m. This MARPOL Annex VI regulation aims to improve air quality and protect human health by reducing emissions of sulphur oxides (SOx) from shipping. - **Discovery URL**: https://bidda.com/api/v1/nodes/imo-2020-sulphur-limit.json ### MARPOL: Marine Pollution Prevention - **ID**: imo-marpol-pollution - **Category**: Logistics & Supply Chain - **BLUF**: Regulations for preventing pollution from ships into the marine environment. - **Discovery URL**: https://bidda.com/api/v1/nodes/imo-marpol-pollution.json ### SOLAS: Safety of Life at Sea - **ID**: imo-solas-safety-at-sea - **Category**: Logistics & Supply Chain - **BLUF**: International maritime safety standards for vessel construction and equipment. - **Discovery URL**: https://bidda.com/api/v1/nodes/imo-solas-safety-at-sea.json ### STCW: Seafarer Competency Standards - **ID**: imo-stcw-seafarer-training - **Category**: Logistics & Supply Chain - **BLUF**: International standards for maritime training, certification, and watchkeeping. - **Discovery URL**: https://bidda.com/api/v1/nodes/imo-stcw-seafarer-training.json ### Incoterms: CIP (Carriage & Insurance Paid) - **ID**: incoterms-2020-cip-logic - **Category**: Logistics & Supply Chain - **BLUF**: CIP 2020 is a multimodal Incoterm where the seller delivers to a carrier and pays for carriage and insurance to the named destination. Unlike CPT, CIP 2020 mandates 'Clause A' (All-risk) insurance coverage, reflecting modern trade demands for higher protection in high-value shipments. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-cip-logic.json ### Incoterms 2020: CIP (Carriage Insurance Paid) - **ID**: incoterms-2020-cip-v2 - **Category**: Logistics & Supply Chain - **BLUF**: Updated insurance requirements for CIP transactions. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-cip-v2.json ### Incoterms 2020: CPT (Carriage Paid To) - **ID**: incoterms-2020-cpt - **Category**: Logistics & Supply Chain - **BLUF**: Risk and cost transfer logic for CPT transactions. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-cpt.json ### Incoterms: DDP Compliance - **ID**: incoterms-2020-ddp-logic - **Category**: Logistics & Supply Chain - **BLUF**: Delivered Duty Paid (DDP) is the maximum-obligation Incoterm for the seller. The seller delivers the goods at the disposal of the buyer at the named place of destination, cleared for import, and including all taxes and duties paid. Use with extreme caution as it requires the seller to navigate import regulations in the buyer's country. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-ddp-logic.json ### Incoterms 2020: DDP (Delivered Duty Paid) - **ID**: incoterms-2020-ddp-v2 - **Category**: Logistics & Supply Chain - **BLUF**: Final risk transfer logic for Delivered Duty Paid shipping. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-ddp-v2.json ### Incoterms 2020: EXW (Ex Works) - **ID**: incoterms-2020-exw - **Category**: Logistics & Supply Chain - **BLUF**: Risk and cost transfer logic for Ex Works transactions. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-exw.json ### Incoterms: FAS (Free Alongside Ship) - **ID**: incoterms-2020-fas-logic - **Category**: Logistics & Supply Chain - **BLUF**: Maritime-only logic where the seller delivers when goods are placed alongside the vessel at the named port of shipment. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-fas-logic.json ### Incoterms: FAS (Free Alongside Ship) - **ID**: incoterms-2020-fca-logic - **Category**: Logistics & Supply Chain - **BLUF**: Free Alongside Ship (FAS) is a maritime-only Incoterm where the seller delivers the goods when they are placed alongside the vessel nominated by the buyer at the named port of shipment. FAS 2020 requires the seller to clear the goods for export, making it a common choice for liquid bulk or heavy-lift cargo shipments. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-fca-logic.json ### Incoterms 2020: FCA (Free Carrier) - **ID**: incoterms-2020-fca-v2 - **Category**: Logistics & Supply Chain - **BLUF**: Updated risk transfer logic for Free Carrier shipping. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-fca-v2.json ### Incoterms: FOB Risk Transfer - **ID**: incoterms-2020-fob-logic - **Category**: Logistics & Supply Chain - **BLUF**: Free On Board (FOB) is an Incoterm limited to sea and inland waterway transport. Under FOB 2020, the seller delivers the goods on board the vessel nominated by the buyer at the named port of shipment, at which point the risk of loss or damage and the costs transfer to the buyer. - **Discovery URL**: https://bidda.com/api/v1/nodes/incoterms-2020-fob-logic.json ### India DPDP Act 2023 - **ID**: india-dpdp-act - **Category**: Legal & IP Sovereignty - **BLUF**: The Digital Personal Data Protection (DPDP) Act of 2023 is India's principal statute for digital personal data, prioritizing individual rights and organizational obligations. It introduces the role of Consent Managers and Data Fiduciaries, with significant penalties (up to ₹250 crore) for non-compliance. - **Discovery URL**: https://bidda.com/api/v1/nodes/india-dpdp-act.json ### Intermodal Container Standards (ISO) - **ID**: intermodal-container-std - **Category**: Logistics & Supply Chain - **BLUF**: Safety and dimensional standards for international freight containers. - **Discovery URL**: https://bidda.com/api/v1/nodes/intermodal-container-std.json ### Agentic Economic Order Quantity - **ID**: inventory-eoq-deterministic - **Category**: Logistics & Supply Chain - **BLUF**: The Economic Order Quantity (EOQ) model is a deterministic inventory optimization formula that calculates the optimal order quantity that minimizes total inventory cost (ordering cost + holding cost) for a single product with constant, known demand and instantaneous replenishment. The classical Wilson EOQ formula (EOQ = √(2DS/H)) was developed in 1913 and remains the baseline for inventory management in agentic commerce systems where autonomous agents make procurement decisions. For AI agents, EOQ provides a principled, auditable basis for order quantity decisions, replacing ad-hoc ordering with cost-optimal, mathematically justified quantities. Extensions for probabilistic demand (newsvendor model), quantity discounts, backorder allowance, and multi-echelon supply chains are implemented as modifications of the core formula. Incorrect EOQ implementation results in excess inventory costs (if order quantity is too large) or stockouts with associated lost sales penalties (if too small). - **Discovery URL**: https://bidda.com/api/v1/nodes/inventory-eoq-deterministic.json ### IOSCO Principles (Benchmarks) - **ID**: iosco-bench-interest-rate - **Category**: Banking & Global Finance - **BLUF**: The IOSCO Principles for Financial Benchmarks (2013) are the global standards for the governance, quality, and integrity of the benchmarks used in financial markets (e.g., LIBOR transition rates, indices). They are designed to prevent the manipulation of market benchmarks and ensure their transparency and reliable methodology. - **Discovery URL**: https://bidda.com/api/v1/nodes/iosco-bench-interest-rate.json ### IPTC Photo Metadata - **ID**: iptc-photo-metadata - **Category**: Creative, Content & Media IP - **BLUF**: The IPTC Photo Metadata standard identifies the foundational industry standards for the descriptive and the rights-management metadata in the images. it specifies the mandatory the requirements for the 'Creator', the 'Credit Lines', and the 'Web Statement of Rights' (Section 4), ensuring the robust attribution and the systematic communication of the image ownership and the'Verified' the licensing terms across the global publishing the ecosystem. - **Discovery URL**: https://bidda.com/api/v1/nodes/iptc-photo-metadata.json ### IPTC Video Meta - **ID**: iptc-video-metadata - **Category**: Creative, Content & Media IP - **BLUF**: The IPTC Video Metadata standard identifies the foundational industry standards for the descriptive and the rights-management metadata in the video files. it specifies the mandatory the requirements for the 'People in Video', the 'Video Region', and the 'Web Statement of Rights' (Section 4), ensuring the robust attribution and the systematic communication of the video ownership and the 'Verified' the 'Source of Authority' for the autonomous media agents across the global entertainment and THE news ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iptc-video-metadata.json ### IRAP (Australia Cloud) - **ID**: irap-australia-cloud - **Category**: Cloud & SaaS - **BLUF**: The Information Security Registered Assessors Program (IRAP) is the Australian government's the security assessment framework for the cloud and the digital services. it provides a standardized process for the independent audit of the vendor's the compliance with the Australian Information Security Manual (ISM) at the 'PROTECTED' level. - **Discovery URL**: https://bidda.com/api/v1/nodes/irap-australia-cloud.json ### ISAN (Audiovisual) - **ID**: isan-audiovisual-number - **Category**: Creative, Content & Media IP - **BLUF**: The International Standard Audiovisual Number (ISAN) (ISO 15706) identifies the foundational industry standards for the unique identification of the audiovisual works and the their the multiple versions. it specifies THE mandatory '96-Bit' binary structure (Root, the Episode, the Version), ensuring the robust tracking of the cinematic and the TV content across the global distribution, the archiving, and the 'Verified' the rights management registries. - **Discovery URL**: https://bidda.com/api/v1/nodes/isan-audiovisual-number.json ### ISBN (Book Standard) - **ID**: isbn-book-standard - **Category**: Creative, Content & Media IP - **BLUF**: The International Standard Book Number (ISBN) (ISO 2108) identifies the foundational industry standards for the unique identification of the monographic publications. it specifies the mandatory the '13-Digit' numeric structure (Prefix, the Group, the Registrant, the Publication), ensuring the robust management of the 'Cataloging' and the 'Verified' the reporting of the sales and the 'Rights' across the global publishing house and the library and the retail ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/isbn-book-standard.json ### ISDS (Investor-State Dispute) - **ID**: isds-investor-state-dispute - **Category**: Legal & IP Sovereignty - **BLUF**: Investor-State Dispute Settlement (ISDS) is an international legal mechanism that allows foreign investors to bring claims against a host state for alleged violations of a bilateral investment treaty (BIT) or free trade agreement (FTA). It provides investors with a neutral forum (e.g., ICSID) to resolve disputes regarding expropriation or unfair treatment. - **Discovery URL**: https://bidda.com/api/v1/nodes/isds-investor-state-dispute.json ### ISM Code (Vessel Safety) - **ID**: ism-code-vessel-safety - **Category**: Logistics & Supply Chain - **BLUF**: The International Safety Management (ISM) Code provides an international standard for the safe management and operation of ships and for pollution prevention. It requires the 'Company' to establish a 'Safety Management System' (SMS) and mandates the 'Designated Person Ashore' (DPA) to provide a direct link between the ship and higher management. - **Discovery URL**: https://bidda.com/api/v1/nodes/ism-code-vessel-safety.json ### ISMP Medication Safety - **ID**: ismp-medication-safety - **Category**: Medical & Healthcare - **BLUF**: The ISMP (Institute for Safe Medication Practices) Best Practices provide a set of consensus-based national standards for reducing medication errors in hospitals and healthcare settings. They focus on high-alert medications, 'Look-Alike/Sound-Alike' (LASA) drug nomenclature, and the implementation of error-reduction strategies across the medication-use process. - **Discovery URL**: https://bidda.com/api/v1/nodes/ismp-medication-safety.json ### ISO 10002 (Complaints) - **ID**: iso-10002-complaints-mgt - **Category**: Workplace - **BLUF**: ISO 10002:2018 is the premier international standard for the customer satisfaction and the complaints handling. it provides a robust framework for the an organization to the establish, implement, and the maintain a the 'Responsive' and the 'Accountable' complaints-handling process, ensuring the customer loyalty and the systematic improvement of the products and the services. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-10002-complaints-mgt.json ### ISO 10004 (Feedback) - **ID**: iso-10004-feedback-mgt - **Category**: Workplace - **BLUF**: ISO 10004:2018 is the international standard for the monitoring and the measurement of the customer satisfaction. it provides guidelines for the an organization to the define the its indicators, the 'Direct and Indirect' the measurement methods, and the analysis of the customer expectations and the perceived the quality, ensuring the high-fidelity feedback the is the used for the service enhancement. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-10004-feedback-mgt.json ### ISO 10008 (B2C E-commerce) - **ID**: iso-10008-b2c-ecommerce - **Category**: Sales, Marketing & PR - **BLUF**: ISO 10008:2013 identifies the foundational standards for the customer satisfaction in the business-to-consumer (B2C) electronic commerce. it provides a robust framework for the an organization to the establish, design, and the maintain the entire 'B2C E-commerce' lifecycle, focusing on the 'Information Transparency', the 'Transaction Security', and the systematic handling of the customer the reviews and the complaints. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-10008-b2c-ecommerce.json ### ISO 10668 (Brand Value) - **ID**: iso-10668-brand-valuation - **Category**: Sales, Marketing & PR - **BLUF**: ISO 10668:2010 is the international standard for the brand valuation. it specifies the mandatory the frameworks for the calculating the monetary value of a the brand through the 'Market, Cost, and the Income' approaches (Section 4), ensuring the global consistency for the financial reporting, the mergers/acquisitions, and the regular the brand the management. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-10668-brand-valuation.json ### ISO 12639 (TIFF/IT) - **ID**: iso-12639-tiff-it - **Category**: Creative, Content & Media IP - **BLUF**: The ISO 12639 (TIFF/IT — Tagged Image File Format for Image Technology) identifies the foundational international standards for THE prepress digital data exchange. it specifies the mandatory the requirements for the 'LW' (Line Art), the 'HC' (High-Resolution Continuous-tone), and the systematic handling of the 'Binary Pictures' (BP), ensuring the robust consistency and the 'High-Fidelity' the pixel-mapped rendering for THE global commercial the printing ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-12639-tiff-it.json ### Beach Management (ISO 13009) - **ID**: iso-13009-beach-mgmt - **Category**: Food & Hospitality - **BLUF**: Requirements and recommendations for sustainable beach management. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-13009-beach-mgmt.json ### ISO 13485 (Medical QMS) - **ID**: iso-13485-medical-qms - **Category**: Medical & Healthcare - **BLUF**: ISO 13485:2016 is the global standard for Medical Device Quality Management Systems (QMS). It specifies requirements for a QMS where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-13485-medical-qms.json ### Medical Quality (ISO 13485) - **ID**: iso-13485-qms - **Category**: Medical & Healthcare - **BLUF**: ISO 13485:2016 is the internationally recognized Quality Management System standard specifically designed for organizations in the medical device industry, covering the full lifecycle of medical devices from design and development through manufacturing, installation, and servicing. Unlike ISO 9001 which focuses on customer satisfaction, ISO 13485 emphasizes regulatory compliance and patient safety, imposing mandatory requirements for design controls, supplier qualification, risk management (linked to ISO 14971), sterility assurance, and post-market surveillance. Certification to ISO 13485 is required for EU CE marking (MDR 2017/745 and IVDR 2017/746), accepted by Health Canada, TGA, and NMPA, and recognized by the FDA as evidence of quality system compliance. AI-based Software as a Medical Device (AIaMD) developers must implement ISO 13485 to demonstrate that their development process meets regulatory quality expectations. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-13485-qms.json ### Env Management (ISO 14001) - **ID**: iso-14001-ems-v2 - **Category**: Sustainability & ESG - **BLUF**: International standard for environmental management systems (EMS). - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14001-ems-v2.json ### Env Management (ISO 14001) - **ID**: iso-14001-ems - **Category**: Sustainability & ESG - **BLUF**: ISO 14001:2015 is the international standard for Environmental Management Systems (EMS), providing a framework for organizations to manage their environmental responsibilities systematically and contribute to the environmental pillar of sustainable development. The standard follows the Plan-Do-Check-Act (PDCA) cycle and requires organizations to identify their significant environmental aspects and impacts, establish environmental objectives and targets, implement operational controls, monitor performance against targets, and drive continual improvement. ISO 14001 is certified by accredited third-party certification bodies and is required by major customers in automotive, electronics, and manufacturing supply chains. For AI and data center operators, ISO 14001 applies to energy consumption (Scope 1 and 2 GHG emissions), water usage for cooling, e-waste management, and supply chain environmental impacts. Certification demonstrates to investors, regulators, and customers that environmental risks are systematically managed. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14001-ems.json ### Water Footprint (ISO 14046) - **ID**: iso-14046-water-footprint - **Category**: Sustainability & ESG - **BLUF**: Principles, requirements, and guidelines for water footprint assessment. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14046-water-footprint.json ### GHG Verification (ISO 14064) - **ID**: iso-14064-ghg-quantify - **Category**: Sustainability & ESG - **BLUF**: Quantifying and reporting greenhouse gas emissions and removals. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14064-ghg-quantify.json ### ISO 14064 (GHG Reporting) - **ID**: iso-14064-ghg-reporting - **Category**: Sustainability & ESG - **BLUF**: ISO 14064-1 specifies principles and requirements for the design, development, management, and reporting of organization-level GHG inventories. It provides a common set of requirements for GHG quantification and reporting, ensuring consistency and credibility for carbon footprint claims. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14064-ghg-reporting.json ### Climate Adaptation (ISO 14090) - **ID**: iso-14090-climate-adapt - **Category**: Sustainability & ESG - **BLUF**: Framework for adaptation to climate change impact assessment. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14090-climate-adapt.json ### ISO 14721 (OAIS) - **ID**: iso-14721-oais-archival - **Category**: Creative, Content & Media IP - **BLUF**: The ISO 14721 (Open Archival Information System — OAIS v2) identifies the foundational international standards for the long-term digital preservation. it specifies the mandatory the requirements for the 'Information Packages' (SIP, THE AIP, THE DIP), the 'Functional Model' (Section 4) including Ingest and the Access, and the systematic preservation planning, ensuring the robust sovereignty and the 'Verified' longevity of the digital assets across THE global the library, the archive, and THE high-assurance the repository ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14721-oais-archival.json ### ISO 14971 (Medical Risk) - **ID**: iso-14971-medical-risk - **Category**: Medical & Healthcare - **BLUF**: ISO 14971:2019 is the international standard for the application of risk management to medical devices. It provides a framework for manufacturers to identify hazards, estimate and evaluate risks, control these risks, and monitor the effectiveness of these controls throughout the entire product lifecycle. