Skip to main content

AI Assistance

ForgeComply includes optional AI assistance to help you understand controls and identify gaps. This guide explains what AI does and doesn't do.

What AI Is Used For

AI assistance in ForgeComply provides guidance to help you work through controls more effectively.

Contextual Observations

AI can analyze your current control status and provide observations about:

  • What the control is asking for
  • Common implementation approaches
  • Potential gaps to consider
  • Questions to ask yourself

Understanding Controls

Compliance frameworks use specific terminology. AI helps translate requirements into practical understanding.

Identifying Gaps

AI can highlight areas that may need attention based on your responses.

What AI Is NOT Used For

AI Does Not Make Decisions

You decide how to answer controls. AI provides context, not answers.

AI Does Not Write Your Policies

Policies are generated from templates and your organization's profile. AI does not author policy content.

AI Does Not Evaluate Compliance

Your compliance status is determined by your control responses and evidence, not AI analysis.

AI Does Not Appear in Reports

Nothing generated by AI appears in your audit reports. Reports contain only your documented responses, policies, and evidence.

AI Does Not Access Your Evidence

AI assistance does not read or analyze your uploaded evidence files.

AI Is Optional

You can complete your entire assessment without using AI assistance.

Using AI

  • Available during Guided Setup
  • Look for the "AI Quick Check" option
  • Click to receive contextual guidance

Not Using AI

  • Simply don't click AI assistance options
  • Work through controls using your own knowledge
  • Use other resources (auditors, consultants, documentation)

There's no penalty for not using AI. It's a helper, not a requirement.

How AI Assistance Works

When you request AI assistance:

  1. Context gathering — ForgeComply provides the AI with:

    • The current control question
    • Your response status
    • Framework requirements
    • General guidance parameters

  2. Analysis — AI generates observations based on this context

  3. Display — Observations appear in the interface for your review

  4. Your action — You decide what to do with the guidance

What AI Can See

When you use AI assistance, the AI receives:

  • The control being evaluated
  • Your answer (Yes/No/Partial/N/A)
  • Framework and audit type context
  • Your organization's industry (general category)

What AI Cannot See

  • Your evidence files
  • Your policy content
  • Your internal notes
  • Your team member information
  • Other controls or responses
  • Your organization's specific data

AI Limitations

Not Always Right

AI provides general guidance based on common patterns. Your specific situation may differ.

Not Comprehensive

AI observations are starting points, not complete checklists.

Not Authoritative

AI guidance is not audit advice. Auditors make compliance determinations, not AI.

Not Persistent

AI observations are generated on-demand. They're not stored or included in your assessment data.

AI and Audits

Auditors Do Not See AI Content

Nothing from AI assistance appears in your reports or auditor-accessible data.

AI Does Not Affect Audit Results

Your audit outcome depends on your actual controls, policies, and evidence — not AI guidance.

Using AI Is Private

Your use of AI assistance is not disclosed to auditors.

Best Practices

Use AI as a Starting Point

AI observations can help you think through a control, but shouldn't be your only input.

Verify AI Suggestions

If AI suggests something to consider, verify it applies to your situation.

Don't Rely Solely on AI

Combine AI guidance with:

  • Framework documentation
  • Auditor feedback
  • Industry best practices
  • Your own expertise

Ask Experts When Unsure

For complex or high-stakes controls, consult qualified professionals.

Privacy and Data Handling

Your Data

AI assistance does not store your control responses or use them beyond the immediate request.

No Training

Your ForgeComply data is not used to train AI models.

Minimal Context

AI receives only the minimum context needed to provide relevant guidance.

See Security & Privacy for more details.

Frequently Asked Questions

Does AI write my policies?

No. Policies are generated from templates based on your profile and responses. AI provides guidance only.

Can AI complete my assessment?

No. You must answer each control. AI can help you understand what's being asked.

Is AI always available?

AI assistance is available during Guided Setup for control guidance. It's optional.

Does using AI cost extra?

AI assistance is included in ForgeComply. There's no additional charge.

Will auditors know I used AI?

No. AI usage is not recorded in reports or auditor-visible data.

What if AI gives wrong advice?

AI provides guidance, not requirements. Always verify guidance against your specific situation and consult experts when needed.

Is AI required for Guided Setup?

No. You can complete Guided Setup without using AI assistance.

Summary

AI DoesAI Does Not
Provide contextual guidanceMake compliance decisions
Help understand controlsWrite policies
Identify areas to considerEvaluate evidence
Work on-demand when requestedStore or persist observations
Respect your privacyAppear in audit reports

Next Steps