A proof surface for how IBM watsonx deployments get governed: machine-readable capability and regulatory-class declarations, signed-JWT identity propagation, read-only connector posture, and append-only control evidence a procurement team can verify themselves.
Every claim points to a real artifact you can open. Where a control is specced but not yet shipped, it says so — no surface here pretends to be further along than it is.
Governance posture is only worth what a procurement team can independently confirm. Where the validator is live, a buyer fetches the declaration and walks the hash-chained audit trail themselves — capability, classification, and control evidence, machine-readable and self-checking.