AI Model Cards
Model cards document the controls and safeguards in place for each AI capability in ConcertoGRC. Each card describes what data the model receives, what it produces, what constraints are enforced, and how human oversight is maintained.
All AI features are powered by Anthropic Claude models via Amazon Bedrock. No customer data is used for model training, and no data is retained by the model provider beyond the request lifecycle.
Document & Evidence Analysis
Analyzes uploaded compliance documents -- SOC 2 reports, ISO certificates, penetration test results, evidence artifacts -- to extract key information and evaluate completeness against control requirements.
Covers: Document Analysis, Evidence Mapping, Evidence Review, Evidence Gap Suggestion, Contract Text OCR
| Aspect | Details |
|---|---|
| Data In | Uploaded document text (PDF/image via OCR), control requirement descriptions, framework mappings |
| Output | Structured findings: key dates, scope, exceptions, gap identification, evidence-to-control mappings, relevance ratings (High/Medium/Low) |
| Model | Claude Sonnet 4.5 (analysis), Claude Haiku 4.5 (mapping), Amazon Textract (OCR) |
Guardrails, oversight, and limitations
Guardrails
- Prompts are scoped to the specific control requirement being evaluated -- no cross-tenant or cross-control data leakage
- Evidence review returns structured relevance ratings (High/Medium/Low) and overall assessments (Sufficient/Partial/Insufficient) so reviewers can prioritize findings
- Document content is processed in the context of a single tenant; no data from other organizations is included
- OCR extraction uses Amazon Textract with no persistent storage of extracted text beyond the request
Human Oversight
- All findings are presented as suggestions, not applied automatically
- Compliance analysts review each finding before it enters the evidence record
- Users can dismiss, modify, or escalate any AI-generated finding
Known Limitations
- OCR quality depends on scan resolution; handwritten or low-quality documents may produce incomplete extractions
- Document analysis may not detect subtle omissions in evidence artifacts that require domain expertise
- Multi-language documents may have reduced accuracy for non-English content
- Very large documents (100+ pages) are processed in segments, which may miss cross-section references
Data Retention
- Document content is sent to Bedrock for processing and is not retained by the model provider
- AI interaction logs (prompt, response, model, user) are stored in the platform audit trail
- Uploaded documents are stored in the customer's S3 tenant bucket, not in AI infrastructure
Vendor Assessment & Due Diligence
Evaluates vendor security posture through questionnaire analysis, legal document review, URL discovery, and risk assessment generation.
Covers: Vendor Due Diligence, Vendor Legal Review, Vendor URL Discovery, Questionnaire Review
| Aspect | Details |
|---|---|
| Data In | Vendor questionnaire responses, privacy policies, terms of service, DPAs, trust center content, vendor metadata |
| Output | Risk assessments, legal analysis (data handling concerns, regulatory flags), trust center URLs, questionnaire scores with rationale |
| Model | Claude Sonnet 4.5 (due diligence, legal review), Claude Haiku 4.5 (URL discovery) |
Guardrails, oversight, and limitations
Guardrails
- Vendor data is scoped to the requesting tenant; no cross-tenant vendor data is included in prompts
- Legal review output explicitly states it is not legal advice and should be reviewed by qualified counsel
- URL discovery only fetches publicly available vendor pages; no authenticated content is accessed
- Risk scoring follows the platform's risk framework taxonomy, not arbitrary AI-generated criteria
Human Oversight
- Vendor risk assessments require human review and approval before being finalized
- Legal review findings are presented as flagged concerns for counsel review, not as binding determinations
- Questionnaire scores can be overridden by the reviewer at any time
Known Limitations
- Legal analysis is based on document text only and may not account for verbal agreements or amendments
- Vendor trust center content may change between the time of analysis and the time of review
- AI cannot assess vendor practices beyond what is documented; actual implementation may differ
- Non-English vendor documents have reduced analysis accuracy
Data Retention
- Vendor document content is processed via Bedrock and not retained by the model provider
- Vendor questionnaire responses and AI assessments are stored within the tenant's data
- No vendor data is shared between tenants during AI processing
Risk & Remediation
Generates remediation plans, treatment suggestions, and risk register entries for identified risks, infrastructure findings, and vulnerability scan results.
