Skip to content

Learn · Compliance

Compliance

Frameworks, controls, and evidence — precise terms live here.

The Compliance surface maps what the platform already records to the frameworks you report on. This is the one place we use exact terms, because precision helps here: SOC 2, the EU AI Act, and NIST AI RMF.

Evidence, not homework

The logbook is the evidence: every check, decision, approval, and acknowledgment is already written down, unchangeable and exportable. Controls map to the trail the product produces as it runs — you do not assemble evidence by hand.

  • SOC 2 — monitoring, change control, and access evidence drawn from the logbook.
  • EU AI Act — human oversight is built in: sensitive actions are held for a person, and the decision trail is kept.
  • NIST AI RMF — measure and manage functions map to watching, rules, and the recorded responses.

Auditors get their own read-only, time-bounded door. They see evidence and the logbook — nothing else.