Your on-demand risk officer.
Give every employee a risk expert. Extend your risk team across the whole organisation, at scale. Huginn runs the assessment – enterprise, technology & security, AI governance, compliance, third-party & supply chain – based on your frameworks and policies, and returns an audit-ready report for your team to review.
WHO IT'S FOR
Who needs Huginn?
01 · IN-HOUSE
A risk officer in a company accelerating AI adoption.
The board wants AI everywhere. Your function wasn't built for it. How do you close the gap?
THE SHIFT
Lead the shift.
The function goes AI-native through how it delivers, not who it hires. You stay the accountable human. Agents take the lift.
HUGINN
Skills, tools, and the knowledge base behind them
Huginn is a service desk for risk work. Three layers do the job: skills are the governed tasks your teams request, tools are the machinery that delivers them, and the knowledge base grounds everything in your taxonomy and policies.
.jpg)
SKILLS
What your teams request
KNOWLEDGE BASE
Your policies, methodology, and risk language
.jpg)
TOOLS
How Huginn does the work
uses
draws from
uses
draws from
SKILLS
Repeatable risk tasks, on demand
Five risk domains. Start with one skill, scale by adding more.
Enterprise risks
Operational and enterprise risk across the business.
.png)
Compliance risks
Compliance and counterparty due diligence.
Technology & security
Technology, security and threat management.
Third party & supply chain
Third-party and supply-chain risk.
AI Governance
AI and model risk, governed end to end.
.png)
Reports, registers & review
Editable outputs with full lineage to evidence.
.jpg)
Control mapping & gap analysis
Cross-framework alignment. Overlaps and gaps surfaced.
.jpg)
Threat modelling & risk analysis
Threat models, scoring, scenario building.
.jpg)
Policy ingestion & guardrails
Policies, standards, and your taxonomy ingested as guardrails.
TOOLS
The reasoning machinery
What skills are built from.
Audit evidence
Versioned, cited, retrievable when someone asks.
Policies & standards
Linked to the controls they enforce.
Framework library
NIST, ISO 27001, COBIT, CIS, SOC 2, EU AI Act, custom.
Risk universe – taxonomy & registers
Your taxonomy, registers and scoring – in your language.
KNOWLEDGE BASE
Your organisation's governance framework
What Huginn reasons over.
.png)
HOW IT WORKS
Pick. Brief. Assess. Report. Review.
Every skill runs the same ISO 31000-grounded process – usually start to finish in a single sitting.
01 · PICK A SKILL
Start with the right skill
Choose the skill for the job – enterprise, technology & security, AI governance, compliance, or third-party & supply chain. Each one is customisable to the way your team works.
.jpg)
02 · BRIEF
Frame the work
Point Huginn at the use case and set the scope and terms. Five minutes – then it takes over.
03 · ASSESS
It does the legwork
Discovery, scoring, controls, residual risk – across every risk area, supervised or autonomous.
04 · REPORT & FINE-TUNE
Shape the output
A structured, editable report. Adjust the scoring, refine the findings, and tighten the language until it reads the way you would write it.
05 · REVIEW & APPROVAL
Human oversight
Audit-ready and fully traceable. Approve, comment, and put a name behind the work.
Add skills
Scale by adding more skills from the library as you grow. Pay per skill.
Hire a Guardian
REVIEWS
If you don't have a risk team, I can review and help your team deliver an audit ready, compliant assessment.
CUSTOM SKILLS & KNOWLEDGE BASES
I build new skills and knowledge bases around your methodology together with your team.
ENGAGE
Start free, pay as you grow.
Free
A single skill, fully customisable, run yourself. Enough if you only need one.
* You need an OpenAI/Claude API key
THE STORY
huginn
/ˈhuː.ɡɪn/
noun · Old Norse
Odin's raven of thought – it ranges over the whole world by day and comes back to whisper what it learned in his ear.
That's where the name comes from. I wanted a risk officer that works the same way – ranging across the organisation, doing the legwork, and coming back with what matters for a person to weigh.
I'm Avishay. I built Huginn after twenty years in risk – assessments, security programmes, internal audit. The pattern I kept seeing: senior people who understand the work are stretched thin, and the output gets worse the further it travels from the person who knows what good looks like.
Agents change that. Not by replacing judgement – that still belongs to someone who's done the work. By absorbing the lift around it: evidence, structure, scoring, framework mapping. The work agents are now genuinely good at.
Today I'm the one Guardian. The role is open. If risk work, AI-native, is what you want to do – let's talk.
— Avishay
FAQ
Common questions
Guardians works with CROs, CISOs, CAOs, and CIOs who need high-quality governance work without scaling headcount at the same pace as demand. We also offer Huginn for Builders – a lighter path for smaller firms and solopreneurs building with AI who need governance without an in-house risk team.
Huginn is our agentic risk operations platform. It has three layers: skills (the risk tasks your teams use), tools (the processing and reasoning behind them), and a knowledge base (frameworks, taxonomies, and risk registers). Guardians configures all three layers for your organisation.
General-purpose AI can help with many tasks. Governance work is different – it requires the right taxonomy, methodology, controls, and review process to produce output that risk, audit, and regulators can rely on. Huginn is purpose-built for that.
Huginn is the full platform – your risk team configures the skills, tools, and knowledge base. Huginn for Builders is a pre-configured offering with Guardians' AI risk knowledge base already loaded, designed for teams building with AI who need risk assessment without a full governance setup.
Yes. Teams work with Huginn directly and receive output in real time. When an assessment is ready, it goes to whoever owns the review – your risk function, audit team, or Guardians' experts.
That's exactly what Huginn for Builders is designed for. It comes with Guardians' pre-loaded knowledge base and includes expert review as part of the operating model – so you get quality governance without in-house specialists.
Huginn processes data within Guardians' secure environment. We work with your security team to define data handling requirements before deployment. Customer cloud deployment for full data control is on the roadmap.
ISO 27001, ISO 27005, ISO 31000, ISO 42001, NIST SP 800-*, NIST AI RMF, NIS2, DORA, EU AI Act, SOC 2, COBIT, COSO, ITIL, HIPAA, PCI DSS, and the MIT AI Risk Database. Huginn is configured to your specific framework requirements.
Traditional tools help specialists document work. Huginn helps teams do the work and gives governance functions structured, reviewable output without forcing everyone into specialist workflows.
No. The goal is not to generate more paperwork. The goal is to make governance time produce output that reduces risk, improves decisions, and stands up to review.
As AI becomes part of core operations, governance needs to become part of the operating model too. Guardians builds governed agents that help organisations scale AI adoption without leaving governance behind.
Guardians works across all lines of defence. We partner with your CRO, CISO, and CAO to define standards and review criteria, and with your CIO and tech leaders to deploy Huginn where the work happens.
