Skip to content
Trust & Governance

Evidence before action

Automation is earned, not assumed. Every recommendation ships with provenance, every action is reversible, and every outcome is verified.

Governance philosophy: Assist → Auto

We believe automation must be earned through evidence, not assumed. Every deployment starts with full human oversight. Automation unlocks only when you're ready—and only for actions where evidence supports it.

Level 1

Assist

Human approves all recommendations

  • Full human oversight of every decision
  • Platform provides recommendations with evidence
  • Humans review, approve, and execute
  • Learning loop improves future recommendations
Level 2

Suggest

Platform surfaces prioritised actions

  • Ranked action queues based on impact and confidence
  • Humans retain full approval authority
  • Explanations and provenance for every suggestion
  • Feedback loop refines prioritisation
Level 3

Recommend

Platform pre-approves within policy bounds

  • Pre-approved recommendations within agreed policy
  • Human review for edge cases and escalations
  • Audit trail for all pre-approved actions
  • Rollback capability for any action
Level 4Earned

Auto

Earned automation for scoped actions

  • Autonomous execution within strict policy bounds
  • Exception-based human review
  • Continuous monitoring and anomaly detection
  • Automatic rollback if outcomes deviate

You control the pace. Every step up the ladder requires your explicit consent and jointly agreed quality gates.

Evidence & provenance

Every recommendation links back to its sources through a chain of provenance — from raw data through domain context to a verified outcome. Nothing is opaque: you can trace any decision back to the inputs and reasoning that produced it. Audit packs can be exported at any time, in both human-readable and machine-readable formats.

Data & IP boundaries

Clear boundaries protect your data and intellectual property. No surprises, no hidden terms.

Customer data stays with the customer

Raw data is processed in-situ or in isolated tenants. No training on customer data without explicit consent.

Evidence is portable

Customers can export their evidence packs, Model Assets, and audit trails at any time in human-readable and machine-readable formats.

No lock-in

Portable artefacts ensure continuity. Switch providers without losing your accumulated evidence and governance history.

IP boundaries are explicit

Customer models, configurations, and customisations remain customer property. Platform improvements remain Aeterno property.

Security baseline

Enterprise-grade security is foundational, not optional.

SSO Integration

SAML 2.0 and OIDC support for enterprise identity providers

Role-Based Access

RBAC with viewpoint-specific permissions and audit trails

Audit Logging

Immutable audit logs for every decision, action, and data access

Data Encryption

Encryption at rest and in transit using industry-standard protocols

Tenant Isolation

Per-customer isolation with no data commingling between tenants

Regional Deployment

Deploy in your region with no data egress requirements

Compliance mapping

Our evidence packs and audit trails support your compliance requirements.

MCS

Heat pump installations aligned with MCS requirements for evidence and commissioning

Building Regulations

Evidence packs support Part L compliance and SAP calculations

GDPR

Data processing agreements, privacy by design, and data subject rights

ISO 27001

Information security management aligned with ISO 27001 principles

Frequently asked questions

Ready to see governance in action?

We'll walk you through how evidence-first governance works in practice—with your data, your policies, and your stakeholders.

Request a demo