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-14971-medical-risk.json ### ISO 15189 (Medical Labs) - **ID**: iso-15189-medical-labs - **Category**: Medical & Healthcare - **BLUF**: ISO 15189:2022 is the international standard for medical laboratories, specifying requirements for quality and competence. It addresses both the technical competence of the laboratory and its ability to deliver technically valid results, focusing on patient safety and the clinical utility of laboratory testing. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-15189-medical-labs.json ### ISO 15930 (PDF/X) - **ID**: iso-15930-pdf-x - **Category**: Creative, Content & Media IP - **BLUF**: The ISO 15930 (PDF/X — Prepress Digital Data Exchange) identifies the foundational international standards for the high-fidelity print production. it specifies the mandatory the requirements for the 'Output Intent' (Section 4.1), the 'Trapped' keys, and the systematic exclusion of the non-printing the elements (e.g., Video, the Audio, the JavaScript), ensuring the robust consistency and the 'Verified' the original the render for THE global the digital the publishing house and the commercial the printing ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-15930-pdf-x.json ### ISO 16363 (Trust Repo) - **ID**: iso-16363-trusted-digital-repo - **Category**: Creative, Content & Media IP - **BLUF**: The ISO 16363 (Audit and Certification of Trusted Digital Repositories) identifies the foundational international standards for THE formal verification of the digital archives. it specifies THE mandatory the requirements for the 'Organizational Infrastructure' (Section 3), the 'Digital Object Management' (Section 4), and the 'Infrastructure and the Security' (Section 5), ensuring the robust sovereignty and the 'Auditable' the trust in THE global the digital preservation ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-16363-trusted-digital-repo.json ### ISO 16684 (XMP) - **ID**: iso-16684-xmp-metadata - **Category**: Creative, Content & Media IP - **BLUF**: The ISO 16684 (Extensible Metadata Platform — XMP) identifies the foundational international standards for the persistent the file metadata. it specifies the mandatory the requirements for the 'Data Model' (Part 1) and the 'Serialization' via the RDF/XML (Part 2), ensuring the robust embedding of the'Source of Authority' the properties (e.g., Creator, the Rights, the description) directly inside the media bit-streams (PDF, THE JPG, THE MP4, etc.). - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-16684-xmp-metadata.json ### Tourism Services (ISO 18513) - **ID**: iso-18513-tourism-svc - **Category**: Food & Hospitality - **BLUF**: Vocabulary and terminology standards for hotels and other tourism services. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-18513-tourism-svc.json ### Audit Guidelines (ISO 19011) - **ID**: iso-19011-audit-guidelines - **Category**: Legal & Professional - **BLUF**: Guidelines for auditing management systems, including principles of auditing. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-19011-audit-guidelines.json ### ISO 20000-1 (Service Mgt) - **ID**: iso-20000-service-mgt - **Category**: Cloud & SaaS - **BLUF**: ISO/IEC 20000-1:2018 is the first international standard for the IT Service Management (ITSM). it specifies requirements for the an organization to the establish, implement, maintain, and the continually the improve a 'Service Management System' (SMS) to the deliver the predictable and the high-quality the digital services that meet the customer business needs. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20000-service-mgt.json ### ISO 20022 Messaging - **ID**: iso-20022-messaging - **Category**: Crypto & Sovereign Finance - **BLUF**: ISO 20022 is the global standard for financial messaging, providing a methodology and XML/JSON-based message catalog for financial communication between financial institutions, central banks, payment infrastructures, and increasingly, AI agents executing financial transactions. The standard is being adopted globally as the replacement for legacy formats (SWIFT MT, FedWire, CHIPS) — SWIFT completed its ISO 20022 coexistence period in November 2023, with full migration mandated by November 2025. ISO 20022 messages carry richer structured data than legacy formats (full originator/beneficiary details, purpose codes, regulatory identifiers), enabling better straight-through processing, AML screening, and sanctions compliance. AI agents generating or processing payments must produce ISO 20022-compliant messages to interface with modern payment infrastructure, or face message rejection and transaction failure. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20022-messaging.json ### ISO 20022 MX Messaging - **ID**: iso-20022-mx-messaging - **Category**: Banking & Global Finance - **BLUF**: ISO 20022 is the universal standard for financial industry messaging. It provides a platform-independent model for financial business processes and is the standard for modern high-value payment systems (HVPS) and cross-border payments, replacing the legacy MT messaging with richer XML-based MX messages to enhance transparent data and compliance. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20022-mx-messaging.json ### Remanufactured Goods (ISO 20245) - **ID**: iso-20245-remanufactured - **Category**: Logistics & Supply Chain - **BLUF**: Standards for the quality and labelling of remanufactured products. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20245-remanufactured.json ### ISO 20252 (Market Research) - **ID**: iso-20252-market-research - **Category**: Sales, Marketing & PR - **BLUF**: ISO 20252:2019 is the international standard for the market, opinion, and the social research. it establishes a the centralized the quality management framework for the 'Research Processes' (Section 4), covering the 'Proposal Writing', the 'Data Collection', the 'Data Processing', and the 'Reporting', ensuring the high-fidelity representation of the customer and the stakeholder the views. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20252-market-research.json ### ISO 20252 (Opinion) - **ID**: iso-20252-opinion-research - **Category**: Sales, Marketing & PR - **BLUF**: The Public Opinion Research extension of the ISO 20252:2019 specifies requirements for the social and the political polling. it identifies the mandatory the sampling and the methodological the guidelines to the ensure that the public the sentiments are the 'Accurately and the Fairly' the represented, with the specific focus on the 'Response Rates' and the 'Data Quality' (Section 4/Annex A). - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20252-opinion-research.json ### Sustainable Procure (ISO 20400) - **ID**: iso-20400-sustainable-proc - **Category**: Sustainability & ESG - **BLUF**: Guidelines for integrating sustainability into procurement processes. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20400-sustainable-proc.json ### ISO 20400 (Sustainable Procure) - **ID**: iso-20400-sustainable-procure - **Category**: Workplace - **BLUF**: ISO 20400:2017 is the first international guidance on the sustainable procurement. it specifies guidelines for the an organization to the integrate the sustainability (Environmental, Social, Economic) into the its 'Procurement Strategy' and the 'Purchasing Process', ensuring the 'Full Life Cycle' thinking and the systematic assessment of the supplier the social the responsibility. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20400-sustainable-procure.json ### ISO 20671 (Brand) - **ID**: iso-20671-brand-evaluation - **Category**: Sales, Marketing & PR - **BLUF**: ISO 20671:2019 is the international standard for the brand evaluation. it specifies the mandatory the 'Input and the Output' elements (Sections 4/5) covering the 'Legal Protection', the 'Behavioral Impact', the 'Financial Value', and the 'Stakeholder Engagement', ensuring the robust and the systematic measurement of the brand strength and the organizational the value. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-20671-brand-evaluation.json ### Adventure Tourism (ISO 21101) - **ID**: iso-21101-adventure-tour - **Category**: Food & Hospitality - **BLUF**: Safety management systems for adventure tourism providers. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-21101-adventure-tour.json ### Sustainable Tourism (ISO 21401) - **ID**: iso-21401-tourism-sustain - **Category**: Food & Hospitality - **BLUF**: Sustainability management system requirements for accommodation establishments. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-21401-tourism-sustain.json ### ISO 21500 (Project Gov) - **ID**: iso-21500-project-gov - **Category**: Workplace - **BLUF**: ISO 21500:2021 provides the context and the concepts for the project, programme and the portfolio management. it identifies the mandatory the standards for the 'Governance' and the 'Organizational Context' that the an organization must the establish to the ensure the efficient the delivery of the regular the strategic the initiatives, ensuring the systematic alignment of the common work. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-21500-project-gov.json ### Project Management (ISO 21500) - **ID**: iso-21500-project-mgt - **Category**: Legal & Professional - **BLUF**: Guidance on project management concepts and processes. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-21500-project-mgt.json ### ISO 21502 (Project Mgt) - **ID**: iso-21502-project-mgt - **Category**: Workplace - **BLUF**: ISO 21502:2020 provides the guidance for the project management. it specifies the integrated 'Operational Practices' for the successful project delivery, focusing on the 'Planning', the 'Risk Management', the 'Quality Control', and the 'Value' realization, ensuring the an organization can the systematically the execute the its strategic objectives through the reliable project the lifecycle management. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-21502-project-mgt.json ### Food Safety Mgt (ISO 22000) - **ID**: iso-22000-food-mgt - **Category**: Food & Hospitality - **BLUF**: International standard for food safety management systems across the supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-22000-food-mgt.json ### Biz Continuity (ISO 22301) - **ID**: iso-22301-biz-continuity - **Category**: Legal & Professional - **BLUF**: Requirements to plan, establish, and operate a documented BCMS. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-22301-biz-continuity.json ### ISO 22301 (Business Cont) - **ID**: iso-22301-business-cont - **Category**: Cloud & SaaS - **BLUF**: ISO 22301:2019 is the premier international standard for Business Continuity Management Systems (BCMS). it specifies requirements for the organization to the 'Plan, Do, Check, Act' for the business resilience, ensuring that the organization can protect itself from, and the respond to, the disruptive the incidents through the standardized 'Impact Analysis' and the 'Recovery Procedures'. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-22301-business-cont.json ### ISO 26000 (Social Resp) - **ID**: iso-26000-social-resp-mgt - **Category**: Workplace - **BLUF**: ISO 26000:2010 provides the global guidance for the Social Responsibility (SR). it specifies the '7 Core Subjects' that the an organization must the consider to the operate in an ethical and the transparent manner, ensuring the organizational governance, the labor practices, and the environmental stewardship are the integrated into the core strategy. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-26000-social-resp-mgt.json ### Social Responsibility (ISO 26000) - **ID**: iso-26000-social-resp - **Category**: Sustainability & ESG - **BLUF**: Guidance on how businesses can operate in a socially responsible way. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-26000-social-resp.json ### ISO/IEC 27001:2022 — Information Security Management - **ID**: iso-27001-2022 - **Category**: Cybersecurity - **BLUF**: ISO/IEC 27001:2022 (published October 2022, replacing ISO 27001:2013) is the international standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). It applies to any organization regardless of size or sector and is administered by ISO/IEC Joint Technical Committee 1, Subcommittee 27. The standard uses the Annex SL high-level structure shared with ISO 9001 and ISO 14001. Annex A contains 93 controls organized into four themes: Organizational (37 controls), People (8 controls), Physical (14 controls), and Technological (34 controls). The 2022 revision added 11 new controls including threat intelligence (A.5.7), ICT readiness for business continuity (A.5.30), web filtering (A.8.23), data masking (A.8.11), data leakage prevention (A.8.12), and secure coding (A.8.28). Certification is achieved through a Stage 1 documentation review and Stage 2 on-site audit by an IAF-accredited certification body, with 3-year recertification and annual surveillance audits. Non-compliance with contractual ISMS requirements can result in contract termination and regulatory liability under GDPR, NIS2, and DORA. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-27001-2022.json ### ISO/IEC 27017 (Cloud Controls) - **ID**: iso-27017-cloud-controls - **Category**: Cloud & SaaS - **BLUF**: ISO/IEC 27017:2015 provides guidance on the information security aspects of the cloud computing, recommending the implementation of the cloud-specific information security controls that supplement the guidance of the ISO/IEC 27002 and the ISO/IEC 27001 standards. it addresses the unique risks of the provider-customer relationship and the technical the challenges of the multi-tenant environments. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-27017-cloud-controls.json ### Cloud Security for Defense (ISO 27017) - **ID**: iso-27017-cloud-defence - **Category**: Aerospace & Defense - **BLUF**: ISO/IEC 27017:2015 is an international code of practice for information security controls applicable to cloud services, providing cloud-specific implementation guidance for 37 controls from ISO/IEC 27002 and introducing 7 new cloud-specific controls not found in the base standard. In defense contexts, ISO 27017 governs how defense organizations and their contractors securely use cloud services to process, store, and transmit sensitive defense information, extending CMMC and NIST 800-171 requirements to cloud service provider relationships. The standard addresses the unique security challenges of shared-responsibility cloud models including: asset ownership in the cloud, decommissioning and secure disposal of cloud assets, virtual machine hardening, administrator privilege management, and customer-side monitoring of cloud environments. Organizations using cloud infrastructure for defense AI workloads must apply ISO 27017 controls to demonstrate appropriate cloud security governance to defense customers and regulators. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-27017-cloud-defence.json ### ISO/IEC 27018 (PII Cloud) - **ID**: iso-27018-pii-cloud - **Category**: Cloud & SaaS - **BLUF**: ISO/IEC 27018:2019 is the first international standard explicitly designed for the protection of the personally identifiable information (PII) in the public cloud computing environment. it provides a set of the common control objectives, controls, and the guidelines for the implementation of the measures that the CSPs should use for the sensitive the data processing. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-27018-pii-cloud.json ### ISO/IEC 27031 (ICT Readiness) - **ID**: iso-27031-dr-readiness - **Category**: Cloud & SaaS - **BLUF**: ISO/IEC 27031:2011 (superseded by modern resilience standards but still foundational) provides the guidelines for Information and Communication Technology Readiness for Business Continuity (IRBC). it specifies the required the strategies to ensure that the digital infrastructure remains available and the resilient during the disasters, providing the bridging between the IT disaster recovery and the overall the business continuity management. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-27031-dr-readiness.json ### ISO 27799 (Health InfoSec) - **ID**: iso-27799-health-info-sec - **Category**: Medical & Healthcare - **BLUF**: ISO 27799:2016 (Health informatics — Information security management in health using ISO/IEC 27002) is the primary standard for implementing ISO 27001 in healthcare. It provides specific guidance on the additional security controls and management practices needed to protect personal health information (PHI) within healthcare organizations and their suppliers. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-27799-health-info-sec.json ### Supply Chain Security (ISO 28000) - **ID**: iso-28000-supply-chain-sec - **Category**: Logistics & Supply Chain - **BLUF**: Security management system for the entire supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-28000-supply-chain-sec.json ### Supply Chain Security (ISO 28000) - **ID**: iso-28000-supply-chain - **Category**: Logistics & Supply Chain - **BLUF**: ISO 28000 is the specification for security management systems in the supply chain. It provides a formal framework to assess and manage security risks, such as theft, terrorism, and piracy, aimed at ensuring the integrity and continuity of global logistics operations across all stakeholders. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-28000-supply-chain.json ### ISO 30414 (Human Capital) - **ID**: iso-30414-human-capital-rep - **Category**: Workplace - **BLUF**: ISO 30414:2018 is the first international standard that the allows the an organization to the demonstrate the its contribution to the human capital. it specifies guidelines for the metrics and the internal/external reporting related to the '11 Core Themes' (Compliance, Costs, Diversity, Leadership, etc.), ensuring the transparent measurement of the workforce value and the organizational the sustainability. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-30414-human-capital-rep.json ### Human Capital Reporting (ISO 30414) - **ID**: iso-30414-human-capital - **Category**: Workplace, Compliance & HR - **BLUF**: ISO 30414 is the first international standard that allows organizations (SMEs, large enterprises, and public bodies) to get a clear view of their human capital's contribution. It provides a standardized framework for HR metrics across 11 core areas including recruitment, leadership, and diversity. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-30414-human-capital.json ### ISO 31000 (Risk Mgt) - **ID**: iso-31000-risk-mgt-std - **Category**: Workplace - **BLUF**: ISO 31000:2018 is the premier international standard for the Risk Management. it provides guidelines for the an organization to the establish, implement, and the maintain a the 'Enterprise Risk Management' (ERM) framework and the process, ensuring the systematic identification, the analysis, and the 'Treatment' of the regular the business, the operational, and the strategic threats. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-31000-risk-mgt-std.json ### Risk Management (ISO 31000) - **ID**: iso-31000-risk-mgt - **Category**: Legal & Professional - **BLUF**: Guidelines and principles for effective risk management in organizations. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-31000-risk-mgt.json ### ISO 37001 (Anti-Bribery) - **ID**: iso-37001-anti-bribery-mgt - **Category**: Workplace - **BLUF**: ISO 37001:2016 is the international standard for the Anti-Bribery Management Systems (ABMS). it specifies requirements for the an organization to the prevent, detect, and the respond to the bribery and the corruption through the implementation of the strict 'Due Diligence', 'Financial/Non-Financial Controls', and the a the centralized the compliance function. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-37001-anti-bribery-mgt.json ### ISO 37001 (Anti-Bribery MS) - **ID**: iso-37001-anti-bribery-ms - **Category**: Legal & IP Sovereignty - **BLUF**: ISO 37001:2016 is the international standard for anti-bribery management systems (ABMS). It provides a framework for organizations to prevent, detect, and respond to bribery by establishing a culture of integrity, transparency, and compliance, applicable to small, medium, and large organizations in all sectors. