Big Cranium Logo White.png
TrainingHelp Center
Find the insights and best practices about our product.
General
FAQs
System & Network Requirements
Getting Started
My AI Dashboard Overview
Release Notes
2026.4.2 Release Notes
2026.4.1 Release Notes
2026.3.1 Release Notes
2026.2.2 Release Notes
2026.2.1 Release Notes
2026.1.1 Release Notes
2025.12.1 Release Notes
2025.11.1 Release Notes
2025.10.3 Release Notes
2025.10.1 Release Notes
2025.9.1 Release Notes
2025.8.1 Release Notes
2025.7.1 Release Notes
2025.4.1 Release Notes
2025.3.1 Release Notes
2025.1.1 Release Notes
2024.12.1 Release Notes
AI Manager
My AI Systems
My AI Systems Overview
AI System Details Overview
Adding a New AI System
Self-Attesting to a Compliance Framework
Compliance Scoring
Compliance Agent [Beta]
My AI Supply Chain
Supply Chain Overview
Managing Outgoing AI Card Requests
Responding to an AI Card Request
Publishing an AI Card Without a Request
My Vendors Overview
Artifacts
Bill of Materials
Bill of Materials Overview
Creating a Bill of Materials with CodeSensor
Self-Attest to a Bill of Materials
AgentSensor Overview
Technology Search Overview
Document Library
Document Library Overview
Vulnerability Management
Arena Shield
Arena Shield Overview
Shield YAML Implementation Guide
Arena
AI Arena Overview
Vulnerability Assessment
Vulnerability Management
Vulnerability Assessment Overview
Accessing a Vulnerability Assessment
Adversarial Inputs Detector
Vulnerabilities Overview
Settings
User Manager Overview
Detect AI
Integrations
Accessing a Private VCS
Registering SSH for CodeSensor
Integrating Bitbucket with Cranium
Integrating GitHub with Cranium
Integrating GitLab with Cranium
Integrating Azure DevOps with Cranium
Continuous Monitoring Overview
VCS Service Rate Limits
CloudSensor
CloudSensor Overview
Public API
Public API Overview
Authentication & Generating Credentials
Pagination & Incremental Sync
Rate Limits & Error Handling
Endpoint Reference
Bills of Materials
Technology Vulnerabilities
Arena Models
Arena Model Vulnerabilities
Home
AI Manager
My AI Systems
Compliance Agent [Be...
Compliance Agent [Beta]

Introduction

Compliance Agent [Beta] generates responses to compliance questions using your organization's documentation. By grounding answers in your own source materials, it reduces the time spent drafting, improves consistency across assessments, and helps teams move faster from evidence gathering to completed responses.

Compliance Agent [Beta] is enabled for all customers and vendors. It is being introduced in an initial beta and will be refined over time. For current scope and content requirements, see Limitations (Beta).

Preconditions

  • Use a new, eligible assessment. Work in a new NIST AI RMF Starter Pack v2 Compliance Framework created after the release date. Frameworks that already exist, whether in-progress or completed, are not eligible for Compliance Agent [Beta].
  • Source documents. Compliance Agent uses PDFs only. To be available to the feature, PDFs must be uploaded after the release date (historical documents aren't embedded in the first release). The quality and completeness of your uploaded documentation directly affect the quality of Compliance Agent responses.
  • PDF requirements. Upload unprotected PDFs. Compliance Agent reads text only; content that exists only in images, scans, or diagrams inside a PDF isn't used. Password-protected PDFs aren't embedded, even if they upload successfully.
  • Library limits. Existing Document Library file size limits (20MB) continue to apply.
  • Avoid duplicates. Don't include the same content under different filenames; duplicate content can limit results.

Entry Points

Compliance Agent [Beta] is available when working inside a NIST AI RMF Starter Pack v2 Compliance Framework. After you select your reference documents for the framework, two entry points become available:

Framework Level - Answer All Questions

Use Answer All Using Compliance Agent to generate responses across the entire framework.

Single Question - Answer One Question

Below a question's response field, use the Use Compliance Agent to Generate Response button to generate a response for that specific question.

 

These options appear after reference documents have been selected for the framework.

Quick Start

1. Upload Documents

Add at least two to three unprotected PDFs you want Compliance Agent [Beta] to reference. Only newly uploaded PDFs are eligible.

2. Create Framework

Add a new NIST AI RMF Starter Pack v2 Compliance Framework to your AI System.

3. Select Reference Documents

Open the framework and choose the PDFs you uploaded and finalize your selection.

4. Run Compliance Agent

Use “Answer All Using Compliance Agent” to generate responses across the framework, or “Use Compliance Agent to Generate Response” for individual questions.

5. Review Responses

Generated answers appear in the framework with citations to you selected documents.

Instructions

Select Reference Documents

1. Open a new NIST AI RMF Starter Pack v2 Compliance Framework in your AI System.

2. In the framework, open the Compliance Agent Documents dropdown.

3. Select the relevant documents you want Compliance Agent to use.

4. Click Finalize Selection and click Confirm and Continue to Form in the pop-up. 

Answer All Using Compliance Agent

1. With your reference documents selected, click Answer All Using Compliance Agent at the bottom of the framework. 

2. Compliance Agent will generate responses in 5-question batches across the entire framework.

3. Stay on the page until all responses are complete.

Answer Single Questions Using Compliance Agent

1. Navigate to the specific question you want to answer.

2. Below the input field, click Use Compliance Agent to Generate Response.

3. Compliance Agent will generate a response for that question only.

Limitations (Beta)

Document Embedding

  • Only newly uploaded documents are embedded; historical documents are not processed in this first release.
  • Only PDFs are supported. Compliance Agent reads text only; images, diagrams, or scanned content in PDFs are not used.
  • Password-protected PDFs are not embedded, even if they upload successfully.
  • Existing document library file size limits (20MB) still apply.

Compliance Agent [Beta]

  • Compliance Agent is not available for existing NIST AI RMF Starter Pack v2 frameworks that are already in progress or completed.
  • To use Compliance Agent, you must either delete your current NIST AI RMF Starter Pack v2 and then add a new NIST AI RMF Starter Pack v2 to start from scratch, or create a new AI System, add the NIST AI RMF Starter Pack v2, and open the framework from there.
  • You should avoid uploading duplicate documents (the same content with different filenames), because duplicates can limit results.
  • Compliance Agent takes approximately two minutes to generate each response, and running it across an entire framework will take longer.

These constraints apply during the beta release and will be refined over time.

Did this answer your question?
Related Articles
Self-Attesting to a Compliance Framework
Compliance Scoring
AI System Details Overview