Search cases, suites, agents…⌘K
DEMO · synthetic data
← All agents
Compliance profile

HR Policy Advisor

limitedapproval pendingL3Regulated-grade

Answers employee policy questions grounded in the tenant's policy library. · pre-production · risk owner K. Shacklebolt · next review 2026-07-15

Risk classification

proposed from registry metadata; a compliance officer approves and signs
Proposed
Registry metadata: informational chatbot · no writes · policy Q&A
Art. 6(3) narrow procedural task (draft) + Art. 50 transparency
Approval pending
The classification isn't real until it's signed — until then the agent inherits the high-risk control set by default.

Readiness

applicable controls with current evidence
EU AI Act1 of 2· 1 gap
NIST AI RMF8 of 8
ISO 420015 of 5
SOC 23 of 3
Internal5 of 5

EU AI Actregulation

Regulation (EU) 2024/1689
1 of 2 current
Art. 6(3)–(4) + Annex III 4(b)
Documented risk classification
Classification proposed (limited) but not yet approved — M. McGonagall's sign-off is the missing artifact.
partial
Art. 13(1)–(3)
Transparency to deployers
met

NIST AI RMFvoluntary framework

NIST AI 100-1 · GenAI Profile AI 600-1
8 of 8 current
MEASURE 2.3
met
MEASURE 2.7
Security and resilienceAD
met
MEASURE 2.9
Model output explained and validated
met
MEASURE 2.10
Privacy risk examinedSF
met
MEASURE 2.13
met

ISO/IEC 42001certifiable standard

ISO/IEC 42001:2023 (AIMS)
5 of 5 current

SOC 2 Type IIauditor attestation

AICPA 2017 TSC (2022 points of focus)
3 of 3 current
CC8.1
Change management
met

UKG AI Quality Policyinternal policy

UKG AI Quality Policy v2.1
5 of 5 current
AIQ-1
met
AIQ-3
Overrides attributed, justified, time-boxed
met
AIQ-4
Production data enters test data scrubbedSF
met
AIQ-5
met