# HAL Audit Checklist

> A reviewer-ready checklist across all eight HAL domains. Suitable for internal
> assurance or external audit. Score each domain 0–5; total is the HAL Score / 40.

**System:** ___________________   **Auditor:** ___________________   **Date:** ___________

## 01 · Ownership  (score __ / 5)
- [ ] A single named individual is accountable, with a deputy
- [ ] The owner can suspend the system immediately (kill-switch tested)
- [ ] The owner formally accepted the delegated authority

## 02 · Authority  (score __ / 5)
- [ ] Authority is an explicit allow-list of actions
- [ ] Authority is enforced in code, not only in a prompt
- [ ] Quantitative bounds (value, volume, recipients) are enforced

## 03 · Limits  (score __ / 5)
- [ ] Prohibited actions are explicitly defined
- [ ] Reaching a limit stops the action and alerts a human
- [ ] Limits have been tested adversarially

## 04 · Escalation  (score __ / 5)
- [ ] Triggers for uncertainty, novelty, and high stakes are defined
- [ ] Each escalation routes to a named role with an SLA
- [ ] The affected action pauses while awaiting a human

## 05 · Evidence  (score __ / 5)
- [ ] Any decision can be reconstructed (inputs, reasoning, versions, authority)
- [ ] Records are immutable and time-stamped
- [ ] Human touchpoints are captured and attributable

## 06 · Monitoring  (score __ / 5)
- [ ] Health metrics (error, escalation, confidence, drift) tracked live
- [ ] Alert thresholds page the named owner
- [ ] Monitoring can auto-pause on severe anomalies

## 07 · Review  (score __ / 5)
- [ ] A review date and owner are scheduled
- [ ] Review re-tests the original justification for authority
- [ ] Review can re-scope, re-approve, or retire the system

## 08 · Liability  (score __ / 5)
- [ ] Actions that create legal/financial obligations are documented
- [ ] Vendor/customer contracts address autonomous actions
- [ ] Insurance and disclosure obligations are confirmed

---
**Total HAL Score: ____ / 40**   Band: ☐ Unclear (0–8) ☐ Experimental (9–16) ☐ Managed (17–24) ☐ Governed (25–32) ☐ Accountable (33–40)

Part of the HAL Governance Toolkit. hal.orchestrate.legal