Obligations you accepted but never tracked
Security requirements, SLAs, AI terms, and data commitments live in legal's files. Compliance never sees them, so no control is ever mapped to them.
AI governance · vendor risk · contract obligations
AI obligation management for regulated companies.
Castle maps AI systems, vendors, contracts, regulations, controls, owners, evidence, and remediation into one auditable obligation graph.
Obligation graph
live mapping
Ingests both frameworks and the obligations the business actually signed
SOC 2ISO 42001NIST AI RMFEU AI ActHIPAAGDPRDPAsSLAsMSAsVendor security addendaInsurance requirements
SOC 2ISO 42001NIST AI RMFEU AI ActHIPAAGDPRDPAsSLAsMSAsVendor security addendaInsurance requirements
01 The problem
AI governance isn't just policies and inventories. It's the obligations you've signed, and proving you meet them.
Most tools help you write policies and list AI systems. They don't tell you what you're actually on the hook for. The commitments that matter live in contracts, DPAs, SLAs, vendor addenda, and regulations. They're scattered across teams and never reconciled into one place anyone can prove.
/ unmapped
/ un-owned
Findings with no owner and no fix
Risk registers list problems. They don't assign the work. Without an owner, a due date, and a tested fix, an obligation is documented, not met.
/ unproven
Nothing you can hand an auditor
Leadership, auditors, and customers won't accept "an AI said so." They need to see where each obligation came from, who owns it, and that it can't be quietly altered.
02 What Castle does
Every obligation, control, owner, and proof in one connected graph.
Castle ties every AI system, vendor, contract, and regulation to the controls, owners, evidence, and remediation that satisfy it. Change one node and everything it touches updates, so what you owe, and the proof you meet it, stays current instead of going stale in a spreadsheet.
Most tools ingest frameworks. Almost nobody ingests contracts, what the business actually committed to. Castle puts both in the same graph, so the questions below have one answer instead of six.
Inventory→What AI systems and vendors are we using?
Obligations→What have we accepted in contracts, DPAs, SLAs, and regulations?
Controls→Which controls are required, and who owns each one?
Evidence→What evidence proves the obligation is being met?
Remediation→What work is still open, and who's on the hook?
Report→What can we show auditors, leadership, and the board?
03 What you get
The deliverables Castle hands you.
Every assessment produces the same concrete artifacts, mapped to each other and provenance-stamped, so you can move from "what do we owe?" to "here's the proof" in one pass.
/ 01
AI & vendor inventory
A current register of the AI systems and vendors you use, classified by data access, decision impact, and risk.
/ 02
Contract & regulatory obligation map
Every obligation from your contracts, DPAs, SLAs, and regulations, connected to the controls that satisfy it.
DPA §7.2 → Encryption at rest → AES-256 control
/ 03
Required controls
The specific controls each obligation demands, mapped across SOC 2, ISO 27001, ISO 42001, NIST AI RMF, and HIPAA, with EU AI Act and GDPR tracked as obligations.
/ 04
Owner-assigned remediation plan
Open gaps turned into assigned work, each with an owner, a due date, and a test that confirms it's actually closed.
Gap · owner · due date · retest → closed
/ 05
Evidence & provenance trail
Every obligation, finding, and control carries a SHA-256 chain-of-custody your auditor can re-verify independently.
evidence · SHA-256 a3f4…c001 · verified ✓
/ 06
Audit-ready & board-ready reporting
One export that shows leadership, auditors, and customers what you owe, who owns it, and what's proven met.
by obligation · owner · status · proven met
Product output examples
What Castle actually hands you.
The artifacts from a single assessment: obligation map, remediation plan, evidence trail, and board-ready report.
Illustrative sample output, not customer data
Obligation Map
/ assessment / obligation #1
High priority
Detected obligation
Customer data used in AI workflows must be encrypted, access-controlled, logged, and periodically reviewed.
Sources
MSADPAAI PolicyVendor DocFramework
Mapped controls
EncryptionRBACLoggingAccess reviewVendor retention validation
OwnerSecurity / Compliance
Sources5 documents
Controls5 mapped
StatusHigh priority
Obligation graph · 1 of 23 mappedIllustrative sample data
Remediation Plan
5 tasks
| Task | Owner | Due date | Status |
|---|---|---|---|
| Assign control owner | Compliance | This week | Ready for review |
| Collect vendor retention evidence | Vendor Risk | 30 days | Evidence needed |
| Confirm encryption coverage | Security | Q2 review | In progress |
| Schedule quarterly access review | Compliance | Next review cycle | Open |
| Generate audit-ready summary | Legal | Q2 review | Open |
2 open · 1 in progress · 1 evidence · 1 readyIllustrative sample data
Evidence Trail
provenance log
| Evidence | Source | Control | Status |
|---|---|---|---|
| Encryption configuration | DPA §7.2 | Encryption | Verified |
| Access review export | IAM | Access review | Verified |
| Vendor retention terms | MSA §4 | Retention | Needed |
| Logging export | SIEM | Logging | In progress |
| Policy acknowledgement | AI Policy | Governance | Verified |
Provenance: encryption configuration
Source documentVendor DPA, §7.2
Control mappedEncryption at rest (AES-256)
OwnerSecurity
Review periodQuarterly · current
Evidence statusVerified
HashSHA-256 a3f4…c001 ✓
3 verified · 1 in progress · 1 neededIllustrative sample data
Board-Ready Report
/ export / executive summary
one-click export
7
High-priority AI / vendor obligations
4
Open remediation items
3
Control areas missing evidence
Audit-ready control coverage82%
Owner accountabilitySecurity 5 · Compliance 3 (assigned)
Review cadenceQuarterly
Generated from the obligation graphIllustrative sample data · figures not real
04 Why Castle is different
Most tools stop at frameworks and findings. Castle goes to signed obligations, owners, and proof.
