AI oversight for businesses without a compliance team.

Know every AI tool your team is using, who’s responsible for it, and exactly what to say when a client asks.

Where’s your AI risk?
A few easy steps. No sign-up.
Question 1 of 40%

Every AI use, visible and under control.

AI use that no one can see, owns, or is responsible for puts your business at risk. Certrak eliminates the blind spots so you can innovate safely.

Without Certrak
some chatbot? a plugin marketing’s tool that note-taker ???
Invisible·Unowned·Unaccounted
With Certrak
ChatGPT · Client commsMara L.✓ Governed
Copilot · DraftingSam P.✓ Governed
Gemini · ResearchYou✓ Governed
Visible·Owned·Accounted for
More than a third of workers use AI tools nobody approved. 69% of AI users admit shipping work they never checked.
Work AI Institute, 6,000 workers surveyed across Australia, the US and the UK, 2026
The common near-miss: client data pasted into an AI tool nobody approved.

Find it. Own it. Prove it.

01Find it

Bring every AI use into the open.

What you already know, what your team adds, or a quick import. Nothing has to be perfect – it just has to be visible.

Pick the tool you use – Copilot, ChatGPT, Jasper, Gemini – and the risks, controls, and policies are already mapped. No blank page.

02Own it

Every use gets a named owner.

Accountability stops being a question mark. You can see, at a glance, who stands behind each AI use in your business.

03Prove it

One record anyone can verify.

A tamper-evident record a client or your board can verify themselves, checksum included. No taking your word for it, no scrambling before a meeting.

Delegate the work. Keep the oversight.

Governance isn’t a solo job. Assign each AI use to the right owner, let your team flag AI usage and incidents, and share a verifiable record with a client or your board.

Everyone sees what they need to, everything is logged for audit. Nothing lives in one person’s head or a scattered spreadsheet.

A curated library, not clever prompts.

Certrak’s AI governance libraries are human-reviewed and built from the most common AI use cases, with controls written to the best practices of leading governance frameworks.

Ask an LLM
A different answer every time.

Confident, plausible, unrepeatable. And no one stands behind it.

Certrak
The same record you can prove.

For a given tool and use, the same defensible governance, from a library built and reviewed by people.

AI-assisted

And when a use case is genuinely new, Certrak drafts a starting point, clearly flagged for you to approve.

You don’t need to be a compliance expert.

There’s only one thing you need to do to get started: let us know how you’re using AI. We handle the rest.

Your part
Say what you use AI for.

The thing you know best: what your business is actually doing with AI.

Certrak’s part
Everything else.
The mapping
The safeguards
The policies
The watching

Set up in an afternoon. No experience needed.

Only what matters, when it matters.

Certrak gives you a short list of prioritised tasks that surface only when they matter.

And when your board or your insurer asks how you manage AI, you have the answer ready.

AI showed up in every business. Governance didn’t.

Almost overnight, the tools your team uses started running on AI – the chatbot on your site, the assistant in your inbox, the model scoring your applicants. The capability arrived in months. The oversight didn’t.

So the job of “making sure that’s a good thing” landed on someone who never signed up for it – usually an owner or operator with a hundred other things to do and no background in AI risk.

We built Certrak for that person.

Not another framework to read. A deterministic system that tells you, in plain language, what AI you’re running, what could go wrong, who owns it, and what to do about it – and proves you did.

Certrak has been building compliance software in Australia since 2017.

Your governance data is yours. We treat it that way.

A governance tool has to be trustworthy itself. Here’s plainly how Certrak handles your data and where AI fits in.

=
The engine is deterministic, not a guessing machine.

Your risks and controls come from curated libraries we built and maintain. The same use case always produces the same governance, and AI never silently decides your stack.

AI only reads what you write.

We use Claude (via Anthropic) for one narrow job: reading the free text you type so it maps to the right governance. For new use cases it can draft a starting point, always flagged for you to approve. The tool picker, imports, registers, and evidence paths use no AI at all.

Your data isn’t used to train AI models.

Anthropic doesn’t train its models on data sent through its commercial API, and Certrak never uses your governance data to train AI or sells it to anyone.

AU
Stored in Australia. Yours to export or delete.

Your account data is hosted in Australia. The only thing that ever leaves is the free text you choose to enter, processed by Anthropic and not retained by Certrak. Export your whole account or delete it any time.

Common questions.

Is it legit?

No. Certrak runs on a deterministic rules engine: curated libraries of AI risks and controls, built and reviewed by people. The same use case always maps to the same governance. AI is used only to read your description, never to invent your governance. When something is genuinely new, Certrak drafts a starting point and flags it for your approval.

Yes, it’s built for exactly that. Describe what you’re doing in your own words. Certrak maps the risks and controls, suggests owners, and gives you a short list of things to do. No frameworks to read, no jargon to decode.

No tool can guarantee that. Certrak gives you documented, defensible governance: what you run, the risks you’ve considered, the controls in place, and who’s accountable. It’s built on the common themes of recognised frameworks and regulator guidance, so when someone asks how you govern AI, you have the record ready.

Governance attaches to what the AI does, not your industry. Computer vision in a vet clinic and computer vision on a factory line get the same proven data-analysis governance, and Certrak shows you which pattern it matched and why. If nothing matches, it drafts suggestions for you to review.

Certrak curates the common themes of recognised frameworks and regulator guidance into one workable rulebook, rather than building for any single standard. Formal one-to-one framework mappings are on the roadmap.

Will it actually help me?

Almost certainly, yes. 88% of organisations now use AI in at least one business function (McKinsey, The State of AI). Someone in your business is already responsible for that, named or not. Certrak makes the ownership explicit before something goes wrong, not after. It’s built for small teams without a risk department, not enterprises with one.

Minutes to start. Pick a tool you use and Certrak loads a pre-built governance stack instantly, or describe a use case in a sentence and it builds one. From there you work through a short, prioritised list at your own pace.

No. You can run it solo. When you want to share the load, assign owners, let your team flag the AI they’re using, and delegate tasks, all against one shared, current picture.

They already do: 41% of workers deliver AI-generated work they can’t explain, and 53% of AI users worry that relying on it makes them look replaceable (Work AI Institute 2026; Microsoft Work Trend Index). Bans and monitoring make the hiding worse. Certrak takes the opposite approach: nothing is scanned or watched, and your team gets a simple, safe way to flag the tools they actually use. Visibility replaces guesswork.

A tamper-evident snapshot of your governance at a point in time: what you had in place and when. It’s sealed with a cryptographic checksum, so any change is detectable, and a client, board member, or regulator can verify it themselves.

The pace is real: active AI agents grew fifteen-fold in the past year (Microsoft Work Trend Index, 2026). Certrak watches for changes: a vendor updating its model, a control falling due for review, a new use case appearing. Each becomes a clear, owned task, so your governance stays current instead of going stale.

My data

No. Anthropic doesn’t train its models on data sent through its commercial API, and Certrak never uses your governance data to train AI or sells it to anyone.

In Australia. You can export your entire account or delete it whenever you choose. The only thing that ever leaves is the free text you choose to send to the AI step.

No. AI does one job: reading the free text you type so Certrak can map it to the right governance, and occasionally drafting suggestions you approve. The decisions come from a deterministic engine you can see and trace, not a black box.

Turn scattered AI into one clear record.

You asked yourself where your AI risk was. Now you can answer it, and have the record to prove it.

We’re hand-picking our first customers – talk to us and we’ll set you up ourselves.