CyberPrism AI Policy

Setting the Record Straight on “AI”

Artificial Intelligence (AI) is everywhere in today’s headlines. With it comes hype, misunderstanding, and sometimes fear. At CyberPrism, we believe clarity is critical. Not everything labelled “AI” deserves the name, and not every use of AI introduces risk.

That’s why we prefer to describe our approach as Intelligence Augmentation (IA). Our technology is designed to support, not replace, the judgement of experienced professionals. We build tools that make complex regulatory and cyber resilience challenges easier to navigate, while keeping people firmly in control.

The main way we achieve this is through RAG (Retrieval-Augmented Generation) technology. In simple terms, RAG works by pulling relevant, trusted information from authoritative sources, and then generating responses grounded in that data. This makes the output transparent, explainable, and aligned to official regulations such as DORA, NIS2, and the UK Operational Resilience Framework. Unlike “black box” AI models, our approach avoids hallucination and ensures guidance is evidence-based.

Purpose of IA in CyberPrism

We leverage Intelligence Augmentation to:

• Help organisations interpret complex frameworks and obligations.

• Provide contextual, factual guidance to support informed decisions.

• Streamline assessments and highlight areas for improvement efficiently.

IA in CyberPrism is always an assistant to the process, never the decision-maker. Final responsibility remains with the client and their professional advisors.

Our Principles

We are committed to using IA responsibly, guided by these principles:

• Transparency: Clients understand where and how IA is applied.

• Accountability: Human oversight governs every IA-enabled feature.

• Compliance: Our use of technology aligns with the EU AI Act, DORA, NIS2, GDPR, and related standards.

• Security: IA operates within CyberPrism’s strict security and privacy framework.

• Ethics: We do not use IA for manipulative, discriminatory, or harmful purposes.

What IA Will Not Do

To maintain integrity and trust, IA in CyberPrism will not:

• Make binding compliance or regulatory decisions without human validation.

• Replace governance or risk management processes.

• Process or share data outside of our strict security and privacy safeguards.

Our Commitment

CyberPrism continuously monitors and evaluates its IA capabilities to ensure accuracy, fairness, and compliance. As regulation and technology evolve, so will our approach — always putting clients in control.

At CyberPrism, Intelligence Augmentation means clarity, compliance, and confidence — not risk.