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-37001-anti-bribery-ms.json ### Anti-Bribery Systems (ISO 37001) - **ID**: iso-37001-anti-bribery - **Category**: Workplace, Compliance & HR - **BLUF**: ISO 37001 is the international standard for anti-bribery management systems (ABMS). It specifies measures to help organizations prevent, detect, and address bribery by establishing a culture of integrity, transparency, and compliance. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-37001-anti-bribery.json ### ISO 37301 (Compliance) - **ID**: iso-37301-compliance-mgt - **Category**: Workplace - **BLUF**: ISO 37301:2021 is the premier international standard for the Compliance Management Systems (CMS). it specifies requirements and the provides the guidelines for the establishing, developing, implementing, and the maintaining a the 'Compliance Culture' within the organization, ensuring the adherence to the regulatory, the legal, and the unethical obligations. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-37301-compliance-mgt.json ### ISO 37301 (Compliance MS) - **ID**: iso-37301-compliance-ms - **Category**: Legal & IP Sovereignty - **BLUF**: ISO 37301:2021 is the global standard for Compliance Management Systems (CMS). It specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining, and improving an effective CMS within an organization, superseding ISO 19600 and making it a certifiable standard. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-37301-compliance-ms.json ### Compliance Mgt (ISO 37301) - **ID**: iso-37301-compliance - **Category**: Legal & Professional - **BLUF**: Requirements with guidance for use for a compliance management system. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-37301-compliance.json ### Road Traffic Safety (ISO 39001) - **ID**: iso-39001-road-traffic - **Category**: Logistics & Supply Chain - **BLUF**: Management system for reducing road traffic deaths and injuries. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-39001-road-traffic.json ### AIMS Improvement (ISO 42001) - **ID**: iso-42001-improvement - **Category**: AI Governance & Law - **BLUF**: ISO/IEC 42001:2023 Clause 10 (Improvement) mandates that organizations operating an AI Management System (AIMS) establish systematic processes for identifying, addressing, and preventing nonconformities — including AI safety incidents, bias events, harmful outputs, and performance degradation — and for driving continual improvement of the AIMS over time. Clause 10 requires organizations to react to nonconformities with documented corrective actions, perform root cause analysis to prevent recurrence, and evaluate the effectiveness of actions taken. Continual improvement requires using outputs from internal audits, management reviews, monitoring data, and stakeholder feedback to identify opportunities to enhance AI system performance, safety, and alignment. This clause is activated by incidents identified through the monitoring requirements of Clause 9 and is essential for demonstrating to regulators, customers, and auditors that the organization's AI systems become safer and more aligned over time, not static. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-42001-improvement.json ### AIMS Performance Eval (ISO 42001) - **ID**: iso-42001-performance - **Category**: AI Governance & Law - **BLUF**: ISO/IEC 42001:2023 Clause 9 (Performance Evaluation) requires organizations operating an AI Management System (AIMS) to establish monitoring and measurement programs for AI systems and the AIMS itself, conduct internal audits of AIMS conformity, and hold management reviews that use performance data to make informed governance decisions. Clause 9.1 requires determining what needs to be monitored and measured, the methods to be used, when evaluations occur, and when results are analyzed and communicated. Clause 9.2 mandates an internal audit program covering all AIMS elements at risk-determined intervals. Clause 9.3 requires management reviews that consider: audit results, AI system performance data, incident trends, regulatory changes, stakeholder feedback, and risk treatment effectiveness. Without systematic performance evaluation, AIMS nonconformities may go undetected, AI systems may drift from aligned behavior, and regulators may determine the AIMS is nominal rather than effective. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-42001-performance.json ### AI System Impact & Risk Assessment (ISO/IEC 42001:2023) - **ID**: iso-42001-risk-assess - **Category**: AI Governance & Law - **BLUF**: The AI System Impact Assessment (Clause 6.1.2) is a mandatory requirement to identify, analyze, and evaluate the potential consequences of an AI system on individuals, groups, and society, focusing on fairness, privacy, safety, and security. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-42001-risk-assess.json ### AI Transparency & Communication (ISO/IEC 42001:2023 Annex A.8) - **ID**: iso-42001-transparency - **Category**: AI Governance & Law - **BLUF**: Transparency controls (Annex A.8) mandate the provision of clear, accessible information regarding the AI system’s intent, capabilities, and limitations to ensure stakeholders can make informed decisions. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-42001-transparency.json ### Collaborative Ops (ISO 44001) - **ID**: iso-44001-collaborative - **Category**: Legal & Professional - **BLUF**: Requirements for establishing and improving collaborative business relationships. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-44001-collaborative.json ### Occupational Health & Safety (ISO 45001) - **ID**: iso-45001-health-safety - **Category**: Workplace, Compliance & HR - **BLUF**: ISO 45001:2018 is the global standard for occupational health and safety (OH&S), designed to prevent work-related injuries and illnesses while promoting a safe work environment through risk-based resource allocation. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-45001-health-safety.json ### ISO 45001 (Work Safety) - **ID**: iso-45001-work-safety - **Category**: Workplace - **BLUF**: ISO 45001:2018 is the premier international standard for the Occupational Health and Safety (OH&S). it provides a standardized framework for the an organization to the establish, implement, and the maintain an OH&S management system to the prevent the work-related injury and the ill health, with the specific emphasis on the 'Worker Participation' and the 'Hazard Identification'. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-45001-work-safety.json ### Water Efficiency (ISO 46001) - **ID**: iso-46001-water-eff - **Category**: Sustainability & ESG - **BLUF**: Requirements and guidance for water efficiency management systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-46001-water-eff.json ### Energy Management (ISO 50001) - **ID**: iso-50001-energy-mgmt - **Category**: Industrial IoT & Energy - **BLUF**: ISO 50001 is the international standard for energy management systems (EnMS). It provides a framework for organizations to improve energy performance, including efficiency, use, and consumption, through a systematic approach aimed at reducing operational costs and greenhouse gas emissions. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-50001-energy-mgmt.json ### Energy Management (ISO 50001) - **ID**: iso-50001-energy-v2 - **Category**: Sustainability & ESG - **BLUF**: Requirements for establishing, implementing, and improving energy management systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-50001-energy-v2.json ### Energy Management (ISO 50001) - **ID**: iso-50001-energy - **Category**: Industrial IoT & Energy - **BLUF**: ISO 50001:2018 is the international standard for Energy Management Systems (EnMS), providing a framework for organizations to continuously improve energy performance — energy efficiency, energy consumption, and energy intensity — through systematic planning, implementation, monitoring, and review. The standard follows the Plan-Do-Check-Act cycle and requires organizations to establish an energy baseline, define Energy Performance Indicators (EnPIs), set energy objectives and targets, implement operational and maintenance controls for significant energy uses, and drive continual improvement. For AI data centers and large-scale compute facilities, ISO 50001 is directly relevant as AI training and inference workloads represent some of the fastest-growing energy consumers globally. ISO 50001 certification demonstrates systematic energy management to regulators, investors, and customers; EU energy efficiency regulations increasingly require EnMS for large energy consumers. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-50001-energy.json ### Asset Management (ISO 55001) - **ID**: iso-55001-asset-mgt - **Category**: Legal & Professional - **BLUF**: Requirements for an asset management system within the context of the organization. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-55001-asset-mgt.json ### AI Quality Management (ISO 9001 Extension) - **ID**: iso-9001-ai-quality - **Category**: Business Compliance & Governance - **BLUF**: ISO 9001:2015 provides the foundational Quality Management System (QMS) framework for organizations. Applying these principles to AI-generated output requires rigorous documentation, performance monitoring, and iterative corrective actions. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-9001-ai-quality.json ### ISO 9001 (Quality Mgt) - **ID**: iso-9001-quality-mgt - **Category**: Workplace - **BLUF**: ISO 9001:2015 is the foundation for the quality management (QMS) worldwide. it specifies the requirements for the an organization to the demonstrate the its ability to the consistently the provide the products and the services that the meet the customer and the applicable the regulatory the standards, with the specific emphasis on the 'Process Approach' and the 'Continual Improvement'. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-9001-quality-mgt.json ### Lab Competence (ISO 17025) - **ID**: iso-iec-17025-lab - **Category**: Legal & Professional - **BLUF**: General requirements for the competence of testing and calibration laboratories. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-iec-17025-lab.json ### Open Source (ISO 5230) - **ID**: iso-iec-5230-openchain - **Category**: Legal & IP Sovereignty - **BLUF**: ISO/IEC 5230:2020 (OpenChain) is the international standard for open source software license compliance, defining the minimum requirements for a quality open source compliance program that enables organizations to trust open source software they receive from third parties and to manage the open source they distribute. The standard requires organizations to establish an Open Source Program Office (OSPO) or equivalent function, implement Software Composition Analysis (SCA) tooling to identify open source components in software, manage license obligations (attribution notices, source code distribution, patent grant notices), maintain a Software Bill of Materials (SBOM), and train personnel on open source license compliance. For AI systems, ISO 5230 applies to AI frameworks (PyTorch, TensorFlow, JAX), pre-trained model weights distributed under open licenses, and training data packages with open data licenses — license violations risk injunctions, damages, and product recall. SBOM requirements under US Executive Order 14028 and EU Cyber Resilience Act directly build on ISO 5230 principles. - **Discovery URL**: https://bidda.com/api/v1/nodes/iso-iec-5230-openchain.json ### ISPS Code (Vessel Security) - **ID**: isps-code-vessel-security - **Category**: Logistics & Supply Chain - **BLUF**: The International Ship and Port Facility Security (ISPS) Code is a mandatory set of measures to enhance the security of ships and port facilities. It provides a standardized framework for evaluating risk, enabling governments to offset changes in threat with changes in security level for ships and port facilities. - **Discovery URL**: https://bidda.com/api/v1/nodes/isps-code-vessel-security.json ### ISRC (Recording Code) - **ID**: isrc-recording-code - **Category**: Creative, Content & Media IP - **BLUF**: The International Standard Recording Code (ISRC) (ISO 3901) identifies the foundational industry standards for the unique identification of the sound and the music video recordings. it specifies THE mandatory the '12-Character Alphanumeric' structure (Country, the Registrant, the Year, the Designation), ensuring the robust management of the rights and the 'Verified' the reporting of the usage and the royalties across the global digital the stream and the broadcast platforms. - **Discovery URL**: https://bidda.com/api/v1/nodes/isrc-recording-code.json ### ISSB S1/S2 Standards - **ID**: issb-s1-s2-standard - **Category**: Sustainability & ESG - **BLUF**: The International Sustainability Standards Board (ISSB) issued its inaugural standards, IFRS S1 and IFRS S2, to provide a global baseline for sustainability disclosures. IFRS S1 covers general requirements for sustainability-related financial information, while IFRS S2 focuses on climate-related disclosures, aiming for high-quality, investor-grade reporting. - **Discovery URL**: https://bidda.com/api/v1/nodes/issb-s1-s2-standard.json ### ISSN (Serial Standard) - **ID**: issn-serial-standard - **Category**: Creative, Content & Media IP - **BLUF**: The International Standard Serial Number (ISSN) (ISO 3297) identifies the foundational industry standards for the unique identification of the serial publications (e.g., Journals, the Magazines, the Newsletters). it specifies the mandatory the '8-Digit' numeric structure (Check Digit MOD 11), ensuring the robust management of the 'Citation' and the 'Verified' the reporting of the continuing the resources across the global scholarly and the journalist publishing the ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/issn-serial-standard.json ### ITAR Compliance Workflow - **ID**: itar-compliance-workflow - **Category**: Aviation, Defense & Quantum - **BLUF**: The International Traffic in Arms Regulations (ITAR) control the export and temporary import of defense articles and defense services on the United States Munitions List (USML). Compliance is mandatory for all U.S. manufacturers, exporters, and brokers of defense articles to prevent unauthorized access by foreign persons and ensure national security integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/itar-compliance-workflow.json ### ITAR Export Control Logic - **ID**: itar-license-check - **Category**: "Aerospace & Defense" - **BLUF**: Mandatory controls for the export, re-export, and brokering of defense articles, services, and technical data listed on the United States Munitions List (USML). - **Discovery URL**: https://bidda.com/api/v1/nodes/itar-license-check.json ### ITIL v4 (Value System) - **ID**: itil-v4-service-value - **Category**: Cloud & SaaS - **BLUF**: ITIL v4 (Information Technology Infrastructure Library) is the world's the premier the framework for the IT service management (ITSM). it shifts the focus from the traditional process-based management to a 'Service Value System' (SVS) that integrates the '7 Guiding Principles', 'Governance', and the 'Service Value Chain' to the co-create the business value for the stakeholders. - **Discovery URL**: https://bidda.com/api/v1/nodes/itil-v4-service-value.json ### ITU-R BT.2020 (UHD) - **ID**: itu-r-bt-2020-uhdtv - **Category**: Creative, Content & Media IP - **BLUF**: The ITU-R BT.2020 (Parameter values for the UHDTV standards) identifies the foundational international standards for the ultra-high-definition video. it specifies the mandatory the requirements for the 'Wide Color Gamut' (WCG), the 'Bit Depth' (10/12-bit), and the 'Resolution' (3840x2160 / 7680x4320), ensuring the robust color fidelity and the high-fidelity THE visual rendering for the 'Next-Generation' global 4K and the 8K ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/itu-r-bt-2020-uhdtv.json ### ITU-R BT.709 (HDTV) - **ID**: itu-r-bt-709-hdtv - **Category**: Creative, Content & Media IP - **BLUF**: The ITU-R BT.709 (Parameter values for the HDTV standards) identifies the foundational international standards for the high-definition video production. it specifies the mandatory the requirements for the 'Color Primaries' (Rec. 709), the 'Transfer Characteristics' (Section 1), and the 'Display Matrix' (Table 1), ensuring the robust color accuracy and the high-fidelity the visual rendering across the global HD broadcast and the digital streaming ecosystems. - **Discovery URL**: https://bidda.com/api/v1/nodes/itu-r-bt-709-hdtv.json ### Kanban Replenishment Algorithm - **ID**: kanban-replenishment - **Category**: Logistics & Supply Chain - **BLUF**: Standardized pull-system logic for production supply. - **Discovery URL**: https://bidda.com/api/v1/nodes/kanban-replenishment.json ### KCS Evolve Loop - **ID**: kcs-evolve-loop - **Category**: Workflow Automation - **BLUF**: Knowledge-Centered Service (KCS) v6, developed by the Consortium for Service Innovation, defines the Evolve Loop as the organizational and strategic activities that ensure the KCS program itself continuously improves and delivers increasing value — distinct from the Solve Loop which focuses on capturing knowledge during individual interactions. The Evolve Loop encompasses content health assessment, alignment of knowledge strategy with product and business strategy, measurement of KCS program maturity and adoption, leadership enablement, and the reward and recognition structures that sustain the KCS culture. For AI-augmented knowledge bases, the Evolve Loop governs how AI-generated knowledge articles are reviewed, validated, and integrated into the authoritative knowledge base, ensuring that machine-created content meets the same quality standards as human-created content. - **Discovery URL**: https://bidda.com/api/v1/nodes/kcs-evolve-loop.json ### KCS Solve Loop - **ID**: kcs-solve-loop - **Category**: Workflow Automation - **BLUF**: Knowledge-Centered Service (KCS) v6 Solve Loop defines the practices agents follow during each customer interaction to search, reuse, create, improve, and contribute knowledge as an integral part of solving customer problems — not as a separate activity. The Solve Loop embeds knowledge management into the support workflow so that every interaction both consumes and contributes to the organizational knowledge base. The four core Solve Loop practices are: search early and often (search before acting, search as you think), link the incident to the relevant article (even if it doesn't perfectly describe the issue), create if nothing exists (capture knowledge in context, in the customer's language), and improve what's already there (if the article is inaccurate, incomplete, or unclear, fix it). For AI-augmented support, the Solve Loop governs how AI suggestions are validated, how agent corrections train the AI, and how the AI contributes to real-time knowledge capture. - **Discovery URL**: https://bidda.com/api/v1/nodes/kcs-solve-loop.json ### South Korea PIPA - **ID**: korea-pipa-standard - **Category**: Legal & IP Sovereignty - **BLUF**: The Personal Information Protection Act (PIPA) of South Korea is one of the world's strictest data protection regimes, mandating specific opt-in consent for sensitive information and imposing criminal penalties for data misuse. It is overseen by the PIPC (Personal Information Protection Commission). - **Discovery URL**: https://bidda.com/api/v1/nodes/korea-pipa-standard.json ### Last-Mile Delivery Ethics - **ID**: last-mile-algorithm-ethics - **Category**: Logistics & Supply Chain - **BLUF**: Ethical considerations for autonomous last-mile delivery swarms. - **Discovery URL**: https://bidda.com/api/v1/nodes/last-mile-algorithm-ethics.json ### Conveyancing Quality (UK) - **ID**: law-society-conveyancing - **Category**: Legal & Professional - **BLUF**: The Law Society Excellence mark for home buying and selling processes. - **Discovery URL**: https://bidda.com/api/v1/nodes/law-society-conveyancing.json ### LEED Green Building Rating - **ID**: leed-green-building - **Category**: Sustainability & ESG - **BLUF**: Leadership in Energy and Environmental Design rating system. - **Discovery URL**: https://bidda.com/api/v1/nodes/leed-green-building.json ### Deterministic NDA Review - **ID**: legal-nda-deterministic - **Category**: Legal & IP Sovereignty - **BLUF**: Deterministic NDA review is an AI-assisted legal workflow that systematically extracts, analyzes, and scores the key clauses of a Non-Disclosure Agreement (NDA) — including confidentiality definition, permitted disclosures, exclusions, term and termination provisions, return/destruction of materials, governing law, and mutuality — to identify departures from market standard positions and flag unacceptable risk provisions for human attorney review. The methodology applies natural language processing to identify clause presence and extract key terms, then compares extracted terms against a firm's approved clause library or market-standard benchmarks. Deterministic NDA review enables faster, more consistent pre-signature risk assessment, reduces attorney time on routine NDAs, and creates an auditable record of the review rationale. AI-generated NDA scores must be validated by an attorney before the organization executes the agreement — AI review is advisory, not determinative. - **Discovery URL**: https://bidda.com/api/v1/nodes/legal-nda-deterministic.json ### LinkedIn Ads (Policies) - **ID**: linkedin-ads-policy-std - **Category**: Sales, Marketing & PR - **BLUF**: The LinkedIn Advertising Policies identify the foundational standards for the B2B advertising. it specifies the mandatory the requirements for the 'Professionalism and the Accuracy' (Section 1), the 'Member Data' (Section 2), and the 'Lead Gen Forms' (Privacy Policies), ensuring the systematic prevention of the 'Deceptive' or the 'Spammy' the professional outreach. - **Discovery URL**: https://bidda.com/api/v1/nodes/linkedin-ads-policy-std.json ### Liquidity Staking Risk (LST) - **ID**: liquidity-staking-security - **Category**: Crypto & Sovereign Finance - **BLUF**: Liquid Staking Tokens (LSTs) represent a user's claim on staked cryptocurrency (primarily Ethereum via protocols like Lido's stETH, Rocket Pool's rETH, and Coinbase's cbETH) that can be freely traded, used as DeFi collateral, or compounded while the underlying stake earns validation rewards. LST security risks are multi-dimensional: smart contract risk (protocol code vulnerabilities), validator slashing risk (validator misconduct reducing the underlying ETH backing), peg de-pegging risk (LST trading below its theoretical ETH redemption value), governance risk (DAO parameter changes affecting economics), and re-hypothecation risk (LSTs deposited as collateral in DeFi protocols creating cascading liquidations during stress events). The March 2023 stETH depeg event and Lido's systemic dominance (>30% of all staked ETH) illustrate both the scale and concentration risks inherent in LST protocols. AI agents managing DeFi positions involving LSTs must monitor all five risk dimensions continuously. - **Discovery URL**: https://bidda.com/api/v1/nodes/liquidity-staking-security.json ### 3PL Service Provider Selection - **ID**: logistics-3pl-matrix - **Category**: Logistics & Supply Chain - **BLUF**: Weighted decision matrix for third-party logistics procurement. