›Compliance & Audit
Compliance & Audit
Every AI action is logged. Every approval has a trail. Every byte of Fortes data lives in the UAE.
KHDA-aware audit formatBSO inspection-readyUAE data residencyISO 27001 alignment · Q4 2026
Compliance score · last 30 days
98.4%
Based on 14,772 AI actions logged
Audit completeness
100%
every action has a trail
Human approval rates
97.2%
on parent-facing actions
Data residency adherence
100%
UAE-only
PII protection
99.8%
3 minor flags · auto-remediated
Failed permissions checks
0
in 30 days
Compliance attestation document available for KHDA, BSO, and internal Board reporting. Last attestation generated: 22 May 2026 by Sherlock.
Live audit stream
LIVEShowing 15 recent · stream continuous
⌘K
Filter by
Agent
Severity
Brand
Touched PII
Required approval
Human-in-the-loop status · last 30 days
Auto-actions (low-risk)
14,213
no approval needed by policy
Human-approved actions
519
96.8% of high-risk routed
Pending human review
27
oldest: 4h 14m
Bypassed approval
0
policy violations
Policies in effect
- All parent-facing fee communications require human sign-off (Finance policy v2.1)View policy doc
- All safeguarding-related queries gated to DSL + Deputy DSL roles onlyView policy doc
- All sent comms must pass tone-and-content checker before deliveryView policy doc
- All admissions offer letters routed to Admissions Lead before sendView policy doc
- All staff disciplinary content gated to HR + Principal roles onlyView policy doc
- All BOD report drafts auto-routed to Director of Education for reviewView policy doc
- All data exports outside UAE blockedView policy doc
Where Fortes data lives
Zero data leaves the UAE for primary operations.
Azure UAE North · compute
M365 UAE tenant · storage
Abu Dhabi · cold backup
🇦🇪 UAE
- Primary compute & inference: Hermes runtime · Azure UAE North (Dubai region)
- Database: Supabase EU → migrating to UAE-North hosted instance (target: 20 Jun 2026)
- File storage: SharePoint · M365 UAE tenant
- Backup: Encrypted snapshots · Abu Dhabi region (cold storage)
- Audit log retention: 7 years (KHDA requirement)
- Recording (Lexa voice): 14-day rolling encryption, then auto-purge unless flagged
- Outbound model calls to Anthropic Claude API route through a UAE-based proxy with traffic logged and content-redacted for PII before transmission.
* = scoped to their brand/school · changes audit-logged
| Role | SIMS | CPOMS | Payroll | Admissions | Co-pilot | BOD reports |
|---|---|---|---|---|---|---|
| Vice Chairman · Ajay Mankani | full | meta | full | full | full | full |
| Director of Education · Dr. N. Hopkin | full | full | meta | full | full | full |
| MD Regent · Devika Singh Mankani | full* | full* | meta | full* | full | reviewer |
| MD JINS · Katrina Mankani | full* | full* | meta | full* | full | reviewer |
| Principal Sunmarke · N. Rickford | full* | full* | meta | full* | full | contributor |
| Principal RIS · D. Williams | full* | full* | meta | full* | full | contributor |
| IT Lead · Atyab Rehman | meta | none | none | meta | admin | none |
| Admissions Lead · S. Pereira | meta | none | none | full* | user | none |
| Form Tutor | class | none | none | none | user | none |
| HR Business Partner | meta | none | meta | none | user | none |
BSO inspection evidence pack
Generate a one-click PDF compilation of lesson observation summaries, parent voice reports, safeguarding policy compliance, and AI-augmented teaching evidence.
Last generated · 22 May 2026 · 487 pages
KHDA Self-Evaluation auto-fill
Pull the latest Fortes data into the current KHDA SEF template. 67% complete · Sections 1–3 done, 4–6 pending.
Owner · Dr. Neil Hopkin
BOD quarterly report
Quarterly performance report for Mr. Sanjay Mankani and the Fortes Holdings Board. Auto-drafted from PowerBI, CRM, payroll, and operational data.
47 pages · Q3 2025-26 draft