Alignment with SOC 2 Type II (TSC 2017) and NIST 800-53
Status: Architecture-Ready (Pre-Audit)This document provides detailed control mapping for enterprise security review. Formal SOC 2 Type II attestation is in progress (target Q2 2026).
Traditional SOC 2 validates that a SaaS vendor protects customer data in their custody. It answers: "Can we trust this company with our information?"
Datacendia deploys on your infrastructure. In on-prem and air-gapped configurations, customer data never enters Datacendia systems—changing the trust model fundamentally. Your security team controls the perimeter, the keys, and the audit logs.
This document maps our software controls to SOC 2 and NIST 800-53 frameworks, demonstrating alignment with enterprise security requirements. For clients requiring formal third-party attestation, we are pursuing SOC 2 Type II certification (see roadmap below).
Datacendia is in the SOC 2 Readiness Phase with control mapping complete. We have engaged a compliance automation partner and are targeting a SOC 2 Type II audit in Q2 2026. In the interim, this Control Mapping serves as our self-attestation of architecture compliance.
SOC 2 - CC Series · Protecting the system against unauthorized access
| Control ID | Requirement | Datacendia Sovereign Implementation |
|---|---|---|
| CC6.1 |
Logical Access Security
Restrict access to authorized users only.
|
Physical Air-Gap & Local Auth: System runs on client-controlled hardware ("Your Metal"). No cloud login portal exists. Access is governed by client's local Active Directory (LDAP/SAML) via the CendiaHelm interface. |
| CC6.7 |
Data Transmission
Protect data during transmission.
|
Optical Diode Protocol: Data ingestion is unidirectional. The Air-Gap Protocol ensures no data exfiltrates to public internet. All internal agent-to-agent traffic occurs over local encrypted memory buses, not HTTP. |
| CC7.1 |
Detection of Anomalies
Monitor for malicious activity.
|
CendiaHealth Drift Detector: Continuous monitoring of agent behavior against baseline logic. RedTeam Module actively probes for hallucinations or logic drift during deliberation. |
| CC8.1 |
Change Management
Authorize changes to software/data.
|
Immutable Model Weights: Core model weights are hash-verified at boot. Any modification to the inference engine triggers a CendiaGuard lockout until re-authorized by an admin key. |
SOC 2 - C Series · How do you keep secrets? (Critical for Banks/Defense)
| Control ID | Requirement | Datacendia Sovereign Implementation |
|---|---|---|
| C1.1 |
Confidentiality of Data
Identify and protect sensitive data.
|
CendiaAnonymizer Cortex: PII is stripped/masked before entering the context window. Shadow Mode Shredder cryptographically deletes temporary deliberation logs (RAM) after the final decision is reached. |
| C1.2 |
Disposal of Data
Securely destroy data when no longer needed.
|
Ephemeral Inference: "Shadow Mode" data exists only in volatile RAM. Upon session termination, the memory space is overwritten. Only the final Decision DNA evidence packet is written to disk. |
SOC 2 - PI Series · Proving your AI isn't just making things up (Critical for Decision Intelligence)
| Control ID | Requirement | Datacendia Sovereign Implementation |
|---|---|---|
| PI1.1 |
Completeness & Accuracy
Ensure processing is valid and complete.
|
CendiaLineage Source Attribution: Every output token is tagged with its source data ID. CendiaChronos allows replay of the exact system state at T-1 to verify the input data matched the decision. |
| PI1.2 |
Error Handling
Detect and manage processing errors.
|
CendiaVeto Governance Gate: A deterministic logic layer (not LLM-based) that blocks any output violating hard-coded risk policies (e.g., "Loan APR > 15%"). |
For Defense & Government Clients
| NIST Control | Requirement | Datacendia Implementation |
|---|---|---|
| AC-3 |
Access Enforcement
|
Sovereign Deployment: Client owns the hardware. Datacendia has zero remote access/backdoor capability. |
| AU-3 |
Content of Audit Records
|
Decision DNA Ledger: Logs user ID, timestamp, agent votes, dissent logs, and final output hash. |
| SC-7 |
Boundary Protection
|
Air-Gap Ready: Architecture supports total physical isolation (SCIF compatible). |
For clients requiring formal legal assurance, we offer the following warranty clause for inclusion in your Master Services Agreement. This provides legal recourse superior to an audit opinion.