Solutions Aegis Industries Insights Pricing Company Request Assessment
Solutions

Deploy AI securely. Govern it responsibly. Prove it.

OneCompliant is the runtime AI governance platform that lets regulated enterprises adopt AI with confidence — governing how AI is used, protecting the data that flows through it, and producing the evidence regulators and boards demand.

Request Assessment Explore Aegis
What We Solve

Every engagement starts with a business problem — not a product.

Whether you are rolling out enterprise AI, answering a regulator, or briefing the board, OneCompliant maps the challenge to a defined, outcome-driven solution.

The OneCompliant Platform

Assess. Govern. Enforce.

Every solution is delivered through one integrated platform — a defined, repeatable sequence that moves your organisation from AI risk exposure to governed, audit-ready AI operations.

OASAT — Assessment Layer

Understand your AI risk before it becomes a liability.

The OneCompliant AI Security Assessment and Testing (OASAT) is a structured, fixed-price evaluation of your organisation's AI risk posture. It identifies where AI is being used, what data is at risk, what governance controls are missing, and how exposed you are under EU AI Act, NIST AI RMF, and NIS2 requirements.

OASAT is the funnel. It creates urgency by quantifying risk — and produces a prioritised governance roadmap that defines exactly what needs to be done next.

AI Usage Mapping

Identify all AI tools, models, and workflows in use across the organisation — including shadow AI.

Risk & Maturity Scoring

Score AI governance maturity against NIST AI RMF and EU AI Act requirements.

Regulatory Gap Analysis

Map current controls against EU AI Act, ISO 42001, NIS2, and GDPR obligations.

Governance Roadmap

Prioritised remediation plan with defined phases, resource requirements, and governance outcomes.

View Sample Assessment Book Assessment

Assessment Outputs

Risk
AI risk score by domain and business unit
Gap
Regulatory gap analysis vs EU AI Act & NIST
Map
Complete AI usage map including shadow AI
Plan
Prioritised governance roadmap with phases

"The assessment is the funnel. It finds the risk, creates the urgency, and defines the roadmap that leads to governance."

OASF — Governance Framework

The policy engine that governs your AI ecosystem.

The OneCompliant AI Security Framework (OASF) is a structured governance and control framework for regulated enterprise AI adoption. It defines the policy domains, control categories, and authorisation boundaries that Aegis enforces at runtime — aligned directly to EU AI Act, NIST AI RMF, and ISO 42001.

OASF is the moat. It is the proprietary framework that defines the rules — making the OneCompliant platform sticky and defensible in ways that competitors writing more code cannot replicate.

Control Domain Architecture

Structured domains covering data governance, model governance, access controls, audit requirements, and operational AI security.

EU AI Act Alignment

Direct mapping of OASF controls to EU AI Act articles — providing the governance evidence regulators require.

NIST AI RMF Operationalisation

OASF operationalises the Govern, Map, Measure, and Manage functions of the NIST AI RMF into practical enterprise controls.

Runtime Policy Engine

OASF control definitions drive Aegis enforcement — the framework becomes the policy engine, not just a document.

Explore the FrameworkCompliance Mappings

Framework Domains

Data Governance

Data classification, handling rules, and PII protection for AI interactions

Model Governance

Approved model registry, provider controls, and model selection policies

Access & Identity

Identity-bound AI access, role-aware permissions, and authorisation boundaries

Audit & Reporting

Event logging, governance reporting, and regulatory evidence generation

Operational AI Security

Prompt injection defence, adversarial monitoring, and AI incident response

OASAP — Awareness Programme

Enterprise AI security awareness that employees actually retain.

The OneCompliant AI Security Awareness Programme (OASAP) delivers custom AI security awareness training — built for the specific risk profile of your organisation, your industry, and your workforce. Not generic compliance videos. Operational awareness that changes behaviour.

OASAP is a custom production of 5 awareness videos tailored to your organisation. Available in multiple languages. Unlimited internal playback. Delivered within your existing learning management system.

5 Custom Awareness Videos

Tailored to your organisation, your industry, and your AI risk profile. Employees, IT teams, management, and executive audiences.

Multi-Language Delivery

Available in English and additional languages — critical for multinational regulated enterprises.

SAFE AI — 4 Steps Framework

A memorable, practical framework employees can apply immediately: Remove, Review, Fit, Verify.

Assessment Add-on

Optional pre/post assessment and compliance quiz — priced by employee headcount for NIS2 and EU AI Act evidence.

Request OASAP Briefing

Validated in Production

Reference Deployment

Leading European Telecom

OASAP awareness programme adopted organisation-wide in multiple languages. Published on the operator's official learning management platform.

Pricing

A fixed-fee programme — five custom awareness videos, with optional assessment add-ons priced by workforce size for EU AI Act and NIS2 evidence.

See full OASAP pricing
Aegis — Runtime Enforcement

The governed gateway where AI governance becomes operational reality.

Aegis is the runtime AI governance and enforcement layer — the governed enterprise AI gateway where every prompt, model interaction, and data flow is inspected, controlled, routed, and logged in real time. It turns your OASF governance framework from a policy document into an enforced operational control.

Aegis is the recurring product. It converts the governance architecture defined by OASF into enforceable, auditable runtime controls — and feeds live usage data back into governance reporting.

Aegis Gateway

The governed entry point — sanctioned AI access for every employee

Aegis Audit

Full interaction logging — every event reconstructable for the regulator

Aegis Policy

OASF rules enforced at the point of every AI interaction

Aegis Routing

Intelligent model selection — best approved model per task

Aegis Guard

PII, source code, and regulated data inspected and redacted before send

Aegis Risk

Governance scoring and live reporting for the CISO and board

Explore Aegis in full

The Closed Loop

OASATIdentifies risk → creates the governance roadmap
OASFDefines the rules → drives the policy engine
AegisEnforces at runtime → generates audit evidence
Live audit data feeds back into governance reporting
Solution Architecture

How every AI interaction flows through Aegis.

Every prompt passes through six enforcement layers. The routing engine evaluates every registered AI model against the governance policy — selecting the best approved endpoint and blocking all others. Employees never choose their model. Aegis does.

Enterprise employee Aegis Gateway Identity binding · SSO · Access control Aegis Guard PII detection · Redaction · Classification Aegis Policy OASF enforcement · Block · Allow · Review Blocked Violation logged Aegis Risk Board dashboard Aegis Routing Evaluates all registered models against policy MODEL EVALUATION ChatGPT (Public) ✗ Denied Gemini (Consumer) ✗ Denied Enterprise Model ✓ Approved Azure OpenAI ✗ Not registered On-premise LLM ✗ Wrong context selected Policy-approved endpoint Aegis Audit Every interaction · User · Data class · Policy · Model evaluated · Outcome · Timestamp

Ready to start?

Begin with an OASAT Assessment — a structured evaluation of your AI risk posture and governance gaps. Fixed price. Delivered in weeks. Leads directly to an actionable governance roadmap.

Request Assessment View Aegis Download the Briefing (PDF)