Covers: Risk Remediation, Risk Register Generation, BIA Environment Import, Security Analysis, Infrastructure Remediation, Scan Finding Analysis
| Aspect | Details |
|---|---|
| Data In | Risk descriptions, inherent/residual scores, infrastructure configuration details, security group rules, scan finding data, environment descriptions |
| Output | Remediation steps, control recommendations, AWS CLI commands, risk register records with framework mappings, BIA records with dependency linking |
| Model | Claude Sonnet 4.5 (risk/BIA generation), Claude Haiku 4.5 (remediation, security analysis, scan findings) |
Guardrails, oversight, and limitations
Guardrails
- Remediation steps reference only the specific infrastructure finding or risk being analyzed
- AWS CLI commands are generated as suggestions and are not executed by the platform
- Risk scoring uses the platform's 5x5 inherent/residual matrix; AI suggests scores within this framework
- Generated risk records require explicit import before they affect the risk register
Human Oversight
- All remediation plans are presented for review before any action is taken
- Risk register generation produces a preview that must be reviewed and selectively imported
- BIA import presents generated records for field-by-field review and editing
- Infrastructure remediation guidance must be manually executed by authorized personnel
Known Limitations
- Remediation guidance is generic and may not account for organization-specific architectural constraints
- Security group analysis evaluates rules in isolation; complex multi-VPC topologies may require additional context
- Risk generation from environment descriptions depends on the completeness of the input description
- Scan finding analysis may not detect zero-day vulnerabilities not in public databases
Data Retention
- Infrastructure configuration details are processed via Bedrock and not retained by the model provider
- Generated remediation plans and risk records are stored within the tenant's platform data
- No infrastructure credentials or access keys are included in AI prompts
Policy & Report Generation
Drafts policy documents from framework requirements, generates executive summaries, compliance report narratives, and initiative status updates with streaming output.
Covers: Policy Drafting, Policy Variable Suggestions, Report Narrative, Initiative Status Update, AI Generate (General)
| Aspect | Details |
|---|---|
| Data In | Framework requirements, existing policy templates, control statuses, compliance metrics, initiative descriptions, task progress |
| Output | Policy document drafts (streaming), executive summaries, report narratives, status updates, template variable suggestions |
| Model | Claude Sonnet 4.5 (policy drafts, reports), Claude Haiku 4.5 (status updates, variable suggestions) |
Guardrails, oversight, and limitations
Guardrails
- Policy drafts are generated from framework requirements only -- not from other tenants' policies
- Report narratives are derived exclusively from the tenant's own compliance data and metrics
- Streaming output can be stopped mid-generation if the direction is incorrect
- Prompt templates use
{{variable}}placeholders populated from record fields, preventing arbitrary data injection
Human Oversight
- Policy drafts are presented in an editor for full review and editing before saving
- Report narratives require explicit approval before inclusion in final reports
- Status updates are generated as suggestions that can be edited or discarded
- No AI-generated policy or report is published without human action
Known Limitations
- Generated policies may not reflect jurisdiction-specific regulatory requirements without additional customization
- Report narratives are based on current data snapshots and may not reflect very recent changes
- Policy language may require legal review to ensure enforceability in the organization's jurisdiction
- Template variable suggestions may miss domain-specific terms that should be parameterized
Data Retention
- Policy content and compliance metrics are processed via Bedrock and not retained by the model provider
- Generated drafts are stored within the tenant's platform data once saved by the user
- All AI invocations are logged in the audit trail (AiInteraction) regardless of whether the user saves the generated output
Training & Awareness Content
Generates complete security awareness training modules including slides, quizzes, scenarios, and assessment artifacts from a topic prompt.