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-3pl-matrix.json ### Automated 3PL Performance SLAs - **ID**: logistics-3pl-slas - **Category**: Logistics & Supply Chain - **BLUF**: Third-Party Logistics (3PL) Service Level Agreements (SLAs) define the contractually binding performance thresholds that logistics service providers must meet for order fulfillment, warehousing, transportation, and returns management on behalf of their clients. For AI-managed logistics operations, these SLAs must be integrated into automated monitoring systems that track performance in real-time, detect violations, apply contractual penalties automatically, and escalate systemic failures to human supply chain managers. Key performance metrics typically include: order fill rate (target ≥99%), on-time-in-full (OTIF) delivery rate (target ≥98%), return processing time (target ≤24 hours), inventory accuracy (target ≥99.9%), and order cycle time. SLA penalties in logistics contracts typically range from 1-5% of the monthly service fee per percentage point below threshold, creating direct financial incentives for both parties to maintain AI-assisted monitoring. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-3pl-slas.json ### Bonded Warehouse Audit Protocol - **ID**: logistics-bonded-warehouse - **Category**: Logistics & Supply Chain - **BLUF**: Compliance checks for customs-bonded storage facilities. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-bonded-warehouse.json ### Logistics Carbon Accounting (GLEC) - **ID**: logistics-carbon-glec - **Category**: Logistics & Supply Chain - **BLUF**: Calculating GHG emissions across the global supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-carbon-glec.json ### Logistics EDI Standards (ANSI X12) - **ID**: logistics-edi-messaging - **Category**: Logistics & Supply Chain - **BLUF**: Standardized electronic data interchange for logistics transactions. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-edi-messaging.json ### Automated HS Classification - **ID**: logistics-hs-classification - **Category**: Logistics & Supply Chain - **BLUF**: The Harmonized System (HS) Classification node provides a deterministic logic framework based on the WCO General Rules for the Interpretation (GRI) to classify goods for global customs, ensuring accurate duty calculation and regulatory compliance. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-hs-classification.json ### Automated HS Code Classification - **ID**: logistics-hs-codes - **Category**: Logistics & Supply Chain - **BLUF**: The Harmonized System (HS) is the international nomenclature for classifying traded products, administered by the World Customs Organization (WCO) and used by over 200 countries as the basis for customs tariffs, trade statistics, and trade compliance. Every internationally traded product must be assigned a 6-digit HS code (which countries extend to 8-10 digits for national tariff schedules), and the correct code determines: the applicable import duty rate, eligibility for trade agreement preferential tariffs (e.g., US-EU MFN rates, CPTPP preferential rates), import/export permit requirements, and whether the product is subject to antidumping duties or safeguard measures. AI agents automating customs declarations must produce accurate HS classifications — misclassification results in customs duty underpayment/overpayment, customs examination delays, penalties, and import license violations. The WCO updates the HS every five years; the current edition is HS 2022. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-hs-codes.json ### Just-In-Time (JIT) Inventory Logic - **ID**: logistics-jit-inventory - **Category**: Logistics & Supply Chain - **BLUF**: Deterministic logic for lean supply chain replenishment. - **Discovery URL**: https://bidda.com/api/v1/nodes/logistics-jit-inventory.json ### Madrid System (Trademarks) - **ID**: madrid-system-trademarks - **Category**: Legal & Professional - **BLUF**: International system for the registration and management of trademarks. - **Discovery URL**: https://bidda.com/api/v1/nodes/madrid-system-trademarks.json ### Marketing Attribution - **ID**: marketing-attribution-models - **Category**: Sales, Marketing & PR - **BLUF**: The Marketing Attribution standard identifies the foundational methodological frameworks for the assigning value to the multiple marketing touchpoints. it specifies the mandatory the requirements for the 'Multi-Touch Attribution' (MTA) and the 'Marketing Mix Modeling' (MMM) integration (Section 3), ensuring the robust measurement of the return on the investment (ROI) through the systematic validation of the statistical 'Impact' and the model transparency. - **Discovery URL**: https://bidda.com/api/v1/nodes/marketing-attribution-models.json ### MAS TRM Guidelines (Singapore) - **ID**: mas-tr-management-sg - **Category**: Banking & Global Finance - **BLUF**: The Monetary Authority of Singapore (MAS) Technology Risk Management (TRM) Guidelines are the gold standard for financial technology governance in Asia-Pacific. it provides a comprehensive framework for the management of the IT risk, the security of the critical systems, and the oversight of the digital banking infrastructure. - **Discovery URL**: https://bidda.com/api/v1/nodes/mas-tr-management-sg.json ### Meta Ads (Policies) - **ID**: meta-ads-policy-standard - **Category**: Sales, Marketing & PR - **BLUF**: The Meta Advertising Policies (covering the Facebook, the Instagram, and the Messenger) identify the foundational standards for the ad content and the targeting. it specifies the mandatory the requirements for the 'Non-Discrimination' (Section 1), the 'Special Ad Categories' (Housing, Credit, Employment), and the 'Signal Integrity' (CAPI), ensuring the systematic prevention of the 'Harmful' or the 'Deceptive' the regular social the commerce. - **Discovery URL**: https://bidda.com/api/v1/nodes/meta-ads-policy-standard.json ### MEV-Boost Ethics & Audit - **ID**: mev-boost-audit - **Category**: Crypto & Sovereign Finance - **BLUF**: MEV-Boost (Maximal Extractable Value Boost) is the dominant block-building middleware for Ethereum Proof-of-Stake validators, enabling validators (proposers) to outsource block construction to a competitive market of block builders who maximize transaction ordering revenue, with profits shared between the builder and the validator. As of 2024, >90% of Ethereum blocks are produced via MEV-Boost relays. MEV extraction encompasses: arbitrage (cross-exchange price discrepancies), sandwich attacks (front-running and back-running victim transactions), liquidations, and just-in-time liquidity provision. Ethical and regulatory concerns center on: the fairness of MEV extraction from retail DeFi users, the centralization risks from dominant builders (top 3 builders produce ~80% of MEV-Boost blocks), validator-builder collusion, and OFAC sanctions compliance by relays filtering addresses from blocks. Auditing MEV-Boost participation is critical for validators, DeFi protocols, and institutions with fiduciary or compliance obligations. - **Discovery URL**: https://bidda.com/api/v1/nodes/mev-boost-audit.json ### MiCA (Stablecoin Reserve) - **ID**: mica-stablecoin-reserve - **Category**: Banking & Global Finance - **BLUF**: MiCA (Markets in Crypto-Assets Regulation, EU 2023/1114) is the first comprehensive framework for the crypto-asset market. it introduces strict reserve requirements for 'Asset-Referenced Tokens' (ARTs) and 'E-Money Tokens' (EMTs), commonly known as stablecoins, requiring issuers to maintain a 1:1 liquid reserve of assets to ensure the redemption and the systemic stability. - **Discovery URL**: https://bidda.com/api/v1/nodes/mica-stablecoin-reserve.json ### MiFID II Best Execution - **ID**: mifid-ii-best-execution - **Category**: Banking & Global Finance - **BLUF**: MiFID II Best Execution (Markets in Financial Instruments Directive II) requires investment firms to take all sufficient steps to obtain the best possible result for their clients when executing orders. it focuses on a multi-factor assessment including price, costs, speed, and likelihood of execution, ensuring transparent and fair market outcomes. - **Discovery URL**: https://bidda.com/api/v1/nodes/mifid-ii-best-execution.json ### Markets in Financial Instruments Directive II (MiFID II) - **ID**: mifid-ii - **Category**: "Finance" - **BLUF**: A comprehensive EU regulatory framework designed to increase market transparency and enhance investor protection across all asset classes. - **Discovery URL**: https://bidda.com/api/v1/nodes/mifid-ii.json ### MiFIR Transaction (Reporting) - **ID**: mifir-transaction-report - **Category**: Banking & Global Finance - **BLUF**: MiFIR Transaction Reporting (Markets in Financial Instruments Regulation, Article 26) is the mandatory standard for reporting the details of the financial trades to the EU regulators. it requires the timely disclosure of the 65 data fields (e.g., identity of the buyer/seller, LEIs, time-stamping) within one business day (T+1), ensuring the market monitoring for the market abuse and the systemic risk. - **Discovery URL**: https://bidda.com/api/v1/nodes/mifir-transaction-report.json ### Impair Defenses (MITRE T1562) - **ID**: mitre-t1562 - **Category**: Cybersecurity - **BLUF**: MITRE ATT&CK Technique T1562 (Impair Defenses) describes adversary behaviors aimed at disabling, tampering with, or reducing the effectiveness of security tools and controls — including antivirus, endpoint detection and response (EDR), logging systems, firewalls, and audit trails — to reduce detection probability and extend dwell time after initial compromise. T1562 has 12 sub-techniques including disabling Windows Defender (T1562.001), tampering with audit/log policies (T1562.002), disabling or modifying system firewalls (T1562.004), and disabling cloud logs (T1562.008). This technique is highly relevant to AI agent security because a maliciously prompted or jailbroken AI agent with tool execution capabilities could programmatically disable security monitoring tools as part of an adversary's kill chain. Detection requires continuous integrity monitoring of security tool state, immutable logging, and configuration baseline enforcement. - **Discovery URL**: https://bidda.com/api/v1/nodes/mitre-t1562.json ### UK Ministry of Defence (MoD) AI Safety Protocol - **ID**: mod-safe-ai - **Category**: "Aerospace & Defense" - **BLUF**: A mandatory safety assurance framework for AI systems deployed in British Armed Forces, requiring a structured Safety Case and human-in-the-loop gating for lethal force. - **Discovery URL**: https://bidda.com/api/v1/nodes/mod-safe-ai.json ### Standardized Model Card Logic - **ID**: model-card-report - **Category**: Advanced AI Research & Safety - **BLUF**: Model Cards, introduced by Mitchell et al. (2019) and subsequently adopted as a documentation standard in EU AI Act Article 11 (technical documentation), ISO/IEC 42001 Annex B, and NIST AI RMF Govern 1.2, are structured reports that document an AI model's intended use, training data characteristics, performance benchmarks across demographic subgroups, known limitations, and ethical considerations — enabling downstream deployers, auditors, and affected parties to make informed decisions about model adoption and risk. Under the EU AI Act, high-risk AI system providers must maintain technical documentation substantially equivalent to a Model Card as a prerequisite for CE marking and notified body assessment. NIST AI RMF requires Model Cards as an output of the Map and Measure functions for transparency and accountability. Incomplete or absent Model Cards constitute a governance gap that regulators, enterprise risk managers, and AI procurement teams treat as evidence of insufficient AI lifecycle management. AI agents that retrieve, generate, or audit Model Cards must apply the full schema defined in this node to ensure completeness and regulatory sufficiency. - **Discovery URL**: https://bidda.com/api/v1/nodes/model-card-report.json ### Modern Slavery Act - **ID**: modern-slavery-act-rep - **Category**: Workplace - **BLUF**: The Modern Slavery Act (UK 2015, Australia 2018) identifies the legal standards for the preventing the human rights abuses within the global supply chains. it specifies the mandatory the transparency requirements for the an organization to the publish an annual 'Statement' covering the its policies, the due diligence, and the identified the risks of the 'Forced Labour' and the 'Human Trafficking'. - **Discovery URL**: https://bidda.com/api/v1/nodes/modern-slavery-act-rep.json ### MRC (Viewability) - **ID**: mrc-viewability-standard - **Category**: Sales, Marketing & PR - **BLUF**: The Media Rating Council (MRC) Viewable Ad Impression Measurement Guidelines identify the foundational standards for the digital ad the verification. it specifies the mandatory the thresholds for a the 'Viewable' impression (e.g., 50% of the pixels for the 1 second display/2 seconds video), ensuring the measurement of the ad the exposure is the preserved while the strictly protecting the advertiser from the 'Invalid Traffic' (IVT). - **Discovery URL**: https://bidda.com/api/v1/nodes/mrc-viewability-standard.json ### MSC Seafood Sustainability - **ID**: msc-fisheries-cert - **Category**: Sustainability & ESG - **BLUF**: Certification for sustainable and well-managed fisheries. - **Discovery URL**: https://bidda.com/api/v1/nodes/msc-fisheries-cert.json ### NERC CIP: Energy Cyber Infrastructure - **ID**: nerc-cip-v6-cyber - **Category**: Industrial IoT & Energy - **BLUF**: The NERC Critical Infrastructure Protection (CIP) standards are the mandatory cybersecurity requirements for North American bulk power systems. They focus on identifying 'BES' (Bulk Electric System) Cyber Systems and implementing defense-in-depth controls to protect critical energy reliability from cyber threats. - **Discovery URL**: https://bidda.com/api/v1/nodes/nerc-cip-v6-cyber.json ### NIS2 Directive — EU Critical Infrastructure Cybersecurity - **ID**: nis2-directive - **Category**: Cybersecurity - **BLUF**: Directive (EU) 2022/2555 (NIS2), published December 27, 2022 and mandatorily transposed into national law by EU member states by October 17, 2024, replaces the original NIS Directive (2016/1148) and dramatically expands both the scope and enforcement regime for network and information security across the EU. NIS2 covers 18 sectors in two tiers: Essential Entities (EE) — energy, transport, banking, financial market infrastructure, health, drinking water, wastewater, digital infrastructure, ICT service management, public administration, and space — and Important Entities (IE) — postal/courier, waste management, chemicals, food production, manufacturing, digital providers, and research. The size threshold is medium enterprises (50+ employees, €10M+ annual revenue) in covered sectors with some exceptions. Key NIS2 innovations: mandatory management body accountability and personal liability for board members who fail to oversee cybersecurity measures; 24-hour early warning / 72-hour incident notification / 1-month final report obligation; harmonized minimum security measures including supply chain security and vulnerability disclosure; penalties up to €10M or 2% of global annual turnover for EE, €7M or 1.4% for IE. Supervised by national competent authorities (NCAs) with ENISA coordination. - **Discovery URL**: https://bidda.com/api/v1/nodes/nis2-directive.json ### Protecting PII (NIST 800-122) - **ID**: nist-800-122-pii - **Category**: Legal & IP Sovereignty - **BLUF**: NIST Special Publication 800-122 (Guide to Protecting the Confidentiality of Personally Identifiable Information) provides a comprehensive framework for federal agencies and their contractors to identify, categorize, and protect PII held in information systems — establishing that PII protection must be risk-based, proportional to the sensitivity of the information and the likelihood and impact of unauthorized disclosure. The publication defines PII as any information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information, and categorizes PII confidentiality impact using the NIST FIPS 199 LOW/MODERATE/HIGH scale based on factors including identifiability, quantity, data field sensitivity, context of use, and obligations to protect. Organizations that fail to implement PII protection controls consistent with NIST 800-122 face federal enforcement action under the Privacy Act of 1974, the E-Government Act of 2002, OMB Memorandum M-17-12, and sector-specific privacy statutes. AI agents that process, store, or transmit PII must apply the full NIST 800-122 control framework, including de-identification, access control, and incident response requirements. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-122-pii.json ### NIST SP 800-123 (Server Security) - **ID**: nist-800-123-server-sec - **Category**: Cloud & SaaS - **BLUF**: NIST SP 800-123 (Guide to General Server Security) provides the foundational standard for the secure deployment and the management of the servers. it focuses on the full 'Security Life Cycle', covering the host hardening, the logical the access control, and the persistent the monitoring of the server health, ensuring the infrastructure remains the resilient to the modern threats. