CyberPrism AI Policy
Setting the Record Straight on “AI”
Artificial Intelligence (AI) is everywhere in today’s headlines. With it comes hype, misunderstanding, and sometimes fear. At CyberPrism, we believe clarity is critical. Not everything labelled “AI” deserves the name, and not every use of AI introduces risk.
That’s why we prefer to describe our approach as Intelligence Augmentation (IA). Our technology is designed to support, not replace, the judgement of experienced professionals. We build tools that make complex regulatory and cyber resilience challenges easier to navigate, while keeping people firmly in control.
The main way we achieve this is through RAG (Retrieval-Augmented Generation) technology. In simple terms, RAG works by pulling relevant, trusted information from authoritative sources, and then generating responses grounded in that data. This makes the output transparent, explainable, and aligned to official regulations such as DORA, NIS2, and the UK Operational Resilience Framework. Unlike “black box” AI models, our approach avoids hallucination and ensures guidance is evidence-based.
Purpose of IA in CyberPrism
We leverage Intelligence Augmentation to:
Help organisations interpret complex frameworks and obligations.
Provide contextual, factual guidance to support informed decisions.
Streamline assessments and highlight areas for improvement efficiently.
IA in CyberPrism is always an assistant to the process, never the decision-maker. Final responsibility remains with the client and their professional advisors.
Our Principles
We are committed to using IA responsibly, guided by these principles:
Transparency: Clients understand where and how IA is applied.
Accountability: Human oversight governs every IA-enabled feature.
Compliance: Our use of technology aligns with the EU AI Act, DORA, NIS2, GDPR, and related standards.
Security: IA operates within CyberPrism’s strict security and privacy framework.
Ethics: We do not use IA for manipulative, discriminatory, or harmful purposes.
What IA Will Not Do
To maintain integrity and trust, IA in CyberPrism will not:
Make binding compliance or regulatory decisions without human validation.
Replace governance or risk management processes.
Process or share data outside of our strict security and privacy safeguards.
Our Commitment
CyberPrism continuously monitors and evaluates its IA capabilities to ensure accuracy, fairness, and compliance. As regulation and technology evolve, so will our approach — always putting clients in control.
At CyberPrism, Intelligence Augmentation means clarity, compliance, and confidence — not risk.
Digital Resilience with CRI
Cyber Risk International empowers organisations to achieve true digital resilience through expert-led advisory, integrated technology, and executive education — enabling leadership to confidently navigate complex threats and regulatory demands.

Cyber Risk International Ltd
Unit 8 Kinsealy Business Park, Kinsealy Lane, Co Dublin, K36 CX92, Ireland
Registered Company: 550801 VAT: IE 329285TH DUNS: 985605977
W: www.cri.ie E: [email protected] P: +353-(0)1-905 3260