GOPAL is a collection of Open Policy Agent (OPA) policies designed for evaluating AI systems against regulatory requirements, compliance standards, and operational criteria. It serves as the policy engine for AICertify but can also be used independently with other OPA-based systems.
gopal/
├── global/ # Global policies applicable across all domains
│ ├── v1/ # Version 1 of global policies
│ └── library/ # Reusable policy components
├── international/ # International regulatory frameworks
│ ├── eu_ai_act/ # European Union AI Act
│ ├── india/ # Indian AI regulatory frameworks
│ └── nist/ # NIST AI standards
├── industry_specific/ # Industry-specific requirements
│ ├── bfs/ # Banking & Financial Services
│ ├── healthcare/ # Healthcare industry
│ └── automotive/ # Automotive industry
├── operational/ # Operational policies
│ ├── aiops/ # AI Operations policies
│ ├── cost/ # Cost management policies
│ └── corporate/ # Corporate internal policies
├── custom/ # Custom policy categories
└── helper_functions/ # Shared utility functions for policies
Policies are organized in a modular structure to allow for clear separation of concerns and flexible composition:
- Global Policies: Baseline requirements applicable to all AI systems
- International Policies: Requirements from specific regulatory frameworks
- Industry-Specific Policies: Requirements specific to industry verticals
- Operational Policies: Requirements related to operational aspects
- Custom Policies: User-defined policy categories
Each policy category uses versioned directories (e.g., v1/) to support evolution while maintaining backward compatibility. When referencing policies:
- Use specific versions when policy stability is required
- Use the latest version when up-to-date compliance is more important
Gopal is designed to work seamlessly with AICertify, a framework for systematically evaluating AI systems against regulatory requirements. When used with AICertify, Gopal provides the policy rules that determine compliance status.
Gopal can also be used independently with any OPA-compatible system. The policies follow standard OPA patterns and can be evaluated using the OPA CLI or API.
This repository includes pre-commit hooks to ensure code quality. The hooks run:
- Basic file checks (trailing whitespace, end-of-file, etc.)
- OPA check (
opa check .) - Regal lint (
regal lint .)
To use the pre-commit hooks locally, install pre-commit, OPA, and Regal, then run:
# Install pre-commit
pip install pre-commit
# Install OPA
curl -L -o opa https://openpolicyagent.org/downloads/latest/opa_linux_amd64
chmod 755 opa
sudo mv opa /usr/local/bin/
# Install Regal
curl -L -o regal https://github.com/StyraInc/regal/releases/latest/download/regal_Linux_x86_64
chmod +x regal
sudo mv regal /usr/local/bin/
# Install the pre-commit hooks
pre-commit install- Open Policy Agent (OPA) - The policy engine that powers GOPAL
- Regal - A linter for Rego, the policy language used by OPA
- AICertify - A framework for systematically evaluating AI systems against regulatory requirements
This project is licensed under the Apache 2.0 License.