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-123-server-sec.json ### CUI Protection (NIST 800-171) - **ID**: nist-800-171-cui - **Category**: Aerospace & Defense - **BLUF**: NIST Special Publication 800-171 Revision 3 (published May 2024) defines 17 control families containing 110 security requirements for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations — primarily defense contractors, research institutions, and suppliers processing federal contract information (FCI) and CUI under DFARS Clause 252.204-7012. Compliance with NIST 800-171 is mandatory for any organization holding a DoD contract that involves CUI, and the Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 2 assessment directly audits all 110 NIST 800-171 requirements through a Certified Third-Party Assessment Organization (C3PAO). The Supplier Performance Risk System (SPRS) score, derived from self-assessment against NIST 800-171, affects contract award decisions, and DoD contracting officers are required to review SPRS scores as part of the source selection process. Failure to implement required controls exposes contractors to contract termination, False Claims Act liability (up to three times damages plus civil penalties), and debarment from federal contracting. AI agents operating within defense contractor environments that process, store, or transmit CUI must comply with all applicable NIST 800-171 requirements, particularly access control, audit logging, system and communications protection, and configuration management families. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-171-cui.json ### NIST SP 800-171 Rev 3 (CUI) - **ID**: nist-800-171-rev-3 - **Category**: Aviation, Defense & Quantum - **BLUF**: NIST SP 800-171 Rev 3 provides the requirements for protecting the confidentiality of Controlled Unclassified Information (CUI) in nonfederal systems and organizations. It is the foundational standard for defense contractors, and the latest 2024 revision incorporates significant updates to controls and security families to align with modern cyber threats. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-171-rev-3.json ### NIST SP 800-190 (Containers) - **ID**: nist-800-190-container - **Category**: Cloud & SaaS - **BLUF**: NIST SP 800-190 (Application Container Security Guide) provides the definitive operational framework for securing the containerized applications. it identifies the unique risks associated with the 'Five Tiers' (Image, Registry, Orchestrator, Runtime, Host) and the provides the specific the recommendations for the protecting the entire the container lifecycle from the build to the production. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-190-container.json ### NIST SP 800-204 (Microservices) - **ID**: nist-800-204-microservices - **Category**: Cloud & SaaS - **BLUF**: NIST SP 800-204 (Security Strategies for Microservices-based Application Systems) provides the core architecture for securing the distributed service networks. it mandates the deployment of 'Service Mesh' and 'API Gateways' to the enforce the strict the identity, the authentication, and the logical the 'Zero Trust' the policies between the independent microservices. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-204-microservices.json ### Audit Event Logging (NIST 800-53) - **ID**: nist-800-53-au2 - **Category**: Cybersecurity - **BLUF**: NIST SP 800-53 Rev 5 Control AU-2 (Event Logging) requires organizations to identify the types of events that the system is capable of logging in support of the audit function, coordinate the event logging function with other organizations requiring audit-related information, and specify the types of events to be logged — establishing the foundational event taxonomy upon which all subsequent audit controls (AU-3 through AU-16) depend. AU-2 is a HIGH baseline control required for all federal systems at the MODERATE and HIGH impact levels, and FedRAMP and CMMC 2.0 both mandate AU-2 implementation. The control is critical for AI agent deployments because AI agents generate high volumes of events across multiple systems and APIs; without a comprehensive AU-2 event taxonomy that explicitly includes AI agent actions (tool calls, API invocations, data access, decision outputs), audit trails will be insufficient for forensic investigation of AI-related incidents, regulatory compliance, and attack reconstruction. Failure to implement AU-2 in AI systems undermines the detectability of MITRE T1562 (Impair Defenses) attacks targeting audit infrastructure and creates undetectable gaps in the audit trail. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-53-au2.json ### Contingency Planning (NIST 800-53) - **ID**: nist-800-53-cp2 - **Category**: Cybersecurity - **BLUF**: NIST SP 800-53 Rev 5 Control CP-2 (Contingency Plan) requires organizations to develop a contingency plan for the information system that identifies essential missions and business functions, provides recovery objectives, priorities, and metrics, addresses contingency roles, responsibilities, and assigned individuals, addresses maintaining essential missions and business functions despite an information system disruption, compromise, or failure, and provides a plan to restore operations within defined Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). CP-2 is a HIGH baseline control mandatory for federal systems at MODERATE and HIGH impact levels, and it is a foundational FedRAMP requirement. For AI agent systems, CP-2 is particularly critical because AI agents may be executing multi-step autonomous workflows at the time of a disruption — the contingency plan must address how in-flight agent tasks are safely halted, how agent state is captured for recovery, and how the restored system prevents duplicate actions from resumed agents. Failure to implement CP-2 for AI systems risks data integrity corruption, financial transaction duplication, and extended mission outage during recovery. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-53-cp2.json ### Ident & Auth (NIST 800-53) - **ID**: nist-800-53-ia2 - **Category**: Cybersecurity - **BLUF**: NIST SP 800-53 Rev 5 Control IA-2 (Identification and Authentication — Organizational Users) requires information systems to uniquely identify and authenticate organizational users (including processes acting on behalf of users) and mandates multi-factor authentication (MFA) for all access to privileged accounts and all network access to non-privileged accounts on federal systems — a requirement that OMB Memorandum M-22-09 (Zero Trust Strategy) extended to require phishing-resistant MFA (FIDO2/WebAuthn, PIV/CAC) for all federal agency users by fiscal year 2024. IA-2 is a HIGH baseline control required for all federal systems, FedRAMP, and CMMC 2.0 Level 2, and it represents one of the highest-impact single controls in reducing credential-based attack success: CISA reports that MFA blocks more than 99% of automated credential-stuffing and phishing attacks. For AI agent systems, IA-2 extends to non-human identities (NHIs) — AI agent service accounts and API credentials must be uniquely identified, use certificate-based authentication where feasible, and have their authentication events logged for the AU-2 audit trail. AI agents that invoke downstream services must propagate their authenticated identity to those services rather than using shared service accounts. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-53-ia2.json ### Boundary Protection (NIST 800-53) - **ID**: nist-800-53-sc7 - **Category**: Cybersecurity - **BLUF**: NIST SP 800-53 Rev 5 Control SC-7 (Boundary Protection) requires organizations to monitor and control communications at the external boundary of the system and at key internal boundaries, implement subnetworks for publicly accessible system components, and connect to external networks or systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security and privacy architecture. SC-7 is a HIGH baseline control mandatory for all federal systems at MODERATE and HIGH impact levels, FedRAMP High/Moderate, and CMMC 2.0 Level 2, and it is the foundational network security control upon which egress filtering, intrusion detection, and data loss prevention depend. For AI agent deployments, SC-7 is critical because AI agents executing tool calls and API invocations create dynamic outbound network flows that can exfiltrate data, communicate with attacker-controlled infrastructure, or access unauthorized external services — SC-7 egress controls must explicitly govern which external endpoints AI agents are permitted to connect to, and any agent connection attempt to an unapproved endpoint must be blocked and alerted. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-53-sc7.json ### NIST SP 800-61 (Incidents) - **ID**: nist-800-61-incident-resp - **Category**: Cloud & SaaS - **BLUF**: NIST SP 800-61 Rev 2 (Computer Security Incident Handling Guide) is the definitive U.S. standard for managing the lifecycle of the cyber incidents. it provides an operational framework for the established 'Incident Response Team' (CSIRT) to the efficiently coordinate the 'Detection', 'Analysis', 'Containment', and the 'Recovery', with the specific emphasis on the 'Post-Incident' learning to the reduce the future risk. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-61-incident-resp.json ### NIST SP 800-88 (Sanitization) - **ID**: nist-800-88-sanitization - **Category**: Cloud & SaaS - **BLUF**: NIST SP 800-88 Rev 1 (Guidelines for Media Sanitization) is the definitive U.S. standard for the secure destruction and the disposal of the information. it provides a systematic framework for the 'Sanitization' of the storage media (HDDs, SSDs, Mobile, Cloud) through the categorized methods of the 'Clear', 'Purge', and the 'Destroy', ensuring the sensitive data is the non-recoverable. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-800-88-sanitization.json ### AI Red Teaming (NIST AI 100-4) - **ID**: nist-ai-100-4-redteam - **Category**: "Advanced AI Research & Safety" - **BLUF**: Authoritative taxonomy and methodology for adversarial testing of AI systems, addressing vulnerabilities in generative and predictive models. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-ai-100-4-redteam.json ### NIST AI RMF: Governance & Accountability (Govern 1.1) - **ID**: nist-ai-rmf-govern - **Category**: Cybersecurity - **BLUF**: The NIST AI Risk Management Framework (RMF) 'Govern' function establishes the institutional foundation for safe AI. Sub-category Govern 1.1 specifically mandates that legal and regulatory AI requirements are identified, documented, and actively managed. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-ai-rmf-govern.json ### NIST AI RMF: Response - **ID**: nist-ai-rmf-manage - **Category**: AI Governance & Law - **BLUF**: NIST AI RMF MANAGE is the action function of the AI Risk Management Framework (NIST AI 100-1, January 2023). It converts the risk assessments produced by MAP and MEASURE into concrete treatment decisions: accept, mitigate, transfer, or avoid. MANAGE specifies how AI risk responses are planned, resourced, executed, and monitored for effectiveness. Organizations without a formal MANAGE function may identify AI risks but fail to close them, creating regulatory and reputational liability. Under the EU AI Act Article 9 and ISO 42001 Clause 8, demonstrating systematic risk treatment with documented outcomes is mandatory for high-risk AI system operators. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-ai-rmf-manage.json ### NIST AI RMF: Risk Context - **ID**: nist-ai-rmf-map - **Category**: AI Governance & Law - **BLUF**: NIST AI RMF MAP is the discovery function of the AI Risk Management Framework (NIST AI 100-1, January 2023). It establishes the context for each AI system — its intended use, deployment environment, affected stakeholders, and the categories of risk that apply. MAP must be completed before MEASURE or MANAGE can be executed. Without MAP, AI risk assessments are acontextual and unreliable. MAP is specifically required by the EU AI Act (Article 9 conformity assessment), ISO 42001 (Clause 6.1 risk identification), and the US NIST AI RMF Playbook as the entry point for all downstream risk management activities. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-ai-rmf-map.json ### NIST AI RMF: Metrics - **ID**: nist-ai-rmf-measure - **Category**: AI Governance & Law - **BLUF**: NIST AI RMF MEASURE is the evaluation function of the AI Risk Management Framework (NIST AI 100-1, January 2023). It converts the context established in MAP into quantitative and qualitative assessments of AI risk using appropriate tools, metrics, and methodologies. MEASURE determines the actual severity and likelihood of each identified risk before treatment decisions are made. Without rigorous MEASURE activities, MANAGE decisions are based on opinion rather than evidence — a gap that auditors, regulators, and insurers consistently flag. MEASURE is aligned with EU AI Act Article 9(7) (post-market monitoring) and ISO 42001 Clause 9 (performance evaluation). - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-ai-rmf-measure.json ### NIST SP 800-207 — Zero Trust Architecture - **ID**: nist-sp-800-207 - **Category**: Cybersecurity - **BLUF**: NIST Special Publication 800-207 (August 2020) defines Zero Trust Architecture (ZTA) — the security paradigm that shifts from perimeter-based ('castle and moat') defenses to identity-centric, per-session access decisions on all resources. The core principle is 'never trust, always verify': no implicit trust is granted based on network location. NIST 800-207 defines seven tenets of zero trust including that all data sources are resources, all communication is secured regardless of location, and access is granted per-session based on dynamic policy. The architecture defines three logical components: Policy Engine (PE) — makes access grant/deny decisions; Policy Administrator (PA) — establishes/terminates communication paths; Policy Enforcement Point (PEP) — gates access between subjects and enterprise resources. Three implementation approaches are defined: Enhanced Identity Governance (EIG), Micro-segmentation, and Software-Defined Perimeter (SDP)/Network Infrastructure. U.S. federal agencies were mandated to adopt ZTA principles by OMB Memorandum M-22-09 (January 2022), with specific maturity targets for identity, device, network, application, and data pillars per CISA ZT Maturity Model. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-sp-800-207.json ### NIST SP 800-218 Secure Software Development Framework (SSDF) - **ID**: nist-sp-800-218 - **Category**: "Cybersecurity" - **BLUF**: A risk-based framework for shifting security "left" in the software development lifecycle, mandatory for U.S. federal software suppliers. - **Discovery URL**: https://bidda.com/api/v1/nodes/nist-sp-800-218.json ### Smart Grid Security Framework - **ID**: nistir-7628-smartgrid - **Category**: Industrial IoT & Energy - **BLUF**: NISTIR 7628 Revision 1 (2014) provides the definitive cybersecurity guidelines for smart grid systems, covering all functional domains from bulk generation to consumer premises. It defines 189 high-level security requirements across seven categories (Smart Grid Cybersecurity Strategy, Architecture, and High-Level Requirements) and maps them to logical interfaces between smart grid components. Utilities, energy operators, grid equipment manufacturers, and AI agents managing smart grid infrastructure must apply NISTIR 7628 alongside NERC CIP for bulk electric systems and IEC 62443 for industrial control components. Failure to implement these controls exposes critical national infrastructure to cyberattacks with potential for widespread power outages. - **Discovery URL**: https://bidda.com/api/v1/nodes/nistir-7628-smartgrid.json ### Notary Public Standards - **ID**: notary-public-standard - **Category**: Legal & Professional - **BLUF**: Common law and civil law standards for the authentication of documents. - **Discovery URL**: https://bidda.com/api/v1/nodes/notary-public-standard.json ### IAEA Nuclear Safety (GS-R-3) - **ID**: nuclear-safety-iaea - **Category**: Sustainability & ESG - **BLUF**: Management system for nuclear facilities and safety standards. - **Discovery URL**: https://bidda.com/api/v1/nodes/nuclear-safety-iaea.json ### OCC 2023-17 (Third-Party) - **ID**: occ-bulletin-2023-17-risk - **Category**: Banking & Global Finance - **BLUF**: OCC Bulletin 2023-17 (Interagency Guidance on Third-Party Relationships: Risk Management) provides a unified U.S. standard for managing the risks of the third-party providers. it specifies a life-cycle approach to the oversight of the vendor, the cloud service, and the any other outside partnership. - **Discovery URL**: https://bidda.com/api/v1/nodes/occ-bulletin-2023-17-risk.json ### OECD AI Principles - **ID**: oecd-ai-principles - **Category**: AI Governance & Law - **BLUF**: Intergovernmental standards for trustworthy AI, promoting human rights and democratic values. - **Discovery URL**: https://bidda.com/api/v1/nodes/oecd-ai-principles.json ### OECD Corporate Governance - **ID**: oecd-corporate-governance-principles - **Category**: Legal & IP Sovereignty - **BLUF**: The G20/OECD Principles of Corporate Governance are the international standard for corporate governance. Revised in 2023, they provide a framework for policy makers and corporations to ensure institutional and legal environments that support investment, sustainability, and corporate accountability in a global market. - **Discovery URL**: https://bidda.com/api/v1/nodes/oecd-corporate-governance-principles.json ### OECD Guidelines (Multinationals) - **ID**: oecd-guidelines-multinational-ent - **Category**: Legal & IP Sovereignty - **BLUF**: The OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (RBC) are the most comprehensive international standard on business conduct. Revised in 2023, they provide recommendations from governments to enterprises on issues such as human rights, employment, environment, anti-bribery, and consumer interests, supported by the unique NCP grievance mechanism. - **Discovery URL**: https://bidda.com/api/v1/nodes/oecd-guidelines-multinational-ent.json ### OECD Mineral Due Diligence - **ID**: oecd-mineral-supply - **Category**: Sustainability & ESG - **BLUF**: Framework for responsible supply chains of minerals from conflict-affected areas. - **Discovery URL**: https://bidda.com/api/v1/nodes/oecd-mineral-supply.json ### Global Minimum Tax (Pillar Two) - **ID**: oecd-pillar2-minimum - **Category**: Finance - **BLUF**: OECD Pillar Two (Global Anti-Base Erosion Rules — GloBE) establishes a global minimum corporate tax rate of 15% for multinational enterprises (MNEs) with annual revenue exceeding €750 million. Finalized in December 2021 and enacted in over 40 jurisdictions as of 2024 (EU Minimum Tax Directive effective January 1, 2024; UK, Japan, South Korea, Switzerland among first adopters), Pillar Two introduces two interlocking domestic rules: the Income Inclusion Rule (IIR) — the parent entity pays top-up tax on low-taxed subsidiaries; and the Undertaxed Profits Rule (UTPR) — a backstop where other group members can collect the top-up tax if the parent jurisdiction does not apply IIR. Non-compliance results in top-up taxes, transfer pricing adjustments, and potential double taxation in multiple jurisdictions. - **Discovery URL**: https://bidda.com/api/v1/nodes/oecd-pillar2-minimum.json ### OSHA (Work Safety) - **ID**: osha-work-safety-us - **Category**: Workplace - **BLUF**: The Occupational Safety and Health Act of 1970 (OSHA) is the primary U.S. federal law for the workplace safety. it specifies the mandatory the standards for the employers to the provide a environment 'Free from the Recognizing Hazards' that are the causing or the likely to the cause the death or the serious physical harm, with the specific the duties for the 'Recordkeeping', 'Training', and the 'Hazardous Communication'. - **Discovery URL**: https://bidda.com/api/v1/nodes/osha-work-safety-us.json ### OWASP ASVS L1 (App Sec) - **ID**: owasp-asvs-l1 - **Category**: Cloud & SaaS - **BLUF**: The OWASP Application Security Verification Standard (ASVS) Level 1 (Opportunistic) is the baseline requirement for all web applications. it focuses on the vulnerabilities that are the easy to the find and the automated scanning can detect. Level 1 ensures the most common the security