Covers: Training Content Generation
| Aspect | Details |
|---|---|
| Data In | Training topic description, target audience, desired difficulty level, organization context |
| Output | Structured training module: slide deck content, multiple-choice quizzes, realistic scenarios, completion assessments |
| Model | Claude Sonnet 4.5 |
Guardrails, oversight, and limitations
Guardrails
- Training content is generated from the topic description only; no employee personal data is included in prompts
- Quiz questions are generated with designated correct answers and plausible distractors; administrators should verify correctness before publishing
- Scenarios use realistic but fictional examples -- no actual incident data from the tenant is included
- Content is structured as JSON for consistent rendering across the platform
Human Oversight
- All generated training content is presented for full review before publishing
- Quiz questions and answers can be edited, added, or removed
- Training administrators approve content before it is assigned to employees
- Phishing simulation templates generated for training are reviewed before campaign launch
Known Limitations
- Generated scenarios may not reflect industry-specific nuances without topic customization
- Quiz distractors may occasionally be too obviously incorrect for advanced audiences
- Training content is generated in English; translation for multilingual workforces requires manual effort
- Compliance-specific training may require SME review for regulatory accuracy
Data Retention
- Training topic descriptions are processed via Bedrock and not retained by the model provider
- Generated training modules are stored within the tenant's platform data once saved
- No employee performance data is used as input for content generation
Meeting & Contract Analysis
Parses compliance meeting transcripts into categorized action items and extracts security commitments from customer contracts with source-clause traceability.
Covers: Transcript Analyser, Commitment Extraction, Customer Notification Draft
| Aspect | Details |
|---|---|
| Data In | Meeting transcripts (text), customer contract documents, incident details, customer tier and contractual terms |
| Output | Categorized action items (tasks, risks, incidents, vendor actions), extracted commitments with clause references, draft customer notifications |
| Model | Claude Sonnet 4.5 |
Guardrails, oversight, and limitations
Guardrails
- Transcript content is scoped to the specific meeting; no cross-meeting data is included
- Commitment extraction provides verbatim clause text for traceability -- not paraphrased interpretations
- Customer notifications are drafted based on the tenant's own customer data and incident details only
- Notification drafts explicitly mark AI-generated content for review before sending
Human Oversight
- Extracted action items require manual assignment and prioritization
- Commitment extractions are presented for legal/compliance review before being entered as obligations
- Customer notification drafts must be reviewed and explicitly sent by authorized personnel
- No notifications are sent automatically -- all require human action
Known Limitations
- Transcript analysis quality depends on transcript accuracy; poor audio-to-text conversion reduces quality
- Commitment extraction may miss implied obligations that are not explicitly stated in contract language
- Meeting action items may require disambiguation when multiple speakers discuss overlapping topics
- Notification tone calibration is based on documented tier classification and may not reflect relationship nuances
Data Retention
- Meeting transcripts and contract text are processed via Bedrock and not retained by the model provider
- Extracted action items and commitments are stored within the tenant's platform data
- All AI invocations are logged in the audit trail regardless of whether the user saves the output
Privacy Impact Analysis
Drafts privacy impact assessment sections and identifies compliance gaps across GDPR, CCPA, and ISO 27701 regulatory frameworks.
Covers: PIA Section Drafting, PIA Gap Analysis
| Aspect | Details |
|---|---|
| Data In | Vendor context, processing activity descriptions, existing PIA responses, regulatory framework requirements |
| Output | Drafted PIA sections, identified compliance gaps with regulatory references, remediation recommendations |
| Model | Claude Sonnet 4.5 |
Guardrails, oversight, and limitations
Guardrails
- PIA analysis is scoped to the specific vendor or processing activity being assessed
- Gap identification references specific regulatory articles and clauses for traceability
- AI-generated PIA content explicitly states it does not constitute legal advice
- Analysis covers GDPR, CCPA, and ISO 27701 only; other privacy frameworks require manual assessment
Human Oversight
- All PIA drafts require review by the privacy officer or compliance team before finalization
- Gap analysis findings are presented as recommendations, not automatic determinations
- PIA section content can be edited, supplemented, or replaced entirely
Known Limitations
- PIA analysis may not reflect the latest regulatory guidance or enforcement precedents
- Cross-border data transfer analysis requires jurisdiction-specific expertise beyond AI capabilities
- Privacy risk scoring is based on documented processing activities and may not capture undocumented data flows
- Regulatory interpretation may differ from the position of the relevant supervisory authority
Data Retention
- PIA content and vendor context are processed via Bedrock and not retained by the model provider
- Generated PIA sections are stored within the tenant's platform data once saved
- All AI invocations are logged in the audit trail regardless of whether the user saves the output
AI Workspace & Orchestrator
General-purpose conversational AI assistant for compliance queries, document analysis, and data lookups with streaming responses. The Orchestrator provides real-time access to platform data for contextual answers.
