Trust, Security, and
Responsible AI
DispatchingIQ is built for real-world operations, with verifiable controls, clear boundaries, and auditability at every layer. We describe our posture accurately — no overclaims, no ambiguity.
Security Posture
SOC 2 Alignment
- Control framework implemented
- Evidence collection in place
- Regular internal audits
- Certification planned (Type I target: 2026)
We use the term "SOC 2 Aligned" because we have implemented the controls but have not yet completed formal certification. We never claim "Compliant" until certified.
Encryption
All data encrypted at rest (AES-256) and in transit (TLS 1.3)
Tenant Isolation
Complete data separation. No cross-tenant access possible.
Access Controls
Role-based access, MFA for privileged accounts, session management
Audit Logging
Every action logged with timestamp, user, and tenant context
Responsible AI Use
Important Clarification
Automation refers to workflows executing automatically. Autonomy refers to decision authority. DispatchingIQ supports fully automated dispatch workflows while maintaining configurable AI autonomy. Customers control which actions execute automatically and which require human approval.
What AI Automates
- Executes routine dispatch workflows automatically
- Assigns loads based on configured rules and preferences
- Handles repetitive operational tasks continuously
- Operates within customer-defined guardrails
- Logs every action for complete audit trail
How Control Is Maintained
- No unbounded autonomy — always configurable limits
- Critical actions can require human approval
- Financial commitments above thresholds need sign-off
- No data resale or cross-tenant training
- Customers retain final authority over system behavior
AI Autonomy Model
Our agents operate at configurable autonomy levels (0–4). Most agents default to Level 1 (Drafter) and can be promoted to Level 2 (Executor) after demonstrating accuracy. Higher levels require explicit approval workflows.
Transparency & Auditability
Complete Audit Trail
Every AI action is logged with timestamp, context, input, output, and decision rationale. Exportable for compliance reviews.
Approval Workflows
High-impact actions can require human approval before execution. Configure thresholds per action type.
Human Override
Any AI decision can be overridden. Agents can be paused, demoted, or disabled instantly.
Feature Flag Control
New capabilities roll out behind flags. You control what's active in your environment.
Data Handling
Isolation & Privacy
- Customer data remains isolated per tenant
- No cross-tenant data access or training
- Data never sold or shared with third parties
Security & Retention
- Encryption at rest (AES-256) and in transit (TLS 1.3)
- Retention policies enforced per data category
- Data deletion available on request or account closure
Governance
We maintain strict internal governance to ensure our marketing, product claims, and customer communications remain accurate and verifiable.
Marketing Claims Gate
All marketing claims must be verified against source code and documentation before publication. Disabled features are never marketed.
Feature Verification
Features appear in marketing only after they are enabled in production, with proper entitlements configured and tested.
Claim Audit Trail
We maintain a log of all marketing claim changes, including the source of truth that verified each claim.
Honest Communication
We use "SOC 2 Aligned" (not "Compliant"), "Configurable autonomy" (not "Full autonomy"), and other precise language.
Have Security or Compliance Questions?
We're happy to discuss our security posture, complete security questionnaires, or provide additional documentation for your procurement process.