flaws are the remediated, providing a 'Defensible' standard for the lower-risk software. - **Discovery URL**: https://bidda.com/api/v1/nodes/owasp-asvs-l1.json ### OWASP ASVS L2 (Standard) - **ID**: owasp-asvs-l2 - **Category**: Cloud & SaaS - **BLUF**: The OWASP Application Security Verification Standard (ASVS) Level 2 (Standard) is the primary baseline for the business applications that handle sensitive information. it requires the 'Verification by Analysis', mandating a the manual codes review or the expert penetration testing for the all controls, ensuring the application is the developed with the a the secure design and the highly protected architecture. - **Discovery URL**: https://bidda.com/api/v1/nodes/owasp-asvs-l2.json ### OWASP ASVS L3 (Advanced) - **ID**: owasp-asvs-l3 - **Category**: Cloud & SaaS - **BLUF**: The OWASP Application Security Verification Standard (ASVS) Level 3 (Advanced) is the highest tier of the application security for the critical infrastructure and the high-trust systems. it focuses on the 'Resilience' and the 'Assurance', requiring the software to the be designed from the foundation to the withstand the direct attack and the for the security controls to be the manually verified for the absolute correctness. - **Discovery URL**: https://bidda.com/api/v1/nodes/owasp-asvs-l3.json ### Prompt Injection Prevention (OWASP LLM01) - **ID**: owasp-llm-1 - **Category**: Cybersecurity - **BLUF**: Prompt Injection (LLM01) occurs when an attacker manipulates an LLM via crafted inputs to override system instructions. Prevention requires strict input sanitization, separation of data from instructions, and least-privilege tool access. - **Discovery URL**: https://bidda.com/api/v1/nodes/owasp-llm-1.json ### Insecure Output Handling (OWASP LLM02) - **ID**: owasp-llm-2 - **Category**: Cybersecurity - **BLUF**: Insecure Output Handling (LLM02) occurs when an application trustingly processes LLM-generated output without validation, potentially leading to XSS, CSRF, or SSRF in downstream systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/owasp-llm-2.json ### OWASP SAMM (Governance) - **ID**: owasp-samm-governance - **Category**: Cloud & SaaS - **BLUF**: The OWASP Software Assurance Maturity Model (SAMM) v2.0 is the premier framework for the analyzing and the improving the software security posture. it provides a measurable way for the organizations to the design, develop, and the deploy the highly secure software by partitioning the process into the 'Five Business Functions' (Governance, Design, Implementation, Verification, Operations). - **Discovery URL**: https://bidda.com/api/v1/nodes/owasp-samm-governance.json ### Paris Convention (IP) - **ID**: paris-convention-industrial-property - **Category**: Legal & IP Sovereignty - **BLUF**: The Paris Convention for the Protection of Industrial Property (1883) is the foundational international treaty for IP rights. It introduced the 'Right of Priority' and 'National Treatment', ensuring that inventors can claim the original filing date across member states and that foreign innovators receive the same protection as local nationals. - **Discovery URL**: https://bidda.com/api/v1/nodes/paris-convention-industrial-property.json ### PCAOB Auditing Standards - **ID**: pcaob-audit-standards - **Category**: Legal & Professional - **BLUF**: Standards for the audits of public companies to protect investors. - **Discovery URL**: https://bidda.com/api/v1/nodes/pcaob-audit-standards.json ### PCI-DSS (Hospitality Payment) - **ID**: pci-dss-hospitality - **Category**: Food & Hospitality - **BLUF**: Security standards for protecting cardholder data in hospitality transactions. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-hospitality.json ### PCI DSS v4 Req 1 (NSC) - **ID**: pci-dss-v4-requirement-1 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 1 (Install and Maintain Network Security Controls) mandates the use of the 'Network Security Controls' (NSCs) (historically Firewalls) to the protect the Cardholder Data Environment (CDE). it requires the strict logical and the physical isolation of the credit card processing from the unauthorized networks through the formalized the 'Rule' and the 'Configuration' management. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-1.json ### PCI DSS v4 Req 2 (Hardening) - **ID**: pci-dss-v4-requirement-2 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 2 (Apply Secure Configurations) mandates that all system components must have the non-default, hardened security configurations. it requires the immediate change of the manufacturer-supplied default passwords and the removal of the unnecessary services, protocols, or the functions from the OS and the firmware, ensuring the a the secure infrastructure baseline. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-2.json ### PCI DSS v4 Req 3 (Stored Data) - **ID**: pci-dss-v4-requirement-3 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 3 (Protect Stored Account Data) focuses on the security of the cardholder information residing on the persistent storage. it mandates the prohibition of the 'Sensitive Authentication Data' (SAD) storage post-authorization and the requirement for the 'Primary Account Number' (PAN) to be the rendered unreadable through the strong encryption, the truncation, or the hashing. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-3.json ### PCI DSS v4 Req 4 (Transmission) - **ID**: pci-dss-v4-requirement-4 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 4 (Protect Cardholder Data with Strong Cryptography During Transmission) revolves around the security of the clear-text card data as it travels across the any 'Open, Public' networks (e.g., the Internet, Cellular, Wireless). it mandates the use of the 'Strong Cryptography' (TLS 1.2+, IPsec, SSH) to the ensure that the card data is not the intercepted or the tampered during the transit. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-4.json ### PCI DSS v4 Req 5 (Malware) - **ID**: pci-dss-v4-requirement-5 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 5 (Protect All Systems and Networks from Malicious Software) mandates the implementation of the active malware protection across the all system components. it focuses on the continuous monitoring, the detection, and the remediation of the 'Malicious Code' (Viruses, Worms, Trojans) and the 'Phishing' risks, ensuring the CDE integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-5.json ### PCI DSS v4 Req 6 (Software) - **ID**: pci-dss-v4-requirement-6 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 6 (Develop and Maintain Secure Systems and Software) specifies the requirements for the secure software development lifecycle (SDLC) and the vulnerability management. it mandates the protection of the public-facing web applications from the specific attacks (e.g., OWASP Top 10) and the 'Timely Patching' of the all critical vulnerabilities within 30 days. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-6.json ### PCI DSS v4 Req 7 (Access Control) - **ID**: pci-dss-v4-requirement-7 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 7 (Restrict Access to System Components and Cardholder Data by Business Need to Know) revolves around the fundamental security principle of 'Least Privilege'. it mandates that access to the its or the cardholder information is only the granted to the validated users who require it for the their the job functions, ensuring the minimize attack surface and the preventing the lateral movement. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-7.json ### PCI DSS v4 Req 8 (Identity) - **ID**: pci-dss-v4-requirement-8 - **Category**: Cloud & SaaS - **BLUF**: PCI DSS v4 Requirement 8 (Identify Users and Authenticate Access to System Components) specifies the authentication standards for the payment environments. it mandates the 'Unique ID' per individual and the 'Multifactor Authentication' (MFA) for the all access to the Cardholder Data Environment (CDE), ensuring the absolute accountability and the protection against the credential-based attacks. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4-requirement-8.json ### PCI DSS v4.0 — Payment Card Data Security - **ID**: pci-dss-v4 - **Category**: Finance - **BLUF**: PCI DSS v4.0, published March 2022 by the PCI Security Standards Council (PCI SSC), is the mandatory security standard for all entities that store, process, or transmit payment card data (cardholder data / CHD) or sensitive authentication data (SAD). The standard contains 12 requirements organized across 6 core goals. Version 4.0 introduced a Customized Approach allowing organizations to use alternative controls with documented risk analysis, and added 64 new requirements versus v3.2.1. Key additions: MFA for all access to the cardholder data environment (Req. 8.4.2, effective March 2025), 12-character minimum passwords (Req. 8.3.6), and targeted risk analysis for customized controls. PCI v3.2.1 was retired March 31, 2024. Compliance is validated annually via Report on Compliance (ROC) for Level 1 merchants (>6M Visa/Mastercard transactions/year) by a Qualified Security Assessor (QSA), or Self-Assessment Questionnaire (SAQ) for lower levels. Non-compliance penalties include fines of $5,000–$100,000/month from card brands, increased transaction fees, and loss of card acceptance privileges. - **Discovery URL**: https://bidda.com/api/v1/nodes/pci-dss-v4.json ### PEFC Forest Management Standard - **ID**: pefc-forest-mgt - **Category**: Sustainability & ESG - **BLUF**: Ensuring sustainable forest management practices globally. - **Discovery URL**: https://bidda.com/api/v1/nodes/pefc-forest-mgt.json ### PMBOK 7 (Project Guide) - **ID**: pmbok-7-guide-pm - **Category**: Workplace - **BLUF**: The PMBOK Guide 7th Edition (Project Management Body of Knowledge) identifies the foundational standards for the project management. it shifts from the 'Process' focus to the 'Value' focus through the '12 Principles' and the '8 Performance Domains', ensuring the practitioners can the adapt the project the delivery to the specific 'Context' and the 'Uncertainty' of the global business. - **Discovery URL**: https://bidda.com/api/v1/nodes/pmbok-7-guide-pm.json ### PMI Code of Ethics - **ID**: pmi-code-ethics - **Category**: Legal & Professional - **BLUF**: Ethical standards and professional conduct for project management professionals. - **Discovery URL**: https://bidda.com/api/v1/nodes/pmi-code-ethics.json ### ISPS Code: Port Facility Security - **ID**: port-facility-security-isps - **Category**: Logistics & Supply Chain - **BLUF**: Security standards for ports and terminal operations. - **Discovery URL**: https://bidda.com/api/v1/nodes/port-facility-security-isps.json ### PQC Migration Workflow - **ID**: pqc-migration-logic - **Category**: Aviation, Defense & Quantum - **BLUF**: The PQC Migration Workflow (based on NSA CNSA 2.0 and NIST PQC timelines) provides the strategic five-step transition from 'Classical' cryptography to 'Post-Quantum' (PQC) standards. It focuses on mitigating the 'Store-Now-Decrypt-Later' (SNDL) risk for high-longevity data and ensuring quantum-secure authenticated software updates (ASU). - **Discovery URL**: https://bidda.com/api/v1/nodes/pqc-migration-logic.json ### PRA SS1/21 (Resilience) - **ID**: pra-ss1-21-resilience - **Category**: Banking & Global Finance - **BLUF**: PRA SS1/21 (Operational Resilience: Impact tolerances for important business services) is the UK's cornerstone standard for bank and insurer resilience. it shifts focus from traditional disaster recovery to ensuring that 'Important Business Services' (IBS) remain within set 'Impact Tolerances' during severe but plausible disruptions. - **Discovery URL**: https://bidda.com/api/v1/nodes/pra-ss1-21-resilience.json ### PRINCE2 7 (Framework) - **ID**: prince2-7-framework-pm - **Category**: Workplace - **BLUF**: PRINCE2 7 (Projects in Controlled Environments) is the international standard for the structured project management. it identifies the '7 Principles', the '7 Practices', and the '7 Processes' that the an organization must the use to the ensure the effective the result delivery, with the specific v7 emphasis on 'People' and the 'Sustainability' as the core success the factors and the logical tailing of the standard. - **Discovery URL**: https://bidda.com/api/v1/nodes/prince2-7-framework-pm.json ### PRSA (Code of Ethics) - **ID**: prsa-code-of-ethics - **Category**: Sales, Marketing & PR - **BLUF**: The PRSA Code of Ethics identifies the foundational standards for the Public Relations (PR) professionals. it specifies the '6 Core Values' (Advocacy, Honesty, Expertise, Independence, Loyalty, Fairness) and the '6 Code Provisions' (Free Flow of Information, Disclosure of Information, Confidences, Conflict of Interest, etc.), ensuring the PR activities the maintain the high-trust and the organizational integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/prsa-code-of-ethics.json ### PSD2 SCA (Payments) - **ID**: psd2-sc-authentication - **Category**: Banking & Global Finance - **BLUF**: PSD2 Strong Customer Authentication (SCA) (Directive 2015/2366) is the mandatory security standard for electronic payments in Europe. it requires a multifactor authentication process based on 'Knowledge' (something only the user knows), 'Possession' (something only the user has), and 'Inherence' (something the user is), with the specific requirement for the 'Dynamic Linking' to prevent the tampering during the payment initiation. - **Discovery URL**: https://bidda.com/api/v1/nodes/psd2-sc-authentication.json ### Quantum Readiness Checklist - **ID**: quantum-readiness-checklist - **Category**: Aviation, Defense & Quantum - **BLUF**: The Quantum Readiness Checklist is based on OMB M-23-02, CISA's Quantum Strategy, and NIST PQC migration guidance. It provides an actionable framework for organizations to identify cryptographic assets vulnerable to quantum attacks (CRQC) and begin the transition to FIPS 203-205 standards to ensure long-term data confidentiality and integrity. - **Discovery URL**: https://bidda.com/api/v1/nodes/quantum-readiness-checklist.json ### Quantum Readiness Triage - **ID**: quantum-risk-audit - **Category**: Cybersecurity - **BLUF**: A quantum readiness assessment is the systematic process of identifying all cryptographic assets in an organization that are vulnerable to attack by a Cryptographically Relevant Quantum Computer (CRQC) and producing a prioritized migration roadmap to post-quantum cryptography (PQC). NIST finalized the first PQC standards (FIPS 203, 204, 205) in August 2024. NSA CNSA 2.0 mandates migration timelines with new systems adopting PQC by 2025 and legacy systems fully migrated by 2030. The 'harvest now, decrypt later' (HNDL) threat means adversaries are already collecting encrypted data today to decrypt once quantum computers mature — organizations with long-lived sensitive data (classified, health, financial, legal) must begin migration immediately regardless of when CRQCs become available. - **Discovery URL**: https://bidda.com/api/v1/nodes/quantum-risk-audit.json ### RE100 Renewable Energy Criteria - **ID**: re100-renewable-req - **Category**: Sustainability & ESG - **BLUF**: Reporting and technical criteria for 100% renewable electricity global initiative. - **Discovery URL**: https://bidda.com/api/v1/nodes/re100-renewable-req.json ### REACH Chemical Compliance - **ID**: reach-chemical-comp - **Category**: Sustainability & ESG - **BLUF**: EU registration, evaluation, and authorization of chemicals. - **Discovery URL**: https://bidda.com/api/v1/nodes/reach-chemical-comp.json ### Reverse Logistics & Circularity - **ID**: reverse-logistics-circular - **Category**: Logistics & Supply Chain - **BLUF**: Logic for managing product returns and material recovery loops. - **Discovery URL**: https://bidda.com/api/v1/nodes/reverse-logistics-circular.json ### RICS Valuation - Global - **ID**: rics-valuation-global - **Category**: Legal & Professional - **BLUF**: Red Book Global Standards for professional property valuation and assessment. - **Discovery URL**: https://bidda.com/api/v1/nodes/rics-valuation-global.json ### RLHF Transparency Protocol - **ID**: rlhf-loop-audit - **Category**: Advanced AI Research & Safety - **BLUF**: Reinforcement Learning from Human Feedback (RLHF) is the dominant alignment technique used to train large language models (LLMs) to follow instructions, avoid harmful outputs, and produce outputs preferred by human evaluators — combining supervised fine-tuning (SFT) on demonstration data with a reward model trained on human preference comparisons, then optimizing the policy model using Proximal Policy Optimization (PPO) or Direct Preference Optimization (DPO) with a KL-divergence penalty preventing excessive drift from the base model. RLHF audit requirements arise from the opacity of the human feedback process: reward hacking (the policy exploiting reward model weaknesses rather than genuinely improving), annotator bias (systematic preferences of the labeler population distorting the reward signal), and reward model overfitting create alignment failures that are difficult to detect without structured auditing. The EU AI Act Article 10 data governance requirements, NIST AI RMF Govern 1.7 (human oversight of AI), and ISO/IEC 42001 performance monitoring obligations collectively require that RLHF processes be documented, monitored for reward hacking, and periodically audited for labeler quality and preference consistency. AI systems trained with RLHF that lack documented audit trails for the feedback loop cannot be considered to have met their alignment validation obligations. - **Discovery URL**: https://bidda.com/api/v1/nodes/rlhf-loop-audit.json ### RoHS Hazardous Substances - **ID**: rohs-hazardous-sub - **Category**: Sustainability & ESG - **BLUF**: Restriction of hazardous substances in electrical equipment. - **Discovery URL**: https://bidda.com/api/v1/nodes/rohs-hazardous-sub.json ### Rotterdam Rules (UN Convention) - **ID**: rotterdam-rules-maritime - **Category**: Logistics & Supply Chain - **BLUF**: The Rotterdam Rules (2008) constitute the United Nations Convention on Contracts for the International Carriage of Goods Wholly or Partly by Sea. They modernize the maritime liability regime by covering 'door-to-door' transport involving maritime legs, and accommodating electronic commerce and paperless bills of lading. - **Discovery URL**: https://bidda.com/api/v1/nodes/rotterdam-rules-maritime.json ### RSPO Palm Oil Certification - **ID**: rspo-palm-oil - **Category**: Sustainability & ESG - **BLUF**: Sustainability standards for palm oil production and supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/rspo-palm-oil.json ### SA8000 (Social Account) - **ID**: sa8000-social-account - **Category**: Workplace - **BLUF**: The SA8000:2014 Social Accountability standard is the premier global certification for the fair treatment of the workers. it specifies '9 Social Requirements' that the an organization must the meet, focusing on the 'Abolition of the child/forced labour', the 'Health and the Safety', and the most the critical the 'Management System' approach for the regular the social the performance the monitoring. - **Discovery URL**: https://bidda.com/api/v1/nodes/sa8000-social-account.json ### Safe Stays (Hotel Hygiene) - **ID**: safe-stays-hotel-audit - **Category**: Food & Hospitality - **BLUF**: Hygiene and cleanliness protocols for the global hospitality sector. - **Discovery URL**: https://bidda.com/api/v1/nodes/safe-stays-hotel-audit.json ### Sales CRM Best Practices - **ID**: sales-crm-best-practices - **Category**: Sales, Marketing & PR - **BLUF**: The Sales Customer Relationship Management (CRM) Best Practices identify the foundational standards for the high-fidelity customer data management. it provides a robust framework for the 'Data Quality' (ISO 8000), the 'Lifecycle Management' (Lead-to-Cash), and the systematic deduplication and the enrichment of the 'Master Data' (MDM), ensuring the organizational the efficiency and the'Source of Truth' for the autonomous sales agents. - **Discovery URL**: https://bidda.com/api/v1/nodes/sales-crm-best-practices.json ### Lead Gen Compliance - **ID**: sales-lead-gen-compliance - **Category**: Sales, Marketing & PR - **BLUF**: The Lead Generation Compliance standard (primarily