Scy is an AI-powered GRC (Governance, Risk, and Compliance) agent developed by Scytale, designed to automate and streamline compliance workflows. It operates within the Scytale platform and assists compliance teams by handling routine GRC tasks, enabling human experts to focus on strategic review and decision-making. Key capabilities include: - AI Security Questionnaire: Auto-fills answers to security questionnaires and RFPs using existing data stored in the Scytale platform, accelerating client due diligence processes. - AI Policy Generator (upcoming): Automatically generates security policies, maps them to controls, and monitors them continuously for operational gaps across compliance frameworks. - AI Remediation: Provides instant mitigation steps when compliance vulnerabilities or control gaps are identified, reducing the back-and-forth typically involved in issue resolution. - AI Evidence Reviewer: Automatically reviews audit evidence for completeness and accuracy, reducing manual effort by up to 90% to help organizations reach audit-readiness faster. Scy also supports AI governance compliance by integrating AI-specific risk management and cross-mapped controls from existing frameworks. It covers AI-focused regulatory standards including the EU AI Act, ISO 42001, and the NIST AI Risk Management Framework. The platform is described as "automation-first" with expanding API capabilities and a vision for Model Context Protocol (MCP) support, enabling continuous compliance with key security and AI governance standards.