1. Our Governance Commitment
RisqBase operates RALIA under a comprehensive governance framework designed to ensure security, compliance, and operational excellence. Our governance principles guide every aspect of how we build, operate, and improve our platform.
Key Principles
Security by Design
Security is built into every feature from the start
Accessibility by Default
WCAG 2.1 AA compliance for all users
Compliance First
GDPR, EU AI Act, and ISO standards embedded in operations
Transparency
Open about how we operate and protect your data
Continuous Improvement
Regular reviews and updates based on best practices
2. Our Framework
Our Operational Excellence Framework (OEF) establishes mandatory quality gates, security standards, and operational procedures for all RALIA development and operations.
OPERATIONAL EXCELLENCE FRAMEWORK (OEF)
Quality Gates
- CI/CD Pipeline
- Code Review
- Automated Testing
Security Standards
- Accessibility (WCAG 2.1 AA)
- GDPR Compliance
- AI Security
Policy Framework
Compliance Mapping
3. Our Policies
We maintain comprehensive policies covering security, privacy, AI governance, and platform use. The following policies are publicly available:
Privacy Policy
How we collect, use, and protect your data
Terms of Service
Legal terms governing platform use
Cookie Policy
How we use cookies and similar technologies
Responsible AI
Our commitment to ethical AI development
Responsible Use
Guidelines for using RALIA effectively
Security
How we protect your data and systems
4. Compliance Framework
RALIA is designed to meet the requirements of major international standards and regulations.
4.1 Security Certifications & Standards
| Framework | Description |
|---|---|
| ISO 27001 Ready | Enterprise-grade security and data protection |
| ISO 42001 Ready | AI management systems and responsible AI governance |
| SOC 2 Type II Ready | Service organisation customer data management |
4.2 Certification Roadmap
| Standard | Target | Description |
|---|---|---|
| ISO 27001 | 2026 | Information Security Management System |
| ISO 42001 | 2026 | AI Management System |
| SOC 2 Type II | 2027 | Trust Services Criteria |
4.3 Compliance Mapping
Our policies are mapped to control frameworks:
- ISO 27001:2022 - All 10 control domains covered
- ISO 42001:2023 - AI management system requirements
- SOC 2 - Trust Services Criteria (CC1-CC9, A1, C1, PI1)
- GDPR - Articles 5-35 mapped to policies
- EU AI Act - Articles 6, 14, 26, 50 addressed
5. Transparency & Accountability
We are committed to operating with transparency and accountability. Our governance framework ensures that:
- What we say matches what we do - Our public policies reflect our actual practices
- We keep you informed - When our policies change, our public pages are updated
- We welcome questions - Contact us anytime about our governance practices
We believe trust is earned through consistent, transparent action.
6. Get in Touch
For questions about our governance framework, policies, or compliance:
Enterprise Customers
Enterprise customers may request:
- • Security questionnaire responses
- • Compliance documentation
- • Policy summaries
Contact your account manager or email legal@risqbase.com
Enterprise Governance Documentation
Request detailed governance documentation, including our complete policy register and compliance certifications.
Contact SalesGovernance at RALIA
Last updated: January 2026
RisqBase d.o.o. | Zagreb, Croatia