Compliance Management Enhancements
Compliance Management continues to strengthen AI governance by providing a centralized workspace for tracking controls across multiple frameworks under Compliance → Compliance Tracking.
Organizations can now collect evidence both manually and automatically, leveraging data already maintained within the platform — including published policies, registered AI systems, completed risk assessments, and governance records.
Using standardized Secure Controls Framework (SCF) mappings, teams can reuse evidence across frameworks such as NIST AI RMF, EU AI Act, and ISO/IEC 42001, reducing duplication while improving audit readiness and traceability.
Automated evidence collection links real governance activity directly to compliance controls, creating a more scalable, defensible, and operational compliance posture.
AI Policy Health Check
The new Policy Health Check feature enables organizations to proactively assess their AI policy against recognized industry best practices.
Accessible within the Policy module, the Health Check can be run at any stage — Draft, In Progress, or Published — and delivers a structured evaluation of policy completeness, alignment, and clarity.
After initiating a scan, users receive:
A percentage-based Policy Health Score
A coverage breakdown of strengths and gaps
A list of structured, actionable recommendations
Each recommendation includes contextual guidance and suggested language to strengthen governance maturity. With one-click section insertion, teams can directly add recommended content into the policy editor and continuously improve their score over time.
The Policy Health Check supports proactive compliance readiness, internal reviews, and audit preparation — helping organizations maintain a strong, defensible AI governance framework as regulations evolve.
Risk Overview Dashboard Update
The Risk Overview Dashboard now includes a new toggle view that allows administrators to switch between Internal AI by Risk Level and Third-Party AI by Risk Level.
This enhancement provides clearer segmentation of risk exposure across internally developed AI systems and externally sourced or vendor AI solutions. By separating these views, organizations can better monitor ownership, accountability, and treatment strategies across different AI categories.
The updated view strengthens executive reporting, improves risk transparency, and supports more structured oversight of both internal and third-party AI risk profiles from a single dashboard.