centered on the U.S. TCPA, 47 U.S.C. 227) identifies the foundational standards for the legal acquisition and the 'Direct Outreach' targeting of the prospects. it specifies the mandatory the requirements for the 'Prior Express Written Consent' (PEWC), the 'Do Not Call' (DNC) screening, and the systematic prevention of the 'Auto-Dialer' (ATDS) abuse to the protect the consumer from the unsolicited commercial harassment. - **Discovery URL**: https://bidda.com/api/v1/nodes/sales-lead-gen-compliance.json ### Deterministic Lead Scoring Logic - **ID**: sales-lead-scoring - **Category**: "Sales & Marketing Operations" - **BLUF**: Quantitative methodology for prioritizing sales leads based on explicit demographic signals and implicit behavioral triggers. - **Discovery URL**: https://bidda.com/api/v1/nodes/sales-lead-scoring.json ### Sarbanes-Oxley Act (SOX) - **ID**: sarbanes-oxley-act-sox - **Category**: Legal & IP Sovereignty - **BLUF**: The Sarbanes-Oxley Act of 2002 (SOX) is a U.S. federal law that set new or expanded requirements for all U.S. public company boards, management, and public accounting firms. It was enacted in response to major corporate financial scandals (e.g., Enron, WorldCom) to restore investor confidence through enhanced disclosure and internal control mandates. - **Discovery URL**: https://bidda.com/api/v1/nodes/sarbanes-oxley-act-sox.json ### SOX 404 (Controls Audit) - **ID**: sarbannes-oxley-404 - **Category**: Legal & Professional - **BLUF**: Requirement for management and auditors to report on internal controls over financial reporting. - **Discovery URL**: https://bidda.com/api/v1/nodes/sarbannes-oxley-404.json ### SASB Materiality Standard - **ID**: sasb-materiality-standard - **Category**: Sustainability & ESG - **BLUF**: The Sustainability Accounting Standards Board (SASB) provides industry-specific disclosure standards covering 77 industries. It focuses on 'Financial Materiality'—identifying the subset of environmental, social, and governance (ESG) factors most likely to impact the financial performance or condition of a typical company in a given industry. - **Discovery URL**: https://bidda.com/api/v1/nodes/sasb-materiality-standard.json ### SBTi Carbon Target Validation - **ID**: sbti-carbon-target - **Category**: Sustainability & ESG - **BLUF**: Science-based targets initiative for corporate climate action. - **Discovery URL**: https://bidda.com/api/v1/nodes/sbti-carbon-target.json ### SCADA Threat Detection Algorithm - **ID**: scada-threat-detect - **Category**: "Industrial IoT & Energy" - **BLUF**: Specialized anomaly detection for Industrial Control System (ICS) protocols (DNP3, Modbus, IEC 61850), essential for securing critical infrastructure. - **Discovery URL**: https://bidda.com/api/v1/nodes/scada-threat-detect.json ### SCOR DS: Fulfillment - **ID**: scor-fulfill - **Category**: Logistics & Supply Chain - **BLUF**: SCOR DS (Supply Chain Operations Reference — Digital Standard) Fulfill covers all processes involved in executing customer orders from receipt through delivery and returns. Maintained by ASCM (Association for Supply Chain Management), SCOR DS defines a hierarchical process framework with standardized metrics at each level — enabling supply chain professionals and AI agents to benchmark performance, identify bottlenecks, and redesign fulfillment processes against best-in-class KPIs. The Fulfill process includes order management, warehouse operations, transportation, and last-mile delivery. Organizations with immature Fulfill processes exhibit high perfect order rates failures, elevated OTIF (On Time In Full) misses, and customer satisfaction scores below industry benchmarks. - **Discovery URL**: https://bidda.com/api/v1/nodes/scor-fulfill.json ### SCOR DS: Orchestration - **ID**: scor-orchestrate - **Category**: Logistics & Supply Chain - **BLUF**: SCOR DS Orchestrate is the meta-level planning process in the Supply Chain Operations Reference Digital Standard that coordinates strategy, governance, data flows, and performance management across all other SCOR processes (Plan, Source, Make, Deliver, Return, Enable). Unlike Plan, which is tactical, Orchestrate defines the rules, policies, and digital architecture that govern how a supply chain operates. ASCM introduced Orchestrate in SCOR DS to reflect the reality of digitally integrated supply chains where AI, IoT, and real-time data streams require explicit governance of how information is collected, interpreted, shared, and acted upon across supply chain partners. - **Discovery URL**: https://bidda.com/api/v1/nodes/scor-orchestrate.json ### SEC Climate Disclosure Rule - **ID**: sec-climate-disclosure - **Category**: Sustainability & ESG - **BLUF**: The SEC Climate Disclosure Rule (Final Rule 33-11275) mandates that U.S. public companies and foreign private issuers disclose climate-related risks, their financial impacts, and greenhouse gas (GHG) emissions (Scope 1 and 2 for large accelerated filers). It aims to provide investors with consistent, comparable, and reliable climate-related information. - **Discovery URL**: https://bidda.com/api/v1/nodes/sec-climate-disclosure.json ### SEC Regulation S-K Item 106 (Cybersecurity) - **ID**: sec-reg-s-k-106 - **Category**: "Finance & Securities" - **BLUF**: Mandatory cybersecurity risk management, strategy, governance, and incident disclosure requirements for U.S. public companies. - **Discovery URL**: https://bidda.com/api/v1/nodes/sec-reg-s-k-106.json ### Shared Responsibility Model - **ID**: shared-responsibility-model - **Category**: Cloud & SaaS - **BLUF**: The Shared Responsibility Model is the foundational governance framework for the cloud computing security. it defines the respective duties of the Cloud Service Provider (CSP) and the Cloud Service Customer (CSC) across different service models (IaaS, PaaS, SaaS). The CSP is the 'Security OF the Cloud' (Infrastructure/Facilities), while the CSC is the 'Security IN the Cloud' (Data/Encryption/Identity). - **Discovery URL**: https://bidda.com/api/v1/nodes/shared-responsibility-model.json ### SHRM (HR Competency) - **ID**: shrm-hr-competency - **Category**: Workplace - **BLUF**: The SHRM Body of Applied Skills and Knowledge (BASK) is the premier professional standard for the Human Resources (HR) globally. it specifies the '9 Behavioral Competencies' and the '14 HR Functional Areas' that the define the successful HR practice, ensuring the professionals integrate the 'Ethical Practice', 'Business Acumen', and the 'Critical Evaluation' into the organization's the talent strategy. - **Discovery URL**: https://bidda.com/api/v1/nodes/shrm-hr-competency.json ### Smart Container IoT Tracking - **ID**: smart-container-iot - **Category**: Logistics & Supply Chain - **BLUF**: Hardened tracking protocols for intelligent freight containers. - **Discovery URL**: https://bidda.com/api/v1/nodes/smart-container-iot.json ### Smart Contract Audit (SWC) - **ID**: smart-contract-audit-swc - **Category**: Legal & IP Sovereignty - **BLUF**: The Smart Contract Weakness Classification (SWC) Registry is the authoritative taxonomy of smart contract security vulnerabilities, maintained by the Ethereum security community and analogous to the CVE/CWE system for traditional software. It defines 37 weakness classes (SWC-100 through SWC-136) covering Solidity and EVM-specific vulnerabilities. Any smart contract deployed to a public blockchain handling real value must undergo a formal security audit mapping findings to SWC entries before deployment. The consequences of unaudited smart contracts include irreversible fund loss — the DAO hack ($60M, 2016), Parity multisig freeze ($150M, 2017), and Poly Network bridge exploit ($611M, 2021) all resulted from vulnerabilities catalogued in the SWC registry. - **Discovery URL**: https://bidda.com/api/v1/nodes/smart-contract-audit-swc.json ### SMPTE ST 2110 - **ID**: smpte-st-2110-media - **Category**: Creative, Content & Media IP - **BLUF**: The SMPTE ST 2110 (Professional Media Over Managed IP Networks) identifies the foundational technical standards for the uncompressed essence streaming. it specifies the mandatory the requirements for the 'System Timing' (ST 2110-10), the 'Uncompressed Video' (ST 2110-20), and the systematic synchronization of the audio and the 'Ancillary Data', ensuring the robust transition of the global broadcast the infrastructure from the 'SDI' to the 'High-Fidelity' logical IP fabric. - **Discovery URL**: https://bidda.com/api/v1/nodes/smpte-st-2110-media.json ### SOA Code of Conduct - **ID**: soa-code-conduct - **Category**: Legal & Professional - **BLUF**: Society of Actuaries standards for professional behavior and actuarial practice. - **Discovery URL**: https://bidda.com/api/v1/nodes/soa-code-conduct.json ### SOC 1 Type II (Finance) - **ID**: soc-1-type-2-finance - **Category**: Workplace - **BLUF**: The SOC 1 Type II (System and Organization Controls) report is the premier audit standard for the organizations managing the financial processes on the behalf of the users. it focuses specifically on the 'Internal Control Over Financial Reporting' (ICFR) and the 'Operating Effectiveness' of the controls over a the defined period (usually 6-12 months), providing the high-assurance to the auditors of the user entities. - **Discovery URL**: https://bidda.com/api/v1/nodes/soc-1-type-2-finance.json ### SOC 2 (Availability) - **ID**: soc2-availability-criteria - **Category**: Cloud & SaaS - **BLUF**: The SOC 2 Trust Services Criteria (TSC) for Availability focuses on whether the system is the available for the operation and the use as committed or the agreed. it provides a standardized audit framework for the assessing the cloud platform's the performance monitoring, the accessibility, and the infrastructure's the resilience to the failures. - **Discovery URL**: https://bidda.com/api/v1/nodes/soc2-availability-criteria.json ### SOC 2 (Confidentiality) - **ID**: soc2-confidentiality-crit - **Category**: Cloud & SaaS - **BLUF**: The SOC 2 Trust Services Criteria (TSC) for Confidentiality focuses on whether the information designated as confidential is the protected to the meeting the system's the objectives. it addresses the security of the sensitive business data (such as the trade secrets or the proprietary IP) from the unauthorized access and the disclosure, distinct from the PII (Privacy) criteria. - **Discovery URL**: https://bidda.com/api/v1/nodes/soc2-confidentiality-crit.json ### SOC 2 (Privacy Criteria) - **ID**: soc2-privacy-criteria - **Category**: Cloud & SaaS - **BLUF**: The SOC 2 Trust Services Criteria (TSC) for Privacy is the specialized audit framework for assessing how personal information is collected, used, retained, disclosed, and disposed of to meet the system's objectives. Based on the Generally Accepted Privacy Principles (GAPP), it provides a high-assurance baseline for the protection of Personally Identifiable Information (PII) in cloud and SaaS platforms. - **Discovery URL**: https://bidda.com/api/v1/nodes/soc2-privacy-criteria.json ### SOC 2 (Processing Integrity) - **ID**: soc2-processing-integrity - **Category**: Cloud & SaaS - **BLUF**: The SOC 2 Trust Services Criteria (TSC) for Processing Integrity focuses on whether the system processing is complete, valid, accurate, timely, and authorized to meet the system's objectives. it provides standardized audit criteria for assessing the integrity of the input, the logical the transformation, and the output of the financial, the health, or the other critical the transaction systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/soc2-processing-integrity.json ### SOC 2 Trust Services Criteria for AI Environments - **ID**: soc2-security-criterion - **Category**: Business Compliance & Governance - **BLUF**: SOC 2 (System and Organization Controls) Trust Services Criteria (TSC) for AI environments require rigorous mapping of security, availability, processing integrity, confidentiality, and privacy to the entire Machine Learning lifecycle. - **Discovery URL**: https://bidda.com/api/v1/nodes/soc2-security-criterion.json ### 100-Node Sovereignty Audit - **ID**: sovereign-final-audit - **Category**: AI Governance & Law - **BLUF**: The Bidda Sovereign Audit Protocol defines the ongoing integrity verification process for the 100-node intelligence registry. It specifies the procedures for batch hash verification, canonical source URL validation, registry-to-file synchronization checks, SDK compatibility testing, and the issuance of the Sovereign Seal — the attestation that all 100 nodes have been verified against their authoritative source standards, their integrity hashes are current, and the discovery layer (index.json, llms-full.txt, openapi.json) accurately reflects the registry state. This protocol must be executed before any new registry version is deployed to production and after any batch node update. AI agents querying the registry can use this node to understand the audit cycle and assess the freshness and integrity of the registry they are consuming. - **Discovery URL**: https://bidda.com/api/v1/nodes/sovereign-final-audit.json ### SOX IT Controls — Sarbanes-Oxley IT Compliance - **ID**: sox-it-controls - **Category**: Finance - **BLUF**: The Sarbanes-Oxley Act of 2002 (SOX) — enacted in response to Enron, WorldCom, and other financial scandals — imposes mandatory internal controls over financial reporting (ICFR) requirements on all US public companies (SEC registrants) and foreign private issuers listed on US exchanges. Section 302 requires the CEO and CFO to personally certify in each quarterly and annual filing that they have reviewed the report, it contains no material misstatements, and they have disclosed all significant deficiencies and material weaknesses in internal controls. Section 404(a) requires management's annual assessment of ICFR effectiveness as of fiscal year-end, with disclosure of any material weaknesses. Section 404(b) requires external auditor attestation for accelerated filers (>$75M public float). IT General Controls (ITGCs) are the foundational IT controls that support the reliability of financially significant systems and are subject to SOX testing. The four ITGC domains: (1) Logical Access Controls — who can access financially significant systems; (2) Change Management — how changes to financial systems are authorized and tested; (3) Computer Operations — batch job monitoring, backup, incident management; (4) System Development — SDLC controls for new implementations. The COSO Internal Control — Integrated Framework (2013) and COSO ERM framework are the primary control assessment frameworks referenced by external auditors. Material weaknesses are the highest severity — the auditor must issue an adverse opinion on ICFR effectiveness, severely damaging share price and regulatory standing. - **Discovery URL**: https://bidda.com/api/v1/nodes/sox-it-controls.json ### SQF Edition 9 (Safe Quality Food) - **ID**: sqf-edition-9-safety - **Category**: Food & Hospitality - **BLUF**: Global food safety and quality program for retailers and food service providers. - **Discovery URL**: https://bidda.com/api/v1/nodes/sqf-edition-9-safety.json ### SRA Code of Conduct (UK) - **ID**: sra-code-conduct-uk - **Category**: Legal & Professional - **BLUF**: Solicitors Regulation Authority standards for legal services in the UK. - **Discovery URL**: https://bidda.com/api/v1/nodes/sra-code-conduct-uk.json ### StateRAMP Authorization - **ID**: state-ramp-authorization - **Category**: Cloud & SaaS - **BLUF**: StateRAMP is a standardized approach to the security assessment, authorization, and the continuous monitoring for the cloud products and the services used by the state and the local governments (SLGs) in the U.S. it is the state-level equivalent of the FedRAMP, based on the NIST SP 800-53 Rev 5 Moderate/Low baselines, ensuring the vendor trust across the public sector. - **Discovery URL**: https://bidda.com/api/v1/nodes/state-ramp-authorization.json ### Bullwhip Effect Mitigation - **ID**: supply-chain-bullwhip - **Category**: Logistics & Supply Chain - **BLUF**: The Bullwhip Effect (Lee, Padmanabhan & Whang, 1997 — Sloan Management Review) describes the amplification of demand variability as orders propagate upstream in a supply chain — small fluctuations in retail demand become large oscillations in manufacturer and raw material orders. The four primary causes are demand signal processing (over-ordering based on forecasts), rationing game behavior (ordering more than needed when supply is scarce), order batching (periodic ordering creates demand spikes), and price variation (forward buying during promotions). Organizations with unmanaged bullwhip effects experience excess inventory, stockouts, poor customer service, and inflated supply chain costs. Mitigation requires demand signal transparency, collaborative forecasting, and ordering policy discipline across the entire supply chain. - **Discovery URL**: https://bidda.com/api/v1/nodes/supply-chain-bullwhip.json ### Incoterms 2020 Risk Allocation Matrix - **ID**: supply-chain-incoterms - **Category**: "Supply Chain & Logistics Basics" - **BLUF**: Standardized international trade terms defining the responsibilities, costs, and transfer of risk between sellers and buyers for the distribution of goods. - **Discovery URL**: https://bidda.com/api/v1/nodes/supply-chain-incoterms.json ### Supply Chain Risk Triage Protocol - **ID**: supply-chain-risk-triage - **Category**: Logistics & Supply Chain - **BLUF**: Rapid assessment logic for supply chain disruptions. - **Discovery URL**: https://bidda.com/api/v1/nodes/supply-chain-risk-triage.json ### Supply Chain Digital Twin Audit - **ID**: supply-chain-twin-fidelity - **Category**: Logistics & Supply Chain - **BLUF**: Validating the real-time accuracy of supply chain replicas. - **Discovery URL**: https://bidda.com/api/v1/nodes/supply-chain-twin-fidelity.json ### Support Hallucination Detection - **ID**: support-hallucination-check - **Category**: Workflow Automation - **BLUF**: LLM hallucination in customer support contexts — where AI agents generate plausible but factually incorrect answers about products, policies, pricing, or procedures — creates direct legal liability, customer trust erosion, and regulatory exposure under FTC advertising truthfulness standards and GDPR Article 22 (automated decision-making). Unlike general-purpose LLM hallucination, support hallucinations are particularly harmful because customers make financial and behavioral decisions based on them. A structured hallucination detection pipeline combining real-time Knowledge Base (KB) grounding, confidence scoring, cross-reference verification, and human escalation gates is required before any LLM-powered support agent is deployed in production for consequential interactions. - **Discovery URL**: https://bidda.com/api/v1/nodes/support-hallucination-check.json ### Sentiment-Based Escalation - **ID**: support-sentiment-escalation - **Category**: Workflow Automation - **BLUF**: Sentiment-based escalation is an AI support workflow control that monitors customer emotional state throughout an interaction and triggers escalation to a human agent when negative sentiment, frustration indicators, or distress signals exceed defined thresholds. Failure to escalate at the right moment is a primary driver of customer churn — Salesforce research (State of the Connected Customer 2023) reports that 71% of customers who had poor service experiences with AI bots did not receive timely human escalation. Escalation must be implemented not just as a binary trigger but as a tiered response protocol that transfers full interaction context, sentiment history, and urgency classification to the receiving human agent. - **Discovery URL**: https://bidda.com/api/v1/nodes/support-sentiment-escalation.json ### SWIFT CSP (Quality) - **ID**: swift-csp-quality - **Category**: Banking & Global Finance - **BLUF**: The SWIFT Customer Security Programme (CSP) is the mandatory security framework for all SWIFT users. It consists of the Customer Security Controls Framework (CSCF) with 32 controls (25 mandatory, 7 advisory) designed to secure the local infrastructure of SWIFT users and combat cyber-fraud in the global financial messaging community. - **Discovery URL**: https://bidda.com/api/v1/nodes/swift-csp-quality.json ### TAPA Trucking Security (TSR) - **ID**: