Corpy & Co., which aims to realize mission-critical AI, has released the results of the NEDO project 'Project for Promoting R&D and Verification for Strengthening AI Safety / R&D for Strengthening AI Safety'.
株式会社コーピーは、東京大学・フランス国立情報学自動制御研究所(Inria)発のAIスタートアップです。同社は国立研究開発法人新エネルギー・産業技術総合開発機構(NEDO)の事業「AIセーフティ強化に関する研究開発・検証等の推進事業/AIセーフティ強化に関する研究開発」において、2025年4月から2026年3月の期間で取り組んだ成果を公開しました。この成果は、生成AIの安全性評価における企業向け実装解説の作成を目的としており、ISO/IEC 42001に整合した評価プロトコルとテンプレートを含みます。
📋 Article Processing Timeline
- 📰 Published: April 9, 2026 at 22:00
- 🔍 Collected: April 9, 2026 at 13:30
- 🤖 AI Analyzed: April 18, 2026 at 13:21 (215h 50m after Collected)
Corpy & Co., Inc. (Headquarters: Chiyoda-ku, Tokyo, CEO: Kohei Yamamoto; hereinafter "Corpy"), an AI startup spun out of the University of Tokyo and Inria (French National Institute for Research in Digital Science and Technology) that supports the realization of mission-critical AI with XAI & QAAI technologies, is pleased to announce the release of its research and development results. These results are from the project "Research and Development on Strengthening AI Safety / Promotion of Research, Development, and Verification for Strengthening AI Safety" by the New Energy and Industrial Technology Development Organization (NEDO), specifically focusing on "Creation of an Implementation Guide for Enterprises from the Perspective of Operational Planning and Management" in the safety evaluation of generative AI, an initiative that commenced in April 2025.
**Background of this initiative: Urgent need to ensure generative AI safety and respond to international standards**
With the rapid spread of generative AI, safety-related risks such as hallucinations (output that differs from facts), prompt injection (malfunctions due to malicious input), and the generation of harmful content have become significant societal challenges. International movements for AI regulation are accelerating, with the EU AI Act being gradually enforced in Europe. In Japan, there is a strong demand for companies to establish systems for systematically managing and evaluating AI safety.
In this context, ISO/IEC 42001, an international standard for AI management systems, provides a framework for organizations to address AI risks. However, this standard does not specify concrete safety evaluation methods or criteria, leaving it up to each organization to determine "what to evaluate and in what order."
**Overview and Achievements of Research and Development**
In this project, Corpy aimed to bridge the practical "gap" between the requirements of ISO/IEC 42001 and the practice of generative AI safety evaluation, and developed the following deliverables:
Deliverable ①: Report "Generative AI Safety Evaluation Protocol Based on AI Management System and its Implementation Guide"
This is an implementation guide that systematizes a generative AI safety evaluation protocol, aligned with ISO/IEC 42001, into three phases (Analysis, Testing, Reporting). It organizes the series of processes from risk assessment to test plan formulation, evaluation execution, and report creation, making it easy for practitioners to grasp concretely. Using a virtual customer support system with a vision-language model (*1) as an example, it also presents specific evaluation cases such as integrated testing (*3) for jailbreak attacks (*2) and unit testing (*5) for data poisoning detection (*4).
Furthermore, it raises issues and provides examples for important practical concepts such as "access" and "agency" (*6) in risk assessment, "exposure mapping" (*8) when using LLM-as-a-Judge (*7) for safety evaluation, and "chain of trust" (*9) in supply chain management.
Deliverable ②: Generative AI Safety Evaluation Template (with examples)
This is a recording template corresponding to each step of the evaluation protocol. It covers all processes, from business situation analysis, stakeholder analysis, and system structure analysis to risk assessment, risk response plans, statement of applicability, test plans, test methods, and resources used for testing.
Assuming a virtual chatbot system, specific examples are provided, which can be used as a reference for companies when applying it to their own AI systems.
**Features of the Deliverables**
The main features of these deliverables are as follows:
* **Consistency with ISO/IEC 42001:** Clearly outlines the process from the requirements of the AI management system standard to its application in generative AI safety evaluation.
* **Three-phase systematic evaluation protocol:** Clear steps of Analysis (PA) → Testing (PB) → Reporting (PC).
* **Practical evaluation examples:** Presents concrete test scenarios using vision-language models.
* **Templates:** Recording formats that can be used in conjunction with the evaluation protocol.
