What aileth thee?

ISO 27001:2022 gap analysis that actually works. Upload your documentation, and Aileth reveals exactly where your information security falls short — and where you're already compliant.

Request early access See how it works →
A.5.12 — Classification of information 6 criteria
Classification scheme ≥3 levels MET
Handling requirements for storage MET
Handling requirements for transfer MET
Guidelines for new classification PARTIAL
Destruction requirements per level MISSING
Cross-referenced in related policies MISSING
Recommendation Action required
Add secure destruction methods per classification level (shredding, wiping, cryptographic erasure)
Approach

Compliance is not a checkbox.
It's a continuous state of awareness.

Most organisations discover their security gaps during the audit — the most expensive moment possible. Aileth shifts that discovery to the earliest stage, analysing your existing documentation against every Annex A control with atomic precision.

01

Document ingestion

Upload policies, procedures, and evidence. Aileth classifies each document and routes it to the relevant controls automatically.

02

Gap analysis

Each acceptance criterion is assessed individually. No bundled checks, no yes-bias — just a clear PRESENT, PARTIAL, or MISSING verdict with confidence scoring.

03

Actionable roadmap

Aileth doesn't just find gaps — it distinguishes true compliance deficiencies from quality recommendations, so you know exactly what to fix first.

Data sovereignty

Your data stays in Europe.
And out of our hands.

Aileth runs entirely on European infrastructure — no US cloud providers, no CLOUD Act exposure, no transatlantic transfers.

More importantly: we process your compliance documentation, but we never see it. Analysis is fully automated. No Aileth employee has access to your uploaded documents or your results. Your sensitive internal policies stay exactly that — internal.

  • Zero operator access — your documents are processed by the system, never read by people
  • EU-only hosting — Scaleway, Paris datacenter
  • Per-tenant isolation — your data is never co-mingled with other clients
  • EU-only AI processing — analysis runs via Scaleway's EU-hosted generative AI infrastructure, not US-based providers
  • Short retention — all data deleted within 30 days of contract end
  • GDPR by design — data minimisation, purpose limitation, right to deletion
EU data sovereignty compliant
Consultancy

Need a hand getting started?

Aileth is a tool — but sometimes you need more than a tool. If you'd like us to help you structure your compliance documentation, review your existing policies together, or advise on your specific situation, that's available as a single consultancy day.

We work through your documentation set with you, identify the quickest wins, and make sure you're uploading the right material to get the most accurate gap analysis.

Enquire about a consultancy day

Find out what aileth thee.

Aileth is currently in private preview. Request early access and be among the first to run a comprehensive pre-audit on your ISO 27001 readiness.

Get in touch