[{"data":1,"prerenderedAt":4},["ShallowReactive",2],{"raw-en-how-it-works":3},"---\ntitle: How Quadra Works\ndescription: See how QUADRA connects your AI inventory to global governance frameworks and executes continuous compliance across your systems.\nlang: en\nnavigation:\n  section: platform\n  label: howItWorks\n  order: 15\n---\n\n# How Quadra Works\n\n## Governance from knowledge, not conjecture\n\nQUADRA starts with a single question: **What do you actually have to do?**\n\nMost compliance teams spend months reading frameworks, arguing about interpretation, and guessing at coverage. By the time they have an answer, it's incomplete and already stale.\n\nQUADRA answers it in days - by mapping your AI operations to every framework that applies, using a knowledge graph built from the actual text of 40+ global standards.\n\n## The four-phase governance model\n\n### 1. **Obligation Discovery**\n\nFirst, we learn what actually applies to you.\n\nWe ask:\n- What jurisdictions do you operate in? (EU, US, UK, Asia…)?\n- What sectors? (Finance, Healthcare, Government, etc.)?\n- What AI capabilities? (LLMs, biometrics, credit scoring, autonomous decisions…)?\n\nQUADRA queries the graph: *\"Which of the 40 frameworks fire for this profile?\"*\n\nThe output: Your **complete, deduplicated obligation set** - not 40 frameworks, just the ones that matter to you.\n\n**Governance outcome:** You know what the law actually requires.\n\n---\n\n### 2. **Gap Analysis & Evidence Mapping**\n\nNext, we see what you already have vs. what you need.\n\nYou upload (or tell us about):\n- Policies you've written\n- Controls you've implemented\n- Approvals, testing, monitoring\n\nWe map them to your obligations and show:\n- ✓ Which obligations are **covered** (with what evidence)\n- ✗ Which are **missing** (what you need to build)\n- ⚠ Which are **partial** (where you could do better)\n- 🔄 **Cross-coverage**: One control that satisfies multiple frameworks\n\n**Governance outcome:** You know exactly what to build next - no guesswork.\n\n---\n\n### 3. **Audit-Ready Evidence Assembly**\n\nNow we build the proof.\n\nQUADRA doesn't just catalog obligations - it links them to evidence:\n- ✓ This control addresses Article 15(2) of the EU AI Act → linked to your testing documentation\n- ✓ That same control also covers NIST AI RMF Control SC-5 → linked here too\n- ✓ And ISO 42001 Section 8.2 → linked here as well\n\nYou get an **audit-ready evidence pack**: every obligation traced to specific controls, every control traced to proof.\n\nNo scrambling. No discovering things \"after the fact.\" The evidence was built as you implemented the controls.\n\n**Governance outcome:** Auditors see clarity and accountability. You answer their questions in hours, not weeks.\n\n---\n\n### 4. **Continuous Compliance Maintenance**\n\nFinally, governance stays alive - it doesn't stale.\n\nWe monitor three things:\n\n1. **Framework changes**: EU AI Act implementing acts, new NIST guidance, ISO updates  \n   → We alert you. We compute what changed. You re-assess.\n\n2. **Your system changes**: New AI model. New dataset. New jurisdiction.  \n   → We re-profile against your obligations instantly.\n\n3. **Control drift**: Did you keep up with what you promised?  \n   → We track it. We flag gaps. We escalate when needed.\n\n**Governance outcome:** You're never surprised by an auditor who knows something changed.\n\n---\n\n## What QUADRA is NOT\n\nWe're explicit about what we don't do - because clarity matters:\n\n- ❌ **Not a policy engine** – (we don't execute code)\n- ❌ **Not an AI model gateway** – (we don't gate model calls)\n- ❌ **Not a GRC platform** – (we don't run approvals or workflows)\n- ❌ **Not a consultant replacement** – (you still make decisions; we accelerate the thinking)\n\n**We are:** The semantic foundation those systems need. You use QUADRA to know your obligations. Then you use your *own* policies, approval processes, and tools to meet them.\n\n---\n\n## How it integrates with your world\n\nQUADRA is a knowledge graph + API. You own the governance execution.\n\nYou might use QUADRA to:\n- **Feed compliance teams** a queryable API about your obligations\n- **Fuel LLM-based agents** that explain obligations in plain language\n- **Power GRC platforms** with AI-specific obligation data\n- **Auto-generate audit evidence** by querying the graph for what you've built\n\nThe specific integrations depend on what *your* team needs - and we work with you to design them.\n\n## The outcome\n\nAfter one complete cycle with QUADRA, you'll have:\n\n1. **Clear obligation map**: You know exactly what applies to you (not a guess).\n2. **Gap-based roadmap**: You know what to build (and in what order).\n3. **Audit-ready evidence**: Regulators can audit you (and you're ready).\n4. **Governance agility**: When standards change, you re-plan in days (not months).\n\nThis moves governance from a **compliance project** (that happened 2 years ago) to a **continuous capability** (that evolves with your business and regulations).\n\nReady to see what your obligations actually are? [Book an assessment](\u002Fgetting-started).",1776312469829]