Know every AI tool your team is using, who’s responsible for it, and exactly what to say when a client asks.
AI use that no one can see, owns, or is responsible for puts your business at risk. Certrak eliminates the blind spots so you can innovate safely.
What you already know, what your team adds, or a quick import. Nothing has to be perfect – it just has to be visible.
Pick the tool you use – Copilot, ChatGPT, Jasper, Gemini – and the risks, controls, and policies are already mapped. No blank page.
Accountability stops being a question mark. You can see, at a glance, who stands behind each AI use in your business.
A tamper-evident record a client or your board can verify themselves, checksum included. No taking your word for it, no scrambling before a meeting.
Governance isn’t a solo job. Assign each AI use to the right owner, let your team flag AI usage and incidents, and share a verifiable record with a client or your board.
Everyone sees what they need to, everything is logged for audit. Nothing lives in one person’s head or a scattered spreadsheet.
Certrak’s AI governance libraries are human-reviewed and built from the most common AI use cases, with controls written to the best practices of leading governance frameworks.
Confident, plausible, unrepeatable. And no one stands behind it.
For a given tool and use, the same defensible governance, from a library built and reviewed by people.
And when a use case is genuinely new, Certrak drafts a starting point, clearly flagged for you to approve.
There’s only one thing you need to do to get started: let us know how you’re using AI. We handle the rest.
The thing you know best: what your business is actually doing with AI.
Set up in an afternoon. No experience needed.
Certrak gives you a short list of prioritised tasks that surface only when they matter.
And when your board or your insurer asks how you manage AI, you have the answer ready.
What being accountable for AI actually involves.
Read →Shadow AI is most likely already in your organisation. Here's what you can do about it.
Read →The deadline for compliance with the EU AI Act is fast approaching. Now is the time for Australian businesses to get prepared.
Read →Almost overnight, the tools your team uses started running on AI – the chatbot on your site, the assistant in your inbox, the model scoring your applicants. The capability arrived in months. The oversight didn’t.
So the job of “making sure that’s a good thing” landed on someone who never signed up for it – usually an owner or operator with a hundred other things to do and no background in AI risk.
Not another framework to read. A deterministic system that tells you, in plain language, what AI you’re running, what could go wrong, who owns it, and what to do about it – and proves you did.
Certrak has been building compliance software in Australia since 2017.
A governance tool has to be trustworthy itself. Here’s plainly how Certrak handles your data and where AI fits in.
Your risks and controls come from curated libraries we built and maintain. The same use case always produces the same governance, and AI never silently decides your stack.
We use Claude (via Anthropic) for one narrow job: reading the free text you type so it maps to the right governance. For new use cases it can draft a starting point, always flagged for you to approve. The tool picker, imports, registers, and evidence paths use no AI at all.
Anthropic doesn’t train its models on data sent through its commercial API, and Certrak never uses your governance data to train AI or sells it to anyone.
Your account data is hosted in Australia. The only thing that ever leaves is the free text you choose to enter, processed by Anthropic and not retained by Certrak. Export your whole account or delete it any time.
No. Certrak runs on a deterministic rules engine: curated libraries of AI risks and controls, built and reviewed by people. The same use case always maps to the same governance. AI is used only to read your description, never to invent your governance. When something is genuinely new, Certrak drafts a starting point and flags it for your approval.
Yes, it’s built for exactly that. Describe what you’re doing in your own words. Certrak maps the risks and controls, suggests owners, and gives you a short list of things to do. No frameworks to read, no jargon to decode.
No tool can guarantee that. Certrak gives you documented, defensible governance: what you run, the risks you’ve considered, the controls in place, and who’s accountable. It’s built on the common themes of recognised frameworks and regulator guidance, so when someone asks how you govern AI, you have the record ready.
Governance attaches to what the AI does, not your industry. Computer vision in a vet clinic and computer vision on a factory line get the same proven data-analysis governance, and Certrak shows you which pattern it matched and why. If nothing matches, it drafts suggestions for you to review.
Certrak curates the common themes of recognised frameworks and regulator guidance into one workable rulebook, rather than building for any single standard. Formal one-to-one framework mappings are on the roadmap.
Almost certainly, yes. 88% of organisations now use AI in at least one business function (McKinsey, The State of AI). Someone in your business is already responsible for that, named or not. Certrak makes the ownership explicit before something goes wrong, not after. It’s built for small teams without a risk department, not enterprises with one.
Minutes to start. Pick a tool you use and Certrak loads a pre-built governance stack instantly, or describe a use case in a sentence and it builds one. From there you work through a short, prioritised list at your own pace.
No. You can run it solo. When you want to share the load, assign owners, let your team flag the AI they’re using, and delegate tasks, all against one shared, current picture.
They already do: 41% of workers deliver AI-generated work they can’t explain, and 53% of AI users worry that relying on it makes them look replaceable (Work AI Institute 2026; Microsoft Work Trend Index). Bans and monitoring make the hiding worse. Certrak takes the opposite approach: nothing is scanned or watched, and your team gets a simple, safe way to flag the tools they actually use. Visibility replaces guesswork.
A tamper-evident snapshot of your governance at a point in time: what you had in place and when. It’s sealed with a cryptographic checksum, so any change is detectable, and a client, board member, or regulator can verify it themselves.
The pace is real: active AI agents grew fifteen-fold in the past year (Microsoft Work Trend Index, 2026). Certrak watches for changes: a vendor updating its model, a control falling due for review, a new use case appearing. Each becomes a clear, owned task, so your governance stays current instead of going stale.
No. Anthropic doesn’t train its models on data sent through its commercial API, and Certrak never uses your governance data to train AI or sells it to anyone.
In Australia. You can export your entire account or delete it whenever you choose. The only thing that ever leaves is the free text you choose to send to the AI step.
No. AI does one job: reading the free text you type so Certrak can map it to the right governance, and occasionally drafting suggestions you approve. The decisions come from a deterministic engine you can see and trace, not a black box.
You asked yourself where your AI risk was. Now you can answer it, and have the record to prove it.
We’re hand-picking our first customers – talk to us and we’ll set you up ourselves.