01 Getting started

Your first login sets up your private vault.

When you log in for the first time, Aileth asks you to set a vault password. This password protects all the data you upload — documents, analyses, and reports. It is never stored anywhere. Neither Aileth nor its infrastructure can access your data without it.

Encryption setup
This password is the only key to your data. Aileth cannot recover it. Store it in a password manager before continuing.
Vault password
••••••••••••••••
Continue
02 Document ingestion

Upload your policies, procedures, and evidence.

Go to the Documents tab and upload your organisation's documentation. Aileth automatically classifies each file and routes it to the relevant controls. You don't need to tag anything manually — though you can always override the classification.

Documents — 4 files
access-control-policy.pdf Policy ✓ Indexed
incident-response-procedure.docx Procedure ✓ Indexed
risk-assessment-2025.pdf Evidence ✓ Indexed
supplier-contracts-nda.pdf Record ✓ Indexed
03 Gap analysis

Run the analysis. Get criterion-level verdicts.

Navigate to the Controls tab and run a gap analysis on any control — or run the full set at once from the gap analysis overview. Aileth assesses each acceptance criterion individually against your uploaded documentation.

A.8.2 — Privileged access rights 4 criteria
Privileged access rights are allocated on a need-to-use basis Present
Separate user IDs for privileged and regular use Present
Evidence
access_control_policy.pdf §4.2
"Privileged accounts are provisioned separately and require MFA for all access."
Periodic review of privileged access rights Partial
Evidence
access_control_policy.pdf §5.1
"Privileged access rights shall be reviewed on a regular basis."
Gap Policy does not define a review interval. ISO 27001 requires a specified periodic review frequency.
Privileged access rights revoked upon role change or termination Missing
Gap No procedure found for revoking privileged access on role change. Offboarding checklist does not reference privileged accounts.
04 Reporting

Generate a report when you're ready.

Once you've run the analysis across your controls, generate a structured compliance report from the Reports tab. The report provides a complete picture of your posture — suitable for internal review or as a pre-audit artefact.

ISO 27001:2022 Gap Analysis
Generated 5 May 2026 · 93 controls assessed
61 Present
18 Partial
14 Missing
A.8.2 Privileged access revocation on role change is not documented in the access control policy.
A.5.23 No supplier security requirements clause found in the standard NDA template.
A.8.15 Logging policy references audit trails but does not specify retention period.
05 Team & settings — coming soon

Invite your colleagues to collaborate.

Multi-user support is currently under development. When available, your Aileth environment will support up to ten users. Invite colleagues by email — they'll receive a link to set their own login credentials, and share the same encrypted workspace.

Team — 3 of 10 users
m.dejong@company.nl Admin
j.jansen@company.nl Member Remove
a.bakker@company.nl Member Remove
colleague@company.nl
Invite

Ready to find your gaps?

Request early access and run your first compliance analysis within the hour.

Get in touch