tapa-tsr-2023 - **Category**: Logistics & Supply Chain - **BLUF**: The TAPA Trucking Security Requirements (TSR) is the leading global security standard for the transportation of high-value assets by road. It defines three levels of security (Level 1, 2, and 3) for vehicles and trailers, focusing on theft prevention, asset tracking, and driver security protocols. - **Discovery URL**: https://bidda.com/api/v1/nodes/tapa-tsr-2023.json ### TCFD Climate Disclosure - **ID**: tcfd-climate-disclosure - **Category**: Sustainability & ESG - **BLUF**: The Task Force on Climate-related Financial Disclosures (TCFD) provides a framework for companies to disclose climate-related risks and opportunities. It is built on four thematic areas: Governance, Strategy, Risk Management, and Metrics & Targets, ensuring transparent communication to investors about climate impact on financial value. - **Discovery URL**: https://bidda.com/api/v1/nodes/tcfd-climate-disclosure.json ### TCFD Climate Disclosure - **ID**: tcfd-climate-risk - **Category**: Sustainability & ESG - **BLUF**: The Task Force on Climate-related Financial Disclosures (TCFD) framework, published in 2017 and now consolidated into IFRS S2 (effective January 2024), defines the global standard for corporate disclosure of climate-related financial risks and opportunities. TCFD organizes disclosures across four pillars: Governance, Strategy, Risk Management, and Metrics & Targets. TCFD-aligned disclosure is now mandatory or expected by the SEC Climate Disclosure Rule (US), CSRD (EU), IFRS S2 (global ISSB adopters), and the FCA (UK). Investors managing over $150 trillion in assets have committed to TCFD-aligned reporting. Organizations that do not disclose face regulatory penalties, investor divestment, and credit rating downgrades as climate risk becomes a standard financial materiality assessment criterion. - **Discovery URL**: https://bidda.com/api/v1/nodes/tcfd-climate-risk.json ### TikTok Ads (Policies) - **ID**: tiktok-ads-policy-std - **Category**: Sales, Marketing & PR - **BLUF**: The TikTok Advertising Policies identify the foundational standards for the short-form video advertising. it specifies the mandatory the requirements for the 'User Safety' (Section 3), the 'Accurate Content' (Section 1), and the 'Brand Suitability' controls, ensuring the systematic prevention of the 'Harmful' or the 'Misleading' the regular social the commerce on the platform. - **Discovery URL**: https://bidda.com/api/v1/nodes/tiktok-ads-policy-std.json ### TISAX (Automotive Cyber) - **ID**: tisaq-auto-cyber - **Category**: Cloud & SaaS - **BLUF**: TISAX (Trusted Information Security Assessment Exchange) is the definitive maturity-based security standard for the global automotive industry. Based on the VDA Information Security Assessment (ISA), it provides a unified mechanism for the mutual recognition of the security assessments among the automotive the value chain, specifically covering the 'Information Security', 'Prototype Protection', and the 'Data Protection'. - **Discovery URL**: https://bidda.com/api/v1/nodes/tisaq-auto-cyber.json ### TNFD Nature Disclosure - **ID**: tnfd-nature-disclosure - **Category**: "Sustainability & ESG" - **BLUF**: A standard for assessing and disclosing nature-related risks and opportunities, applying the biodiversity equivalent of climate-risk standards. - **Discovery URL**: https://bidda.com/api/v1/nodes/tnfd-nature-disclosure.json ### Tourism Disaster Resilience - **ID**: tourism-disaster-resilience - **Category**: Food & Hospitality - **BLUF**: Framework for disaster risk reduction and resilience in tourism destinations. - **Discovery URL**: https://bidda.com/api/v1/nodes/tourism-disaster-resilience.json ### UK Bribery Act 2010 - **ID**: uk-bribery-act-2010 - **Category**: Legal & IP Sovereignty - **BLUF**: The UK Bribery Act 2010 is one of the strictest anti-corruption laws in the world. It prohibits bribing, being bribed, and bribing foreign officials. Critically, it introduces a strict liability offense for commercial organizations that fail to prevent bribery (Section 7), with a defense available if 'Adequate Procedures' are in place. - **Discovery URL**: https://bidda.com/api/v1/nodes/uk-bribery-act-2010.json ### UK Strategic Export Control - **ID**: uk-strategic-export-control - **Category**: Aviation, Defense & Quantum - **BLUF**: The UK Strategic Export Control regime (Export Control Act 2002) is the primary regulation for the export of military and dual-use technology from the United Kingdom. It is managed by the Export Control Joint Unit (ECJU) and utilizes the Consolidated List to determine licensing requirements for international trade and defense cooperation. - **Discovery URL**: https://bidda.com/api/v1/nodes/uk-strategic-export-control.json ### UN Guiding Principles (BHR) - **ID**: un-guiding-principles-business-hr - **Category**: Legal & IP Sovereignty - **BLUF**: The United Nations Guiding Principles on Business and Human Rights (UNGP or 'Ruggie Principles') are the authoritative global standard for preventing and addressing the risk of adverse human rights impacts linked to business activity. Built on the 'Protect, Respect, and Remedy' framework, they provide actionable principles for both States and corporations. - **Discovery URL**: https://bidda.com/api/v1/nodes/un-guiding-principles-business-hr.json ### UN Principles for Responsible Invest - **ID**: un-pri-investment - **Category**: Sustainability & ESG - **BLUF**: Voluntary set of investment principles for incorporating ESG issues. - **Discovery URL**: https://bidda.com/api/v1/nodes/un-pri-investment.json ### UN SDG Strategic Alignment - **ID**: un-sdg-alignment - **Category**: Sustainability & ESG - **BLUF**: The UN Sustainable Development Goals (SDGs) are a set of 17 interconnected global goals adopted by all 193 UN member states in 2015 as part of the 2030 Agenda for Sustainable Development. Each goal contains specific targets (169 total) measured by 231 unique indicators. For organizations, SDG alignment is not mandatory but is increasingly required by institutional investors (PRI signatories managing >$120 trillion in AUM), procurement frameworks (EU public procurement), and supply chain ESG due diligence requirements (CSDDD). The critical distinction is between SDG washing (claiming alignment without evidence) and genuine SDG integration (mapping business activities to specific SDG targets with quantified impact metrics, verified by GRI, SASB, or SDGD Recommendations). - **Discovery URL**: https://bidda.com/api/v1/nodes/un-sdg-alignment.json ### UN SDG Corporate Mapping - **ID**: un-sdg-corporate-mapping - **Category**: Legal & IP Sovereignty - **BLUF**: The UN SDG Corporate Mapping framework aligns corporate activities and ESG reporting with the 17 United Nations Sustainable Development Goals (SDGs). it focuses on SDGs 8 (Decent Work), 12 (Responsible Consumption & Production), and 16 (Peace, Justice and Strong Institutions) as the primary pillars for ethical governance and sustainable business practice. - **Discovery URL**: https://bidda.com/api/v1/nodes/un-sdg-corporate-mapping.json ### UNCITRAL Model Law (Arbitration) - **ID**: uncitral-model-law-arbitration - **Category**: Legal & IP Sovereignty - **BLUF**: The UNCITRAL Model Law on International Commercial Arbitration (1985, amended 2006) is the global standard for the legislative framework of international arbitration. It is designed to assist States in reforming and modernizing their laws on arbitral procedure so as to take into account the particular features and needs of international commercial arbitration. - **Discovery URL**: https://bidda.com/api/v1/nodes/uncitral-model-law-arbitration.json ### UNESCO (AI Ethics - Work) - **ID**: unesco-ai-ethics-work - **Category**: Workplace - **BLUF**: The UNESCO Recommendation on the Ethics of Artificial Intelligence (2021) is the world's the first the global standard for the ethical AI development. it provides a comprehensive framework for the 'Economy and the Labor' (Section 4.5), focusing on the protection of the worker rights, the reskilling, and the mitigation of the job displacement caused by the automation and the agentic the AI systems. - **Discovery URL**: https://bidda.com/api/v1/nodes/unesco-ai-ethics-work.json ### UNESCO Cultural Diversity - **ID**: unesco-cultural-diversity - **Category**: Creative, Content & Media IP - **BLUF**: The UNESCO Convention on the Protection and Promotion of the Diversity of Cultural Expressions (2005) identifies the foundational international standards for the cultural sovereignty. it specifies the mandatory 'Sovereign Right' of the states to the adopt the 'Policies' (Article 5) and the 'Equitable Access' (Article 12), ensuring the robust protection of the unique cultural identities from the systematic homogenization or the 'Digital Colonialism'. - **Discovery URL**: https://bidda.com/api/v1/nodes/unesco-cultural-diversity.json ### UNESCO Ethics of AI - **ID**: unesco-ethics-ai - **Category**: AI Governance & Law - **BLUF**: Global standard-setting instrument on the ethics of artificial intelligence. - **Discovery URL**: https://bidda.com/api/v1/nodes/unesco-ethics-ai.json ### USTOA Tour Operator Integrity - **ID**: ustoa-tour-integrity - **Category**: Food & Hospitality - **BLUF**: Integrity and ethics standards for tour operators and travel agents. - **Discovery URL**: https://bidda.com/api/v1/nodes/ustoa-tour-integrity.json ### Verra VCS Carbon Verification - **ID**: verra-vcs-verification - **Category**: Sustainability & ESG - **BLUF**: Verified Carbon Standard for greenhouse gas emission reductions. - **Discovery URL**: https://bidda.com/api/v1/nodes/verra-vcs-verification.json ### W3C Topics API - **ID**: w3c-ads-topics-api - **Category**: Sales, Marketing & PR - **BLUF**: The W3C Topics API (part of the Google Privacy Sandbox) identifies the foundational standards for the interest-based advertising without the cross-site tracking. it specifies the mandatory the 'Topics' calculation (e.g., /Fitness, /Travel) based on the browsing history within a the '7-Day Epoch', ensuring the relevance of the ads is the preserved while the strictly protecting the user the's persistent identity. - **Discovery URL**: https://bidda.com/api/v1/nodes/w3c-ads-topics-api.json ### W3C Attribution (Ad-Tech) - **ID**: w3c-attribution-reporting - **Category**: Sales, Marketing & PR - **BLUF**: The W3C Attribution Reporting API identifies the foundational standards for the conversion tracking without the third-party cookies. it specifies the mandatory the technical framework for the 'Source' (Ad Click/View) and the 'Trigger' (Conversion) registration, ensuring the measurement of the ad effectiveness is the preserved while the strictly protecting the user the's persistent the digital identity. - **Discovery URL**: https://bidda.com/api/v1/nodes/w3c-attribution-reporting.json ### W3C Private Aggregation - **ID**: w3c-private-aggregation - **Category**: Sales, Marketing & PR - **BLUF**: The W3C Private Aggregation API identifies the foundational standards for the cross-site data measurement without the individual tracking. it specifies the mandatory the framework for the 'Shared Storage' and the 'Protected Audience' integration, ensuring the measurement of the reach and the frequency is the preserved while the strictly protecting the user the's persistent the digital identity through the 'Noise' injection and the common 'Aggregation Service'. - **Discovery URL**: https://bidda.com/api/v1/nodes/w3c-private-aggregation.json ### Warehouse Management (WMS) Logic - **ID**: warehouse-wms-optimization - **Category**: Logistics & Supply Chain - **BLUF**: Deterministic logic for inventory slotting and order picking optimization. - **Discovery URL**: https://bidda.com/api/v1/nodes/warehouse-wms-optimization.json ### WCO SAFE Framework - **ID**: wco-safe-framework - **Category**: Logistics & Supply Chain - **BLUF**: The SAFE Framework of Standards to Secure and Facilitate Global Trade (SAFE Framework) provides a global standard for supply chain security and trade facilitation, built on three pillars: Customs-to-Customs, Customs-to-Business, and Customs-to-other-Government-Agencies. It is the foundation for the Authorized Economic Operator (AEO) concept. - **Discovery URL**: https://bidda.com/api/v1/nodes/wco-safe-framework.json ### WEEE: Electronic Waste Recovery - **ID**: weee-electronic-waste - **Category**: Sustainability & ESG - **BLUF**: Waste Electrical and Electronic Equipment directive for recycling. - **Discovery URL**: https://bidda.com/api/v1/nodes/weee-electronic-waste.json ### WIPO Copyright Treaty - **ID**: wipo-copyright-treaty - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Copyright Treaty (WCT) (1996) is the foundational 'Internet Treaty' that the extends the Berne Convention to the digital age. it specifies the mandatory the requirements for the 'Computer Programs and the Databases' (Articles 4 & 5), the 'Right of the Communication to the Public' (Article 8), and the systematic protection of the 'Technological Protection Measures' (TPMs) (Article 11) and the 'Rights Management Information' (RMI) (Article 12). - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-copyright-treaty.json ### WIPO Domain (UDRP) - **ID**: wipo-domain-dispute-udrp - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Uniform Domain Name Dispute Resolution Policy (UDRP) identifies the foundational international standards for the resolution of the 'Cybersquatting' disputes. it specifies the mandatory the requirements for THE 'Three-Part Test' (Rule 4.a): 'Identical/Confusingly Similar', the 'No Legitimate Interest', and the 'Registration in the Bad Faith' (Rule 4.b), ensuring the robust protection of the 'Brand Sovereignty' from the unfair the domain the acquisition across the global top-level domains (gTLDs). - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-domain-dispute-udrp.json ### WIPO Hague System (Designs) - **ID**: wipo-hague-design-system - **Category**: Legal & IP Sovereignty - **BLUF**: The Hague System (administered by WIPO) allows for the international registration of industrial designs through a single application. It covers up to 100 industrial design-active countries, providing a cost-effective and simplified process for designers to protect their visual innovation across multiple jurisdictions simultaneously. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-hague-design-system.json ### WIPO Industrial Designs - **ID**: wipo-industrial-designs - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Industrial Design Standards (ST.80 / Locarno Classification) identify the foundational international protocols for the visual design protection. it specifies the mandatory the requirements for the 'Numerical Indicators' (ST.80) and the 'Locarno Classification' (Section 3), ensuring the robust global the interoperability of the design registries and the'Verified' the identification of the 'Shape, the Surface, and the Ornament' of the original products. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-industrial-designs.json ### WIPO Madrid System (Trademarks) - **ID**: wipo-madrid-trademark-system - **Category**: Legal & IP Sovereignty - **BLUF**: The Madrid System (administered by WIPO) is a centrally-managed international trademark registration system. It allows trademark owners to protect their brand in up to 130 countries through a single application, in one language, and by paying a single set of fees, simplifying the process of obtaining and managing international trademark rights. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-madrid-trademark-system.json ### WIPO Patent (PCT) - **ID**: wipo-patent-cooperation-pct - **Category**: Creative, Content & Media IP - **BLUF**: The Patent Cooperation Treaty (PCT) identifies the foundational international standards for the unified patent filing. it specifies the mandatory the requirements for the 'International Application' (Article 11), the 'International Search' (Article 15), and the systematic transition to the 'National Phase' (Article 22), ensuring the robust invention sovereignty and the efficient global protection for the innovators across the 150+ member the jurisdictions. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-patent-cooperation-pct.json ### WIPO PCT (International Patents) - **ID**: wipo-pct-international-patent - **Category**: Legal & IP Sovereignty - **BLUF**: The Patent Cooperation Treaty (PCT) is an international treaty administered by WIPO. It provides a unified procedure for filing patent applications to protect inventions in each of its contracting states. A single 'international' patent application has the same effect as national applications filed in the designated countries. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-pct-international-patent.json ### WIPO PCT (Patent Rules) - **ID**: wipo-pct-patent-rules - **Category**: Legal & Professional - **BLUF**: Patent Cooperation Treaty rules for international patent applications. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-pct-patent-rules.json ### WIPO WPPT (Performances) - **ID**: wipo-performances-phonograms - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Performances and Phonograms Treaty (WPPT) (1996) identifies the foundational international standards for the modern music and the audiovisual performances. it specifies the mandatory 'Moral Rights' for the performers (Article 5) and the 'Exclusive Rights' for the reproduction and the digital communication to the public (Article 15), ensuring the performers and the phonogram producers the protect the their the'Soul and the Sound' in the global markets. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-performances-phonograms.json ### WIPO Trade Secrets - **ID**: wipo-trade-secret-stds - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Trade Secret Standards (primarily based on the TRIPS Agreement Article 39) identify the foundational international standards for the protection of the 'Undisclosed Information'. it specifies the mandatory the requirements for the 'Secret' status, the 'Commercial Value' (Article 39.2.a), and the systematic implementation of the 'Reasonable Steps' (Article 39.2.b) to the maintain the secrecy, ensuring the organizational the 'Know-how' is the legally protected from the unfair the acquisition or the 'Misappropriation'. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-trade-secret-stds.json ### WIPO Trademark Stds - **ID**: wipo-trademark-stds - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Trademark Standards (ST.60 / ST.66) identify the foundational international technical protocols for the trademark data exchange. it specifies the mandatory the requirements for the 'Numerical Indicators' (ST.60), the 'XML Schema' for the 'Electronic Exchange' (ST.66), and the systematic classification of the goods and the services (Nice Classification), ensuring the global interoperability of the brand registries and the 'Verified' the search and the discovery of the trademarks. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-trademark-stds.json ### WIPO Traditional Knowledge - **ID**: wipo-traditional-knowledge - **Category**: Creative, Content & Media IP - **BLUF**: The WIPO Traditional Knowledge (TK) and Traditional Cultural Expressions (TCEs) standards identify the foundational international standards for the indigenous and the tribal sovereignty. it specifies the mandatory the requirements for the 'Prior Informed Consent' (PIC), the 'Moral and the Economic Rights' (Article 5), and the systematic prevention of the 'Misappropriation' from the global commercial entities, ensuring the robust protection of the unique the heritage and the 'Bio-diversity' knowledge. - **Discovery URL**: https://bidda.com/api/v1/nodes/wipo-traditional-knowledge.json ### Wolfsberg Principles (KYC) - **ID**: wolfsberg-corresp-bank - **Category**: Banking & Global Finance - **BLUF**: The Wolfsberg Anti-Money Laundering (AML) Principles for Correspondent Banking (2022) provide a global standard for the risk-based identification and assessment of correspondent banking clients. it is designed to prevent the misuse of the international financial system by ensuring that banks implement robust due diligence on their respondent institutions. - **Discovery URL**: https://bidda.com/api/v1/nodes/wolfsberg-corresp-bank.json