Skip to content
JL
Projects
SAGIS · Secure AI Governance & Insights SystemPreview

The enterprise AI risk operating model, delivered as one system.

SAGIS inventories, classifies, and governs every AI system a regulated institution runs — from idea intake through production to retirement — with continuous, examiner-ready evidence at every step.

Ship AI faster, because you're governed.

Get in Touch to Learn MoreCurrently in preview — not yet available for purchase.

Full product walkthrough — five minutes, from governed intake to blast-radius incident response.

Fictional sample data — no real institution or system is shown.

The problem

No single framework owns enterprise AI risk.

Regulated institutions now run traditional models, generative AI, and agentic systems side by side — governed by a patchwork of model-risk rules, enterprise risk, and AI-specific controls that no one framework ties together.

Governance shows up too late: committees reviewing models after they're built, evidence assembled by hand in the weeks before an exam. And when the examiner asks “what AI do you actually have, and how is it controlled?” — few institutions can answer in one place.

SAGIS makes AI governance an end-to-end control system, not an after-the-fact review.

How it works

One system of record, from idea to retirement.

01

Inventory

Register every AI system once — GenAI, agentic, predictive, vendor tools, and pilots — with owner, model, data, and approved scope.

02

Classify

Tier each system by risk (T0 prohibited → T4 experimental) with a rules engine that decides — never a guess.

03

Approve

Move it through eight governance gates. A system advances only when its exit criteria are evidenced and sealed.

04

Validate

Independent challenge, model and data validation, and security and privacy review — built into the delivery plan.

05

Monitor

Continuous drift, incident, and blocked-action monitoring the moment a system goes live.

06

Evidence

Evidence packs auto-compile from delivery artifacts in days, not weeks — sealed, timestamped, and audit-ready.

07

Retire

Change control and decommissioning close the loop, with full history preserved for the record.

What's inside

Six capabilities, one governed lifecycle.

AI Inventory & Intake Copilot

A single intake for every AI use case. A copilot drafts the classification; the rules engine decides. Answers “what AI do we actually have?”

Risk Tiering (T0–T4)

Canonical tiers from prohibited to experimental, mapped to each framework’s native labels so multi-framework stays sane.

Governance Gates (G1–G8)

Six gates take a system to launch; two run for the rest of its life — intake, tiering, validation, security, pilot, attestation, revalidation, retirement.

GenAI & Agentic Controls

Purpose-built controls for hallucination, data leakage, prompt injection, toxic output, and uncontrolled autonomy — with human approval before external action.

Framework Packs

SR 26-2, OSFI E-23, NIST AI RMF, and the EU AI Act as swappable, data-driven packs — generalized from public standards only.

Book of Record

At attestation, each system turns over into continuous monitoring with a sealed evidence trail — the answer to “what do we show the examiner?”

Inside the product

A working system, not a slide deck.

Dashboard — the full AI system portfolio at a glance
Dashboard — the full AI system portfolio at a glance
Intake Copilot — guided, evidenced classification
Intake Copilot — guided, evidenced classification
Governance Board — the G1–G8 gate kanban
Governance Board — the G1–G8 gate kanban
AI Inventory — every system in one register
AI Inventory — every system in one register
Risk Events — blast radius when a model is pulled
Risk Events — blast radius when a model is pulled
Framework Studio — regulatory packs as data
Framework Studio — regulatory packs as data

Built for

Regulated institutions that answer to examiners.

Banks & Credit UnionsInsurersHealthcareGovernment & Public Sector

Designed for model risk, AI governance offices, technology and cyber risk, compliance, and the executives accountable for AI. Every step carries embedded guidance — very few people combine the technology, AI, risk, and banking expertise this requires, so the system supplies it.

The AI risk operating model, as a product.

SAGIS is currently in preview — built for the risk, model, and governance teams accountable for AI at regulated institutions.

Get in Touch