Enterprise · Trust Center

Audit-grade by default.
Procurement-ready by design.

Every case signed. Every write-back logged. Every number traceable to the SQL, the model card, and the named approver. The loop survives your security review because it was built for it.

Start a 90-day pilot Request docs →
01
The Audit-Grade Promise

Every case is signed.
Every write-back is attributable.

Audit-ready by construction. Every step on every case carries a signature: the detection that opened it, the cause attribution that named the root, the play that fired, the system-of-record write-back that landed, and the human who approved it. The audit log streams to your SIEM in JSONL the moment events occur. Reproduce any conclusion in one click.

Sign
Every case has an owner, a deadline, and a signed approver
Reads are read-only. Writes gate on a named human in a role you defined.
Log
SIEM-grade audit stream
JSONL events shipped to Splunk, Datadog, or your SIEM of choice. Tamper-evident.
Attribute
SQL, source tables, model card on every number
Click a forecast, a margin call, a shrink flag. Re-derive it from source. The forensics already shipped.
Reverse
One-click rollback on any policy or play change
Charters and policies live in your repo. Versioned, peer-reviewed, signed.
02
Security & Compliance

The short list, on the table.
Before you sign.

Control
Status
Detail
SOC 2 Type II
In progress
Letter from auditor available under NDA. Type I issued.
ISO 27001
On the roadmap
Targeting certification within 12 months of SOC 2 II issuance.
GDPR / CCPA
Ready
DPA, DPIA template, sub-processor list current. EU representative engaged.
Data residency
Ready
US, EU, JP regions. Region-scoped policy enforced via Cedar.
Customer-managed keys
Ready
KMS or HSM-backed envelope encryption. Ward never sees the key material.
SSO / SAML 2.0
Ready
Okta, Azure AD, Google Workspace, Ping. Day-one provisioning.
SCIM
Ready
Automatic user provisioning and deprovisioning.
RBAC
Ready
Role-scoped via Cedar policy. Least-privilege, machine-enforced.
Cyber & tech E&O insurance
On file
AI rider included. COI to procurement in one business day.
Sub-processor list
Published
Notified at least 30 days before any change. Right to object preserved.
03
Deployment Options

Pick the boundary that survives
your security review.

Tier 1
Multi-tenant SaaS

Fastest path to first case. Region-scoped, customer-managed keys, full audit stream to your SIEM.

  • Time to first case · 48 hours
  • Data residency · US / EU / JP
  • Tenant isolation · Cedar-enforced
Tier 2
Customer VPC

Single-tenant in your AWS or Azure account. Your network, your IAM, your CMK. We deploy via PrivateLink and Terraform.

  • Time to first case · 2 weeks
  • Network · PrivateLink, no public ingress
  • Identity · your IAM, your role assumption
Tier 3
On-prem connector

For F500 deployments where data cannot leave the perimeter. Connector runs in your DC; control plane never sees raw data.

  • Time to first case · 4–8 weeks
  • Data egress · forecasts and metadata only
  • Compatible with air-gapped tiers
04
Integrations Directory

Tiered, on the page,
before procurement asks.

The directory tells you which connectors are native (we own the contract), which are write-back (we mutate state with a named approver), and which are read-only (we read but never write). No surprises in week six.

Tier 1 · Native
We own the contract. Reads, writes, and audit-log delivery handled in-house.
Manhattan Active Omni Blue Yonder SAP Retail (S/4HANA, MM, CAR) Oracle Retail (RMS, ROFO) Relex Snowflake Databricks
Tier 2 · Write-back
Approved write paths. Every mutation gates on a named human and lands in the audit log.
Coupa SAP Ariba JDA / BlueSpace Pricing engines (Revionics, dunnhumby) Promo engines (IBM Promo, in-house) NetSuite Workday (HR / labor)
Tier 3 · Read-only
Federated reads. Data stays put; Ward never mutates these sources.
NielsenIQ Circana (formerly IRI) BigQuery Redshift Power BI / Tableau / Looker Salesforce Commerce Cloud Shopify Plus
05
90-Day Pilot Program

Pre-agreed metrics.
Pre-agreed plays.
Pre-agreed close criteria.

No "value" debate at month four. The pilot is structured around three plays you pick from the catalog, the KPIs they're supposed to move, and the threshold each KPI has to clear for the pilot to count as a win.

Weeks 1–2
Connect & baseline

Read-only connections to your POS, WMS, ERP. Per-store baselines fit. First detect-stage signals on the page.

Weeks 3–6
Run plays in shadow

Plays open cases; recommendations land in the audit log; no write-backs yet. You compare to what your team would have done.

Weeks 7–10
Turn on write-backs

First two plays go live with approver gating. Cases close against the SOR. KPI deltas accumulate against the baseline.

Weeks 11–12
Score & decide

Outcome readout against pre-agreed thresholds. If KPIs cleared, you sign the MSA. If not, we walk.

06
Documents

On the table before you sign.

Master Services Agreement (MSA)
Plain English. Redlines accepted.
Request access →
Data Processing Addendum (DPA)
GDPR Art. 28 compliant. SCCs included.
Request access →
Security Questionnaire
Pre-answered. CAIQ Lite + custom rows.
Request access →
Sub-processor list
Current. 30-day change notice.
View →
SOC 2 Type II letter
Available under NDA.
Request access →
Reference architecture
Per deployment tier. Diagrams + Terraform.
Request access →
Certificate of Insurance
Cyber + tech E&O with AI rider.
Request →
DPIA template
Pre-filled for the standard deployment.
Request access →

Your security review starts here.

Architecture, MSA, DPA, SOC 2 letter, COI. On the table before you sign.

Get a demo
Get started

Find out what your data has been hiding.

Tell us about your operation. We’ll show you the problems Ward catches — and the ones your current tools miss.

Step 1 of 3
What are your goals?
Step 2 of 3
About your operation
Step 3 of 3
Your contact info