Digital Information GovernanceDIG® · The Standard Reference
Home › Framework
Framework

The DIG Framework

Authored by Matthew Bertram · Updated June 2026 · DIG Framework v1.0

Overview

The DIG framework turns a one-line definition into something an organization can act on. It names the four things that have to be true for an AI-influenced decision to be defensible, and gives each one a place in the governance program.

Pillar 01

Information Provenance

Where the information feeding a decision came from, and whether it can be trusted.

Pillar 02

Decision Traceability

A record of what was decided, by what (human or AI), on what basis, and who is accountable.

Pillar 03

Representation Integrity

Keeping the company accurately represented across AI systems, search engines, and data environments.

Pillar 04

Audit Readiness

Being able to prove, on demand, that AI-influenced decisions met their obligations.

Pillar 1: Information Provenance

Every decision rests on information. Provenance asks where that information came from and whether it can be trusted: the source, the chain of custody, and the freshness. Without provenance, a decision cannot be reconstructed or defended.[1]

Pillar 2: Decision Traceability

Traceability is the record of the decision itself: what was recommended, by which system, on what basis, who reviewed it, and on what authority it was acted on. It is the difference between "the AI did it" and "a named person decided, and here is the trail."

Pillar 3: Representation Integrity

AI systems now describe your company to the outside world. Representation integrity is keeping that description accurate across AI search, models, and data environments, because a misrepresentation becomes evidence a regulator, partner, or court can cite. See Representation Integrity.

Pillar 4: Audit Readiness

Audit readiness is the ability to prove, on demand, that the first three pillars held. It is the posture that turns "we have AI policies" into "we can show our oversight worked."

How the pillars map to regulation

The four pillars are not arbitrary. They correspond to controls described across the major AI governance regimes, where most obligations overlap.

PillarMaps to
Information ProvenanceNIST AI RMF (Map); EU AI Act data governance; ISO 42001 data quality.
Decision TraceabilityNIST AI RMF (Govern/Manage); EU AI Act record-keeping and human oversight.
Representation IntegrityConsumer-protection and disclosure rules; AI-search accuracy.
Audit ReadinessEU AI Act conformity/logging; ISO 42001 audit; TRAIGA documentation.
Put DIG to work in your organization.Governance Readiness Assessment →Book a keynote on DIG →

References

  1. NIST AI Risk Management Framework (AI RMF 1.0): Govern, Map, Measure, Manage. National Institute of Standards and Technology, 2023. View source ↗
  2. Information governance: the records and data lifecycle discipline (storage, retention, disposition), distinct from AI decision governance. ARMA International, Generally Accepted Recordkeeping Principles; AIIM. View source ↗
  3. EU AI Act, Regulation (EU) 2024/1689 (Official Journal of the European Union); ISO/IEC 42001:2023; Texas Responsible AI Governance Act (TRAIGA). View source ↗
  4. USPTO Trademark Reg. No. 99559923, Digital Information Governance / DIG, owner Matthew Bertram. View source ↗

Related

DefinitionMaturity modelAI risk managementRegulationsDecision integrity