Product Use cases Trust About
Trust

Governance your risk committee can verify.

Tovel is built to be evidenced, not asserted. This page sets out how governance works, which frameworks we score against, and just as important, what we do not claim.

Adoption × governance maturity

Know where you sit, and what good looks like.

Two axes every board and insurer now asks about: how deeply you have adopted agents, and how well governed they are. Tovel scores your position from live signals, not a questionnaire. The scales are the adoption tiers (AT0–AT8) and governance levels (L0–L4).

Adoption × governance heatmap
Well-governedAdequateExposedCritical
Where most enterprises land
Adopting fast, oversight behind
Multi-agent adoption on policy-and-HITL governance: aggressive deployment, oversight not yet continuous.
The move Tovel makes
→ Continuous, then adaptive
Continuous oversight first (telemetry, plan-divergence, evidence), then adaptive control, out of the exposed band.
Framework packs · shipped

Seven frameworks. Scored against live posture.

These are the frameworks Tovel evaluates your enclaves against today. Each pack maps controls to live posture, not a logo on a page.

OWASP LLM Top 10
LLM01–LLM10 · 2025
The application-layer risks for LLM systems: prompt injection, sensitive-information disclosure, supply chain, excessive agency.
OWASP Agentic (ASI01–10)
Agentic Security Initiative
Agent-specific threats: goal hijack, tool misuse, identity abuse, memory poisoning, cascading failures, rogue agents.
NIST AI RMF
AI 100-1
Govern / Map / Measure / Manage: the risk-management spine most enterprise AI programmes are structured around.
ISO/IEC 42001
AI management system
The certifiable backbone for an accountable AI programme.
MITRE ATLAS
Adversarial ML tactics
Adversary tactics and techniques against ML systems, mapped to the enclave's threat surface.
EU AI Act
Risk-tiered obligations
Obligations by risk tier, relevant to any AU enterprise operating into or from the EU.
AU AI Safety
Australia · voluntary safety standard
Alignment to Australia's AI safety guidance. Tovel scores AU AI Safety; it does not claim CPS 234 as a covered pack.
The controls behind the score

How the harness earns the posture.

Rule-of-Two gating

No single action holds private data, untrusted content and external communications at once without a human in the loop, or an outright block.

Agent identity control plane

Cryptographic identity per agent, with least-privilege, role-scoped access owned by a named human. Trust tiers scope what each agent may reach.

Signed evidence locker

An append-only, hash-chained record of every guardrail verdict, approval, tool call and verifier check, exportable for board, auditor or insurer.

Data residency

Data and inference stay in Australia on AWS Bedrock and AgentCore. No inference leaves the region.

Claims discipline

What we evidence, and what we do not claim yet.

We hold ourselves to the discipline we sell. Everything on the left is live and provable today; everything on the right we will not assert until it ships.

We evidence
  • Posture scored against the seven shipped framework packs.
  • A signed, hash-chained evidence locker, verifiable end to end.
  • Human-in-the-loop and read-only defaults, on by design.
  • Data and inference resident in Australia on AWS Bedrock and AgentCore.
We do not claim yet
  • CPS 234 as a covered framework pack.
  • SOC 2 or ISO 27001 certification.
  • A board-ready PDF export. The signed locker export exists; the formatted board pack is in build.
  • Customer deployments we cannot name.
Questions

The four we are asked first.

What access do you need?
Read-only by default, least-privilege, in your own account. Every write is gated to a named human.
Does our data train models?
No. Inference runs on AWS Bedrock, which does not train on customer inputs.
What happens when an agent misbehaves?
Guardrails and breakers pause or stop it, high-consequence actions wait for a human, and the whole event is sealed to the record.
How long to see the estate?
Connect read-only and the inventory populates from the first scan, shadow agents first.

Bring your own architecture. We'll score it live.

A 30-minute governance walkthrough: your maturity position, the packs that matter to you, and the evidence a board can read.