Compliance

Acme Co
A
7/7

controls passing

All controls satisfied

SOC 2

3/3 controls

Block PII in AI inputs

Active policy that blocks executions containing personally identifiable information

Block API keys in prompts

Active policy that prevents API keys and secrets from being sent to AI models

Continuous AI monitoring

At least one active policy enforcing controls on AI agent behaviour

GDPR

2/2 controls

Flag PII in AI outputs

Active policy that flags when AI models return personally identifiable information

Audit logging

All AI executions are logged and attributable to an organisation

ISO 27001

2/2 controls

Cost threshold monitoring

Active policy that flags unexpectedly expensive AI calls

API key authentication

All API access is authenticated via hashed API keys with per-org isolation

Close coverage gaps

Any control showing — can be satisfied by creating the matching policy.

Manage Policies →