This work addresses the critical absence of independent, credible third-party verification mechanisms for safety practices claimed by frontier AI companies, which undermines public ability to assess their trustworthiness. The paper proposes the first auditing framework specifically designed for frontier AI systems, enabling qualified third-party experts to conduct in-depth evaluations of both AI systems and their development processes through controlled access to non-public information. Its core innovation lies in defining a tiered Assurance Assurance Level (AAL) scale—ranging from AAL-1 (one-time audits) to AAL-4 (continuous, deception-resistant validation)—which establishes a systematic, quantifiable, comparable, and actionable paradigm for AI auditing. This framework provides a robust foundation to inform regulatory decisions, deployment choices, and public trust in advanced AI systems.

We outline a vision for frontier AI auditing, which we define as rigorous third-party verification of frontier AI developers'safety and security claims, and evaluation of their systems and practices against relevant standards, based on deep, secure access to non-public information. Frontier AI audits should not be limited to a company's publicly deployed products, but should instead consider the full range of organization-level safety and security risks, including internal deployment of AI systems, information security practices, and safety decision-making processes. We describe four AI Assurance Levels (AALs), the higher levels of which provide greater confidence in audit findings. We recommend AAL-1 as a baseline for frontier AI generally, and AAL-2 as a near-term goal for the most advanced subset of frontier AI developers. Achieving the vision we outline will require (1) ensuring high quality standards for frontier AI auditing, so it does not devolve into a checkbox exercise or lag behind changes in the industry; (2) growing the ecosystem of audit providers at a rapid pace without compromising quality; (3) accelerating adoption of frontier AI auditing by clarifying and strengthening incentives; and (4) achieving technical readiness for high AI Assurance Levels so they can be applied when needed.