Controlled architecture. No ungoverned agents.
Business units want AI. IT and governance must ensure that data, roles, permissions, integrations, approvals and audit trails remain under control.
UNOY OS brings AI into controlled workflows: with roles, API, SSO, Build/Staging/Production, audit trail, EU data residency and defined model usage. Instead of ungoverned agent islands, an auditable operating architecture.
Environments
Build / Staging / Production
Audit-Trail
Per run
"Business units want to deploy AI, but we need controlled architecture rather than ungoverned agents."
§ 03 · What UNOY delivers
UNOY OS maintains governance across all four suites.
Six matter types, each as a controlled workflow with rules, AI, knowledge and approvals.
Entry gate · every new AI matter passes through here
01
New matter in governance
New matter in governance.
Business unit submits AI initiative → risk rating, vendor due diligence and data classification → entry in AI usage inventory with approval, monitoring and escalation path.
02
Roles & Permissions
Roles & Permissions.
Employee identity → mapped to Owner / Editor / Viewer / User → access per workflow, table and field set at granular level.
03
SSO & Identity
SSO & Identity.
Existing identity provider (Keycloak, WKIS-SSO, Microsoft Entra) → authentication with context (role, department) → pre-filled workflow start without login friction.
04
API & Integrationen
API & Integrations.
Existing systems (M365, Google Workspace, S3, ERP) → OAuth2 or webhooks, REST or GraphQL → data flows in both directions, no shadow databases.
05
Build / Staging / Production
Build / Staging / Production.
Workflow draft in Build → testing in Staging against real master data → go-live with rollback one click away.
06
Audit trail in every run
Audit trail in every run.
Workflow trigger → complete record (intake, skill version, model, output, actor) → tamper-proof storage for internal and external audits.
Proof · Knowledge Base
Knowledge Base as technical proof
The UNOY OS Knowledge Base documents all building blocks: platform, databases, workflows, nodes, workflow AI agent, skills and know-why, COIA function calling, email dispatch, API, sharing visibility, WKIS, roles and operating modes. For builders, admins and technical reviewers.
21
documented building blocks
EU
data hosting
GDPR + ISO 27001 + 42001
Compliance
§ 05 · Three paths
Supervised Delivery. Co-Build. Self.
Three parallel paths. Start with one and switch later.
Modell 01 · Delivery
You hand over matters
Supervised Delivery.
You hand over matters, UNOY delivers the result. Live immediately. Billed per matter or package. Professional accountability via delivery partners or your own experts.
Modell 02 · Co-Build
Workshop · Day 1
UNOY + your team
First productive workflow
Co-Build.
UNOY builds with your team. First productive workflow in 4 to 8 weeks. Knowledge transfer and later hand-over are possible.
Modell 03 · Self
Build-Workspace
Self-operate.
Your team builds workflows independently. For teams with in-house expertise. UNOY OS provides the platform, you provide the logic.
§ 06 · Operational Governance
AI governance that demonstrably runs.
Inventory, risks, approvals, monitoring, audit: all as a live process, not a policy PDF. You show supervisors, boards and auditors not "we have a policy" but the status per matter, per role, per day.
01 · AI Usage Inventory
Which matters run through UNOY OS, which models, which data sources, which business units. List exportable per quarter.
02 · Risk Ratings
A risk assessment per matter: data categories, scope of affected parties, impact on failure. Aligned with ISO/IEC 42001 and EU AI Act risk classes.
03 · Vendor Due Diligence
Sub-processor list, AI provider mapping, data residency, certificates. Current, exportable, with versioning.
04 · Approvals & Monitoring
Who approved which matter, under what conditions, and in what state. Monitoring dashboard with status per workflow.
Legacy System Integration
Identity & Access
Azure AD, Okta, SAML, OIDC, SCIM
Mail & Office
Outlook, MS 365, Exchange, S/MIME
DMS & CLM
SharePoint, iManage, DocuSign
SIEM & Logs
Splunk, Datadog, Sentinel, Audit-Export
Certificates: ISO 27001 · SOC 2 Type II · ISO/IEC 42001 (AI Management). EU data residency, no transfers to third countries without explicit approval.
§ 07 · Continue reading
What to read next.
Four further pages, tailored to your perspective.
§ 08 · Next step
Which architecture question should we answer first?
EU data residency, DPA, sub-processors, roles, API, audit trail. Bring your checklist and we will go through it together.
Supervised Delivery · Co-Build · Self