MENUCLOSE
Product · Prove
A committee-ready record for every AI actor.
Tallin governs AI use by humans, apps, and agents, then proves it. The board pack is a coverage-aware, sourced, signable artifact with a per-actor AI Agent Review: owner, approved model scope, budget, policy state, and findings. The same PDF goes to your board, your auditor, the customer security team, and the platform owner asking who their agents answer to.
Why this matters
Autonomous agents are arriving. Most teams can’t answer for them.
Gartner projects 150,000+ AI agents per Fortune 500 by 2028, yet only 13% of teams feel adequately governed. These are agents that spend and act unattended. The board pack is a single, versioned, signable document, generated from Tallin’s live ledger and labeled with the same observed / inferred / enforced / not covered taxonomy that powers the rest of the product. The auditor can verify every number against the underlying source. The CISO can hand it to the customer security team without preparing a separate brief.
What’s in it
Seven sections. Every claim sourced.
A single page covering total AI spend this period across humans, apps, and agents, the sanctioned versus unsanctioned share, the top three risks, and the trend that matters. It's written to be read in two minutes by a non-technical reader.
A per-actor record for every AI actor (human, app, or agent) routed through Tallin: owner, approved model scope, budget and cutoff, policy state, kill-switch status, and open findings. The roster a committee can actually sign off on.
What percentage of your AI usage Tallin can directly observe vs. what it infers vs. what’s enforced through controls vs. where you’re still exposed. Not Covered explicitly includes direct provider calls made outside Tallin and tool / MCP execution side effects. Auditors trust this section more than any other, because it tells them what you don’t know, not just what you do.
For every rule in your AI policy: what it requires, how Tallin is enforcing it on routed traffic, and where the gaps are. Includes shadow mode simulation for proposed controls: what would change if you turned this on next quarter, before it touches live actors.
Provider, model, actor, team, tokens, cost, timestamp, source confidence, coverage state, all in one table. The line items that show up in finance reconciliations match the line items that show up here.
Material events in the period: data-exposure flags, runaway agent spend, sanctioned-policy violations, off-network usage, and actors that were disabled. Each carries a confidence label, a source, and a link to the underlying audit trail.
Usage, cost, coverage, and enforcement, tracked as they grow. It's the same chart your CFO already gets for cloud spend, applied to AI across every actor.
Where it gets used
The same pack works for five different audiences.
The board pack isn’t a marketing deck. It’s a working document that replaces the bespoke decks, screenshots, and spreadsheet exports security and platform teams normally generate from scratch for every audit cycle.
Quarterly AI governance update. Show every AI actor has an owner, a budget, and a policy: the controls are real, coverage is growing, and risks are managed, not just enumerated.
AI controls evidence. Same artifact, exportable as PDF, with every claim sourced and timestamped.
Attach to DDQ responses or share under NDA. Saves three rounds of follow-up questions.
Account for every agent and app spending against the AI bill (owner, model scope, budget, and findings) without chasing teams for a spreadsheet.
AI-usage attestations for sponsor banks, BSA/AML examiners, and other regulated relationships.
How it’s produced
It's generated from your live ledger as a signable PDF.
Tallin connects to your providers, identity, and expense systems on day one, and attributes the AI it routes to an owning actor. The board pack is generated from that live ledger, not a static export. When you onboard a new agent, connect a new provider, or close a coverage gap, the next version automatically reflects it, with no re-templating or copy-paste.
Provider admin APIs (OpenAI, Anthropic, Microsoft, Google), identity (Okta, Microsoft Entra), expense (Brex, Ramp, CSV), gateway, and CASB/network logs.
Tallin ties each row to an owning actor and tags it with its source and confidence. The board pack inherits those labels. Nothing in the PDF is more certain than the underlying signal.
One-click PDF, versioned, with the issuing user and timestamp on the cover. Re-run any time. Last week’s artifact stays intact.
Know who every AI actor answers to.
Connect your first provider signal, route an actor through Tallin, and generate a board pack with its AI Agent Review. Then put it in front of your CISO, your auditor, and the VP Eng whose agents it covers to see whether they'd accept it.