PAI
Production AI Institute
CertificationsResearchGet Certified
HomeThe Standard
PSF v1.0 · Published 2024

The Production Safety Framework

The PSF defines the domains of practice a production AI deployment must address to be considered safe, responsible, and professionally maintainable. It is model-agnostic, cloud-agnostic, and applies to any organisation deploying AI in a production environment — regardless of which models, platforms, or vendors they use.

Read the eight domainsHow to cite the PSFVersion history

Why this standard exists

Every major cloud platform offers certifications that teach their platform. AWS certifications test AWS. Google certifications test Google Cloud. Azure certifications test Azure. None of them tests whether a practitioner understands how to deploy AI safely when the underlying model changes, when the vendor's service goes down, or when the use case involves personal data they were not designed to handle.

Production AI deployment is a discipline — not a vendor configuration exercise. The same principles of safe human oversight, output validation, data governance, and incident response apply whether you are running GPT-4o through OpenAI's API, Claude through AWS Bedrock, Llama on your own infrastructure, or Qwen through a European hosting provider.

The Production Safety Framework was developed to fill this gap. It describes the eight domains of practice that any serious production AI deployment should address, in terms that are independent of any specific vendor, platform, or model family.

The framework is published openly and free to reference. PAI certification tests mastery of the PSF — not familiarity with any vendor's product.

Framework Domains

Eight domains of production AI practice

Each domain is covered in the AIDA examination. Domains 01 through 07 are assessed in CPAP portfolio submissions. All eight are required for CPAA.

DOMAIN 01

Data Governance & PII

Personal data handling, consent chains, and tokenisation before inference.

  • Classification of data types processed by AI systems
  • Consent chain documentation for training and inference data
  • PII identification, redaction, and tokenisation before model input
  • Data residency requirements and cross-border transfer controls
  • Retention and deletion obligations for AI-processed data
DOMAIN 02

Model Selection & Evaluation

Benchmark methodology, capability assessment, and fitness-for-purpose validation.

  • Documented evaluation methodology for model selection decisions
  • Capability assessment against task-specific requirements
  • Benchmark reproducibility and comparability standards
  • Bias and fairness evaluation before production deployment
  • Ongoing re-evaluation triggers as models are updated by providers
DOMAIN 03

Production Architecture

Model-agnostic design patterns, abstraction layers, and vendor portability.

  • Abstraction layer design that decouples application logic from model providers
  • Documented model switching procedure with tested fallback paths
  • API contract versioning and backward compatibility requirements
  • Latency, throughput, and cost budgeting in architecture design
  • Dependency mapping for all third-party model and inference services
DOMAIN 04

Guardrails & Output Validation

Pre- and post-inference filtering, structured output contracts, and rejection handling.

  • Input sanitisation and prompt injection defence
  • Output schema validation before downstream consumption
  • Content policy enforcement at inference boundaries
  • Rejection handling — graceful degradation when output fails validation
  • Audit logging of all guardrail interventions
DOMAIN 05

Human Oversight

Escalation design and human-in-the-loop checkpoints for high-stakes decisions.

  • Risk classification of AI-assisted decisions by consequence severity
  • Human checkpoint design for decisions above defined risk thresholds
  • Escalation path documentation and assignment of human reviewers
  • Time constraints on human review steps to prevent queue abandonment
  • Override and veto mechanisms at every automated decision point
DOMAIN 06

Observability & Monitoring

Inference logging, drift detection, quality scoring, and alert thresholds.

  • Structured logging of all inference requests and responses
  • Quality scoring pipeline with defined thresholds and alert conditions
  • Model output drift detection and statistical monitoring
  • Cost and latency dashboards with anomaly alerting
  • Log retention, access controls, and data sovereignty for inference logs
DOMAIN 07

Incident Response

Rollback procedures, failure modes, and post-incident review standards.

  • Documented failure mode catalogue for each AI component
  • Circuit breaker patterns and automated degradation triggers
  • Rollback procedure with tested recovery time objectives
  • Incident classification severity levels specific to AI behaviour
  • Post-incident review process with root cause and PSF gap analysis
DOMAIN 08

Ethics & Accountability

Bias assessment, documentation obligations, and accountability chain design.

  • Accountability chain: named owners for each AI system in production
  • Pre-deployment ethics assessment for high-impact use cases
  • Ongoing bias monitoring with defined acceptable variance thresholds
  • User disclosure requirements — when and how to disclose AI involvement
  • Regulatory compliance mapping (GDPR, EU AI Act, sector-specific obligations)

How the PSF is used

Practitioners
Use the PSF as a self-assessment checklist before and after deploying AI systems. The AIDA examination tests PSF knowledge. CPAP portfolio submissions are assessed against PSF criteria.
Organisations
Reference the PSF in procurement specifications and job descriptions to define what 'production-ready AI' means in their context. CAI-certified organisations have demonstrated PSF alignment in their delivery methodology.
Hiring teams
Use AIDA certification as a baseline signal that a candidate understands production AI safety across all eight domains — not just the vendor platforms they've previously used.
Researchers and policy-makers
Cite the PSF as a practitioner-developed reference for what production AI governance looks like in practice. The framework is referenced in PAI research on the EU AI Act.

Licensing and citation

The Production Safety Framework is published under the Creative Commons Attribution 4.0 International (CC BY 4.0) licence. You may freely share, adapt, and build on the framework for any purpose, including commercial use, provided you attribute the Production AI Institute.

If you are referencing the PSF in a job description, procurement document, research paper, or internal policy, see our citation guidance for the recommended attribution format.

Recommended short citation
Production AI Institute. (2024). Production Safety Framework v1.0. productionai.institute/standard
Full citation guidance (APA, IEEE, BibTeX) →Version history and changelog →

The framework and the certification are distinct

The Production Safety Framework is a published standard — open, freely available, and not owned by any commercial product. PAI certifications are assessments that verify an individual's or organisation's mastery of and compliance with the PSF. You do not need to be certified to use or reference the framework. Certification is how you demonstrate publicly that you meet it.

AIDA Examination

Tests knowledge across all eight PSF domains. 20 questions. Offered at no charge.

Learn more →
CPAP Review

Assesses a real production deployment against PSF criteria. Portfolio submission + expert review.

Learn more →
CPAA Panel

The most rigorous individual assessment. Portfolio plus structured panel interview.

Learn more →