CompStack
AI Copilotgrounded · gated · audited

AI that an auditor can trust.

Cited answers grounded in your tenant's records. Agents that propose changes, and a human approves before they touch your data. Every action is logged.

Book a demoHow retrieval works
Copilot · grounded
approval gate
Calibration cadence for metal detectors on Line 3 is monthly, per QMS-PROC-008 §4.2 and FSSC 22000 PRP-7.
QMS-PROC-008 §4.2FSSC 22000 · PRP-7CAPA-2026-0118
Why an auditor accepts it

No black box.

The Copilot is a tool, not a vibes machine. Three properties hold for every interaction, including agent runs.

Cited

Every factual claim resolves to a record in your tenant, clause, document, evidence, finding. URLs that survive a tenant export.

Gated

Anything that writes data is staged as a proposal. A human approves. Tenants can require dual approval on sensitive entities.

Logged

Prompts, retrieved sources, model output, approval decisions, and final state, all stored, all exportable.

In practice
Q&A

Ask in your audit's vocabulary · get an answer that cites it.

Retrieval reads from your scoped requirements, controlled documents, validated evidence, audit reports, findings, CAPAs and risks. Citations resolve to live records.

  • Scoped to the user. Permission-aware retrieval, auditor can't see another site's evidence.
  • Tenant-isolated. Your context never enters another customer's prompt.
  • No model training. We do not train on your data. Period.
/ask copilotinternal-auditor
you What evidence do we have for clause 9.1.3 trend analysis on customer complaints, last 6 months?
Copilot · 4 sources

Three artifacts cover this: the Q4 2025 complaints trend report (chart + commentary), the management review minutes from January, and two CAPAs opened from recurring root-cause patterns. The internal audit found this clause conformant with one OFI on data granularity.

Q4-Trend-Report.pdfMR-2026-01-min.pdfCAPA-2026-0103CAPA-2026-0107AUDIT-Q1-INT/F-014
Agent proposals

Let the agent draft · you approve.

Agents can draft audits, CAPAs, risk entries, document outlines, and evidence links. Each is staged as a proposal that a human reviews, diff visible, full citations.

  • Approval before write. No data changes until a named approver clicks Approve.
  • Diff visible. What the agent proposes to change is highlighted against the current state.
  • One-click reject. Decline with a reason, fed back into the model context for next time.
  • Dual approval option. Some entity types can require two approvers for additional rigor.
proposal · awaiting approval
drafted by Copilot
Open CAPA-2026-0119 · Calibration drift on MD-04
  • · Owner: J. Otieno (Maintenance)
  • · Linked control: CTRL-027
  • · Linked finding: AUDIT-Q1-INT/F-03
  • · Verifier: K. Mbeki (≠ owner, required)
decision logged
Operational insights

Quiet, daily hygiene.

The Copilot runs scheduled passes for things that are easy to forget: expiring evidence, overdue findings, untreated high risks, stalled CAPAs. Surfaced as actionable cards, never as noise.

  • Expiring evidence (30/60/90d). Pre-warns the owner; auto-creates a renewal task on the right cadence.
  • Overdue findings. Flagged with severity-weighted urgency and a one-click escalation path.
  • Aging CAPAs. Surfaces stalled actions and suggests next-step prompts, owner stays in control.
  • Untreated risks. High and critical risks without an active treatment are escalated weekly.
copilot · weekly digestApr 28
!
26 evidence items expire in 30 days
Calibration certs · forklift licenses · supplier audits
!
2 findings overdue · 1 high severity
F-014 (NC, 9.1.3) · 17 days past target close
!
3 high risks without active treatment
RGT-067 · RGT-094 · RGT-101, propose mitigations?
!
1 CAPA aging > 60 days in In-Progress
CAPA-2026-0098, last activity 14 days ago
How it stays auditable

Architecture, in one screen.

The pieces that make the trust guarantees real.

Retrieval index

Your records are chunked and embedded into a tenant-isolated vector index. The same query never crosses tenant boundaries.

text-embedding-3-large · 1536d

Permission filter

Every retrieval is post-filtered against the requesting user's site, role, and scope memberships before reaching the model.

row-level filter · enforced

Proposal staging

Generated writes are persisted as `ai_action_proposals` with diff, source list, and reviewer assignment. The model never writes directly.

ai_action_proposals

Transcript & trail

Prompt, retrieved sources, model output, decisions, and resulting record IDs land in `ai_audit_log`, exportable as CSV/PDF for any audit window.

ai_audit_log · immutable
See it on your audit

We'll wire the Copilot to one of your real findings.

A 45-minute working session. Bring an open finding and the related documents. We index, you ask, the team approves.

Book a demoRead the security brief