**Publication of Deliverables**
Deliverables ① and ② can be downloaded from the following link:
https://corpy.app.box.com/s/fijqk4vu4nawvl15mxyt809xh3sp3jkq
* ① Report (Japanese version, PDF format)
* ② Evaluation Template (with examples, XLSX format)
*The deliverables are scheduled to be released under the Creative Commons Attribution 4.0 International (CC BY 4.0) license after the determination of copyright ownership.
**Future Outlook**
Corpy will leverage the knowledge gained from this project to continue contributing to the international standardization and social implementation of AI safety evaluation technology. By promoting approaches compliant with AI management system standards, including ISO/IEC 42001, and supporting the creation of an environment where companies can utilize AI with confidence, we will accelerate the realization of "mission-critical AI."
**About this Project**
Project Name: Research and Development on Strengthening AI Safety / Promotion of Research, Development, and Verification for Strengthening AI Safety
Project Executor: New Energy and Industrial Technology Development Organization (NEDO)
Implementation Structure: National Institute of Advanced Industrial Science and Technology (AIST), Citadel AI Inc., Corpy & Co., Inc.
Corpy's 담당 theme (Assigned Theme): Creation of an implementation guide for enterprises from the perspective of operational planning and management.
Period: April 2025 - March 2026
**Glossary**
*1 **Vision-Language Model (VLM):** A general term for AI models that can understand and process both images and text. They can answer questions based on images and describe the content of images.
*2 **Jailbreak Attack:** An attack method that attempts to bypass the safety constraints set for an AI using clever instructions (prompts) to elicit harmful output that should originally be rejected.
*3 **Integrated Test:** A test that verifies whether multiple components (parts) of a system work correctly as a whole when combined. Here, it confirms the overall safety of the AI system.
*4 **Data Poisoning:** An attack method that intentionally contaminates AI training data with malicious data to mislead the AI's judgment and output.
*5 **Unit Test:** A test that verifies individual components (parts) of a system in isolation. Here, specific safety items are evaluated individually.
*6 **Access and Agency:** Two important perspectives in risk assessment. "Access" refers to what kind of data and functions the AI system can interact with, and "Agency" refers to the degree to which the AI can make autonomous judgments and actions. Higher access and agency imply greater risk.
*7 **LLM-as-a-Judge:** A method that utilizes large language models (LLMs) as "evaluators" to automatically determine the safety and quality of AI output. It reduces the burden of manual evaluation while ensuring a certain level of evaluation accuracy.
*8 **Exposure Mapping:** A method for systematically identifying and visualizing parts of an AI system that are vulnerable to external attacks or unauthorized use (exposure surface).
*9 **Chain of Trust:** A concept that ensures the continuous reliability of each element (training data, models, tools, etc.) within the AI system's supply chain (each stage of development and provision). If trust is compromised at any single point, it affects the safety of the entire system.
**About Corpy & Co.**
Company Name: Corpy & Co., Inc.
Established: March 2017
Head Office: 1-44-11 Kanda Jinbocho, Chiyoda-ku, Tokyo
Representative Director: Kohei Yamamoto
Website: https://corpy.co.jp/
**Inquiries regarding this press release**
Corpy & Co., Inc. Public Relations: pr@corpy.co.jp
**Background of this initiative: Urgent need to ensure generative AI safety and respond to international standards**
With the rapid spread of generative AI, safety-related risks such as hallucinations (output that differs from facts), prompt injection (malfunctions due to malicious input), and the generation of harmful content have become significant societal challenges. International movements for AI regulation are accelerating, with the EU AI Act being gradually enforced in Europe. In Japan, there is a strong demand for companies to establish systems for systematically managing and evaluating AI safety.
In this context, ISO/IEC 42001, an international standard for AI management systems, provides a framework for organizations to address AI risks. However, this standard does not specify concrete safety evaluation methods or criteria, leaving it up to each organization to determine "what to evaluate and in what order."
**Overview and Achievements of Research and Development**
In this project, Corpy aimed to bridge the practical "gap" between the requirements of ISO/IEC 42001 and the practice of generative AI safety evaluation, and developed the following deliverables:
Deliverable ①: Report "Generative AI Safety Evaluation Protocol Based on AI Management System and its Implementation Guide"
This is an implementation guide that systematizes a generative AI safety evaluation protocol, aligned with ISO/IEC 42001, into three phases (Analysis, Testing, Reporting). It organizes the series of processes from risk assessment to test plan formulation, evaluation execution, and report creation, making it easy for practitioners to grasp concretely. Using a virtual customer support system with a vision-language model (*1) as an example, it also presents specific evaluation cases such as integrated testing (*3) for jailbreak attacks (*2) and unit testing (*5) for data poisoning detection (*4).
