Langsung ke konten

Pencarian situs

Ketik untuk mencari halaman, artikel, dan dokumen

Security & governance

A named human is accountable for every public statement of consequence.

Narrapulse runs the publish–monitor–respond loop within a brand and response policy your team approves. The security posture is built around one principle: routine, pre-approved replies may run autonomously, and anything carrying reputational risk is halted for human decision before any public statement is made.

Posture

Controls we operate, stated plainly.

These are the boundaries the service is built on. We describe only what the design enforces, and make no claim of autonomy over sensitive communication.

Governance codified within DIFC's framework

Governance is codified so that human accountability for public communication is demonstrable: approval, escalation and audit are recorded rather than implied.

Least-privilege credential handling

Channel credentials and API access are handled under least privilege, and the service operates within the terms of each channel's API.

Immutable audit trail

Actions are written to an immutable audit trail that distinguishes auto-sent output from human-approved output, so every action can be traced to a decision.

A hard escalation boundary

Every proposed action is classified against policy before execution. In-policy routine actions proceed and are logged; anything outside policy is halted and queued for a human decision.

Human-in-the-loop boundaries.

AI colleagues perform the operating work — drafting content calendars, generating and scheduling posts, monitoring mentions and comments continuously, and preparing draft responses. Accountable humans govern that work and hold fiduciary duties for it.

What humans set and sign off

Accountable humans set and approve the brand voice.

They approve the content calendar.

They define which reply categories may be sent autonomously.

They approve any public statement on sensitive topics.

Where the boundary sits

The system may autonomously send only replies that fall inside the pre-approved routine categories.

Sensitive topics, complaints and anything carrying reputational risk are escalated to a human before any public statement is made.

Crisis handling and all ultimate responsibility for public brand communication remain with the human owner. The AI colleague never crosses the escalation boundary unattended.

Questions

Security and control, answered.

  • Can the system publish or reply without a human?

    It may send only replies that fall inside the reply categories your team has pre-approved as routine. Anything outside that boundary — sensitive topics, complaints, or reputational risk — is halted and queued for a human decision before any public statement is made.

  • Who is accountable for public communication?

    The human owner. Accountable humans approve the brand voice, the content calendar and the escalation rules, and approve any public statement on sensitive topics. All ultimate responsibility for public brand communication and crisis handling stays with them.

  • How are actions recorded?

    Actions are written to an immutable audit trail that distinguishes auto-sent output from human-approved output. Approval, escalation and audit are recorded so that human accountability is demonstrable.

  • How are channel credentials handled?

    Channel credentials and API access are handled under least privilege, and the service operates within the terms of each channel's API.

  • Do you hold formal security certifications?

    Not yet — Narrapulse is early-stage and pre-launch, and we do not claim any certification, audit or attestation we have not completed. Governance is codified within the DIFC's framework, and we will state our posture here plainly as it develops.

Questions about security or governance?

Reach us directly and a named human will own the response.