Enkrypt AI Policy Engine converts natural-language AI governance policies and regulatory documents (including PDFs) into structured, enforceable controls. The platform ingests policy text or regulation PDFs and generates control candidates with clause-level traceability, linking each control back to source documents with section and page references. The engine provides a control catalog with control IDs, descriptions, owners, scope, and environment details. It creates a control matrix that maps requirements and clauses to enforcement points and evidence. Version history capabilities include approvals, change diffs, rollback functionality, and exception/waiver management. Controls can be reviewed, approved, and published to different environments (development, staging, production). The platform enforces controls across multiple security domains including prompt injection detection, tool misuse prevention, data exfiltration protection, jailbreak detection, policy violations, and PII/PHI/PCI handling. The system integrates with the broader Enkrypt AI platform, connecting to red teaming for test generation, guardrails and MCP Gateway for inline enforcement, monitoring for observing outcomes over time, and compliance for exporting mappings and evidence packages. It supports role-based access control and includes default frameworks such as OWASP, NIST, and EU AI Act. Export capabilities include CSV, JSON, and PDF packages for governance workflows. The platform provides coverage views showing what has been tested through red teaming and what is being enforced through guardrails and gateway components.