Furthermore, it raises issues and provides examples for important practical concepts such as "access" and "agency" (*6) in risk assessment, "exposure mapping" (*8) when using LLM-as-a-Judge (*7) for safety evaluation, and "chain of trust" (*9) in supply chain management.
Deliverable ②: Generative AI Safety Evaluation Template (with examples)
This is a recording template corresponding to each step of the evaluation protocol. It covers all processes, from business situation analysis, stakeholder analysis, and system structure analysis to risk assessment, risk response plans, statement of applicability, test plans, test methods, and resources used for testing.
Assuming a virtual chatbot system, specific examples are provided, which can be used as a reference for companies when applying it to their own AI systems.
**Features of the Deliverables**
The main features of these deliverables are as follows:
* **Consistency with ISO/IEC 42001:** Clearly outlines the process from the requirements of the AI management system standard to its application in generative AI safety evaluation.
* **Three-phase systematic evaluation protocol:** Clear steps of Analysis (PA) → Testing (PB) → Reporting (PC).
* **Practical evaluation examples:** Presents concrete test scenarios using vision-language models.
* **Templates:** Recording formats that can be used in conjunction with the evaluation protocol.
**Publication of Deliverables**
Deliverables ① and ② can be downloaded from the following link:
https://corpy.app.box.com/s/fijqk4vu4nawvl15mxyt809xh3sp3jkq
* ① Report (Japanese version, PDF format)
* ② Evaluation Template (with examples, XLSX format)
*The deliverables are scheduled to be released under the Creative Commons Attribution 4.0 International (CC BY 4.0) license after the determination of copyright ownership.
**Future Outlook**
Corpy will leverage the knowledge gained from this project to continue contributing to the international standardization and social implementation of AI safety evaluation technology. By promoting approaches compliant with AI management system standards, including ISO/IEC 42001, and supporting the creation of an environment where companies can utilize AI with confidence, we will accelerate the realization of "mission-critical AI."
**About this Project**
Project Name: Research and Development on Strengthening AI Safety / Promotion of Research, Development, and Verification for Strengthening AI Safety
Project Executor: New Energy and Industrial Technology Development Organization (NEDO)
Implementation Structure: National Institute of Advanced Industrial Science and Technology (AIST), Citadel AI Inc., Corpy & Co., Inc.
Corpy's 담당 theme (Assigned Theme): Creation of an implementation guide for enterprises from the perspective of operational planning and management.
Period: April 2025 - March 2026
**Glossary**
*1 **Vision-Language Model (VLM):** A general term for AI models that can understand and process both images and text. They can answer questions based on images and describe the content of images.
*2 **Jailbreak Attack:** An attack method that attempts to bypass the safety constraints set for an AI using clever instructions (prompts) to elicit harmful output that should originally be rejected.
*3 **Integrated Test:** A test that verifies whether multiple components (parts) of a system work correctly as a whole when combined. Here, it confirms the overall safety of the AI system.
*4 **Data Poisoning:** An attack method that intentionally contaminates AI training data with malicious data to mislead the AI's judgment and output.
*5 **Unit Test:** A test that verifies individual components (parts) of a system in isolation. Here, specific safety items are evaluated individually.
*6 **Access and Agency:** Two important perspectives in risk assessment. "Access" refers to what kind of data and functions the AI system can interact with, and "Agency" refers to the degree to which the AI can make autonomous judgments and actions. Higher access and agency imply greater risk.
*7 **LLM-as-a-Judge:** A method that utilizes large language models (LLMs) as "evaluators" to automatically determine the safety and quality of AI output. It reduces the burden of manual evaluation while ensuring a certain level of evaluation accuracy.
*8 **Exposure Mapping:** A method for systematically identifying and visualizing parts of an AI system that are vulnerable to external attacks or unauthorized use (exposure surface).
*9 **Chain of Trust:** A concept that ensures the continuous reliability of each element (training data, models, tools, etc.) within the AI system's supply chain (each stage of development and provision). If trust is compromised at any single point, it affects the safety of the entire system.
**About Corpy & Co.**
Company Name: Corpy & Co., Inc.
Established: March 2017
Head Office: 1-44-11 Kanda Jinbocho, Chiyoda-ku, Tokyo
Representative Director: Kohei Yamamoto
Website: https://corpy.co.jp/
**Inquiries regarding this press release**
Corpy & Co., Inc. Public Relations: pr@corpy.co.jp