Contracts as a first-class source
The obligations you actually signed, not just the frameworks.
Framework ingestion is commodity. Castle reads the security, SLA, AI, and data commitments out of your contracts, DPAs, and vendor addenda, the ones compliance teams never see, and maps them into the same graph as your regulations and standards.
Remediation with an owner
Every obligation routes to a person and a tested fix.
A finding without an owner is a problem nobody fixed. Castle turns each gap into assigned remediation with a due date and a retest, then ties the closed work back to the obligation it satisfies.
Verifiable provenance
Proof you can hand an auditor, not a black box.
Every obligation, finding, and control carries a SHA-256 chain-of-custody and a hash-chained event log. You can show exactly where something came from, when, and that it hasn't been altered.
Every obligation ties back to its source, control, owner, and evidence. You can answer "are we meeting what we signed?" with proof, not assertions, and show an auditor the same day.
05 Use cases
Built for the people who own the obligation.
AI governance leads, CISOs, compliance and legal/privacy teams, GRC consultants, and regulated mid-market companies use Castle to answer the same hard questions, with proof.
/ governance
AI governance readiness
Inventory AI use cases, map them to NIST AI RMF and ISO 42001 controls (and track EU AI Act obligations), and close the gaps before a deal or regulator asks.
/ third-party
Vendor & model risk assessment
Classify every vendor and model by data access and decision impact, and tie each one to the contracts and controls it touches.
/ legal
Contract-obligation mapping
Surface the security, SLA, AI, and data commitments buried in MSAs, DPAs, and addenda, and route each to a control and an owner.
/ controls
Control & evidence management
Keep required controls, their owners, and the evidence that proves them connected in one place that stays current.
/ reporting
Board & audit reporting
Produce a single view of what you owe, who owns it, and what's proven met, ready on demand for leadership or an examiner.
/ services
Consultant-led assessments
GRC and advisory firms run faster, more defensible client assessments and hand over a verifiable evidence packet.
06 How it works
From source documents to audit-ready, in one pass.
Feed Castle your contracts, vendors, and AI use cases. It extracts the obligations, maps them to controls, assigns owners, tracks remediation, and returns a board- and audit-ready output, every step provenance-stamped.
01
Source
Upload or connect contracts, vendor documents, AI use cases, policies, and existing controls.
02
Extract & map
Pull obligations from every source and map them to the required controls in one graph.
03
Assign & track
Route each gap to an owner with a due date; track remediation to a tested close.
04
Report
Export the finished view; AI drafts, the operator approves anything binding.
$ castle assess --inputs engagement.yaml
› building obligation graph………… ok
› triaging 142 contract clauses…… ok
› classifying 9 AI use cases……… ok
› vendor OSINT enrichment………… ok
› scoring & prioritizing………… ok
23 obligations · 7 high-risk · 4 un-owned
remediation plan → 16 tasks, owners assigned
provenance → SHA-256 chain verified ✓
board-ready report → exported ✓
› building obligation graph………… ok
› triaging 142 contract clauses…… ok
› classifying 9 AI use cases……… ok
› vendor OSINT enrichment………… ok
› scoring & prioritizing………… ok
23 obligations · 7 high-risk · 4 un-owned
remediation plan → 16 tasks, owners assigned
provenance → SHA-256 chain verified ✓
board-ready report → exported ✓
A preview of one assessment run. Castle does this for you.
07 Trust & architecture
Built to be deployed by people who answer to auditors.
The things a security reviewer asks about first: where evidence comes from, how data is protected, who can see it, where it runs, and whether you can reproduce and independently verify it.
[ provenance ]
Evidence you can re-verify
SHA-256 chain-of-custody and a hash-chained event log on every artifact. You or your auditor can independently confirm nothing changed after collection.
[ verify ]
Verify it yourself
Export a signed evidence packet and check it with a standalone verifier you run yourself. It confirms the cryptographic seal with zero access to our systems.
[ reproducible ]
Reproducible results
Re-run an assessment and get a byte-identical result with a matching hash. Risk tiers and obligation status come from deterministic rules, never from an AI model.
[ encryption ]
Encrypted at rest and in transit
AES-256-GCM with Argon2id key derivation for sensitive data, TLS in transit, and credentials stripped before any model call.
[ access ]
Tenant-aware, authenticated access
Authentication, role-based access, and per-tenant isolation, so each customer's data stays walled off from everyone else's.
[ deployment ]
On-prem, private, or air-gapped
Pluggable AWS Bedrock or on-prem OpenAI-compatible endpoints, or run fully air-gapped with no external LLM calls at all. In air-gapped mode the engine fails closed if anything would try to reach out.
Get in touch
See Castle map your hardest obligation.
We're working with a small number of design partners, advisors, and channel partners. If you own AI governance, vendor risk, or compliance at a regulated company, or advise clients who do, let's talk.
Design partners
GRC co-founder / advisor
Channel & white-label