Trust & AI Governance

Systems first. Automation second.

Treating AI as a shortcut creates hidden exposure. Without structure, governance, and integration, insights stay fragile. Nahla was built the other way around — the foundation came first, the AI sits on top of it.

3 Top layer · AI
Conversational AI on top.

The AI never invents data, never bypasses validation, never reaches outside its tool list. It reads the foundation and asks the engines — it doesn't compute on its own.

Claude · enterprise zero-retention Tool-use only Visible reasoning Refuses outside scope
▲ ▲ ▲
2 Middle layer · Governance
Deterministic engines + scoped permissions.

Real algorithms run the math. The AI calls them by name with a fixed allowlist of tools, and every call is logged before any change is committed.

CPM DCMA-14 EVM Driving path Tool allowlist Audit log
▲ ▲ ▲
1 Foundation · Data
Typed data model + tenant isolation.

Every entity has a strict schema. Nothing reaches the AI without passing validation. Encrypted at rest and in transit, isolated per tenant, owned by you.

Tasks · Links · Calendars WBS · Resources · Baselines AES-256 + TLS 1.3 Cognito JWT Per-tenant DDB / RDS
Why architecture matters

Floating queries can't run a project.

Project controls aren't a Q&A session — they're a system. Ad-hoc chat answers what the user asked; embedded intelligence answers what the schedule needs.

Floating queries · ad-hoc

The "another chatbot" problem.

Each question stands alone. No memory of the schedule, no version history, no rule enforcement.

P6 import risk forecast?
Schedule logic check?
Milestone impact forecast?
Resource clash status?
Each answer is a guess against partial context. No audit log. No way to apply the fix back to the schedule.
Embedded · structured

Intelligence inside the layers.

Every layer earns its place. The AI reads the foundation through validated tools — never invents data.

1
Persistent datasets
Tasks · links · resources · baselines · history
2
Version control & governance
Revisions · audit log · scoped tool permissions
3
Scheduling logic engine
CPM · DCMA-14 · driving path · EVM · Monte Carlo
4
Embedded project intelligence
AI as the conversational surface — not the substance
Every answer is grounded in the schedule, the engines, and the audit trail. The fix can be applied back, logged, reverted.
AI becomes powerful when embedded into the scheduling layer itself — not bolted on top.
The foundation

The four systems the AI is allowed to operate inside.

We didn't slap AI on a chatbot. We built the data model, the rule engines, the permission boundaries, and the audit trail first — then let the AI work inside them.

01 — Structure

Typed data model

Tasks, links, calendars, resources, baselines — every entity has a strict schema. AI cannot invent fields. Validation runs before any change is committed.

02 — Governance

Scoped tool permissions

The AI has a fixed list of tools (add task, link tasks, run CPM, set progress, …). It cannot delete projects, change billing, or reach outside the schedule. Every tool call is logged.

03 — Integration

Deterministic engines

CPM, DCMA-14, EVM — these are deterministic algorithms, not language-model guesses. The AI asks the engines for results; it doesn't compute them. Numbers are reproducible.

04 — Durability

Audit trail by default

Every AI action is timestamped, logged with the tool used, the data inspected, and the change applied. Export the audit log as CSV for your claim file or compliance review.

🔐
Privacy & Data Rights

Your data is yours. Always.

We don't train AI models on your schedules. We don't sell, share, or repurpose your project data. You can export everything and delete it on demand — including the audit trail.

  • Zero AI training — your XER, MSP, costs, dates, and resource data are never used to train any model.
  • You own your data — full XER / CSV / PDF export at any time. Cancel and walk away with everything.
  • Right to deletion — one click wipes your projects, audit log, AI conversations, and account. GDPR-aligned.
  • No third-party trackers — no Meta pixel, no LinkedIn ads pixel, no advertising cookies on the app.
🧭
Architecture & AI Boundaries

The AI lives inside the rules.

The data model, calculation engines, and tool permissions sit underneath the AI — not the other way around. The AI cannot invent fields, change baselines, or skip validation.

  • Deterministic engines — CPM, DCMA-14, EVM are exact algorithms. The AI asks, doesn't compute.
  • Scoped tool permissions — fixed allowlist. No file system, no billing, no DB.
  • Visible reasoning trace — every action shows tool used, data inspected, change proposed.
  • Refuses outside scope — the boundary is in code, not in a prompt.
✓ Auto-apply:Add predecessors, fix lags
⚠ Suggest only:Resource leveling, CP acceleration
✗ Never:Delete activities, alter baselines
🛡️
Security & Compliance

Built like enterprise.

Built on AWS infrastructure that's already certified to the standards enterprise buyers ask about. Encrypted at rest and in transit. Isolated per tenant. Our model provider runs under enterprise zero-retention.

  • AWS-certified foundation — ISO 27001, SOC 1/2/3, PCI DSS Level 1, HIPAA-eligible, FedRAMP. Annually third-party audited.
  • Encryption everywhere — AES-256 at rest, TLS 1.3 in transit, signed upload URLs.
  • Tenant isolation — Cognito-based auth, JWT-verified API calls, per-request access checks.
  • Zero retention with the model provider — prompts not stored, not logged, not used for training.
  • Data residency — your data is processed and stored in ap-southeast-2 (Sydney) and never leaves the region.
AWS · ISO 27001 · SOC 1/2/3 · PCI DSS
AES-256 at rest · TLS 1.3 in transit
Model provider · zero retention
Cognito JWT · per-tenant isolation
☁️
AWS-hostedtenant-isolated, encrypted
🔒
AES-256 + TLS 1.3encryption at rest & in transit
🚫
Zero AI trainingyour data is never used to train
📜
Export audit logCSV for claim or compliance
50-level undoon every AI action — Ctrl+Z reverts
🛡️
AWS-certified foundationISO 27001 · SOC 1/2/3 · PCI DSS