Clearance
Azure-native AI platform that automates compliance assessments for regulated SMEs.
The Problem
Small and mid-size firms in regulated sectors face dense security frameworks (membership schemes, maturity-level controls) that normally require expensive manual consulting to interpret and evidence. The work is slow, repetitive, and error-prone.
What I Built
An ingestion-and-assessment pipeline. Documents are parsed with Azure AI Document Intelligence, indexed for retrieval, and assessed against control frameworks by an agentic GPT-4o workflow that maps evidence to requirements and flags gaps. FastAPI services run on Azure Functions; tenant data and assessment state live in Cosmos DB.
Architecture diagram placeholder
Replace with real architecture diagram
Key Engineering Decisions
- Serverless-first on Azure Functions for cost at low/variable load
- Cosmos DB for multi-tenant isolation and flexible document schemas
- Retrieval-augmented assessment so the model reasons over the firm's own evidence rather than hallucinating compliance claims
- Agentic decomposition of each control into retrieve → evaluate → cite steps for auditability
Note: Built around Australian defence-industry security frameworks (DISP, ASD Essential Eight) as the initial regulated domain; the architecture is sector-agnostic.