Covers: AI Workspace, Orchestrator Queries
| Aspect | Details |
|---|---|
| Data In | User queries, uploaded documents, platform data context (controls, evidence, risks, tasks, vendors) |
| Output | Streaming conversational responses, document analysis, status reports, compliance guidance, data lookups |
| Model | Claude Sonnet 4.5 (default), configurable to Haiku 4.5, Sonnet 4, or Opus 4.6 |
Guardrails, oversight, and limitations
Guardrails
- Orchestrator queries are scoped to the authenticated user's tenant -- no cross-tenant data access
- Available tools are filtered based on the user's role permissions; operator tools (tenant switching, platform-level queries) are restricted to Concerto team roles
- All data queries within tools are scoped to the authenticated tenant's organizationId
- Per-minute rate limiting and configurable monthly usage limits prevent excessive usage
- Message content is sanitized before processing to prevent prompt injection
Human Oversight
- All orchestrator responses are conversational suggestions -- no platform actions are taken without explicit user confirmation
- Document uploads for analysis are user-initiated; the workspace does not proactively access files
- Conversations are saved for audit trail purposes and can be reviewed by administrators
Known Limitations
- The workspace cannot access real-time external data sources; answers are based on platform data and the model's training
- Complex multi-step compliance questions may require follow-up clarification
- The orchestrator's knowledge of specific regulations is based on training data and may not reflect the most recent amendments
- File uploads are limited to supported document formats (PDF, images, text)
Data Retention
- Conversation history is stored within the tenant's platform data
- Uploaded documents are stored in the tenant's S3 bucket
- Bedrock does not retain conversation content beyond the request lifecycle
- Conversations can be deleted by the user
Smart Suggestions
Vector embedding-based similarity search and AI-powered field mapping suggestions for intelligent automation across the platform.
Covers: Embeddings, Explanations, Migration Field Mapping, Task Prioritization
| Aspect | Details |
|---|---|
| Data In | Control descriptions, evidence names, policy text, migration source columns, task metadata |
| Output | Ranked similarity matches, "Why?" explanations for suggested mappings, column-to-field mapping suggestions, task priority rationale |
| Model | Titan Embeddings V2 (vectors), Claude Haiku 4.5 (explanations, mappings, prioritization) |
Guardrails, oversight, and limitations
Guardrails
- Embedding vectors are computed per-tenant; no cross-tenant similarity matching occurs
- Suggestion explanations are constrained to the specific records being compared
- Migration field mapping suggestions are based on column names and sample data only -- no full dataset processing
- Task prioritization uses platform compliance context (deadlines, framework requirements) as scoring input
Human Oversight
- All suggestions require explicit acceptance before being applied
- Users can dismiss suggestions and manually configure mappings
- Migration field mappings are presented in a preview UI for column-by-column review
- Task priority rationale is informational; users set final priorities
Known Limitations
- Embedding similarity depends on descriptive text quality; terse or ambiguous descriptions reduce match quality
- Cross-framework mapping suggestions may not account for nuanced control differences between frameworks
- Migration field mapping accuracy depends on source column naming conventions
- Task prioritization rationale may weight framework deadlines over business-specific priorities
Data Retention
- Embedding vectors are stored in the platform database, scoped to the tenant
- Suggestion explanations are generated on-demand and not persisted unless the user accepts the mapping
- Migration field mappings are session-scoped and discarded after import completion
Data Handling Summary
| Control | Implementation |
|---|---|
| Processing location | AWS Bedrock, US region (us-east-1) |
| Model training | Customer data is never used for model training |
| Data retention by provider | Bedrock does not retain input or output data beyond the request lifecycle |
| Encryption in transit | TLS 1.2+ for all Bedrock API calls |
| Encryption at rest | AES-256 for all stored AI interaction logs and generated content |
| Audit trail | Every AI invocation logged with input, output, model, user, timestamp, and token usage |
| Tenant isolation | All prompts are scoped to the authenticated tenant; no cross-tenant data in any AI context |
| Access control | AI features gated by organization-level toggle + user-level permissions |
| Cost tracking | Per-feature, per-tenant token usage and cost metering |