What compliance certifications does Respan hold?

Respan is SOC 2 Type II certified with annual audits and third-party penetration testing. We offer HIPAA compliance with Business Associate Agreements for healthcare organizations. We are ISO 27001 aligned and GDPR ready.

Can I deploy Respan in my own cloud?

Yes. Enterprise customers can deploy Respan in their own AWS, GCP, or Azure environment, or in a dedicated VPC. This gives full control over data residency, network isolation, and encryption keys.

How does role-based access control work?

Respan supports fine-grained RBAC with roles at the organization, team, and project level. Permissions control who can view logs, run evals, edit prompts, manage billing, and administer users — configurable per team and environment.

What does dedicated support include?

A named customer success engineer, private Slack channel with engineering access, custom onboarding, and SLA-backed response times. Enterprise support includes proactive monitoring and quarterly business reviews.

Is there volume pricing?

Yes. Enterprise pricing is based on usage volume with committed-use discounts. Contact sales for a custom quote based on your expected log volume and feature requirements.

Can I get a security review package for procurement?

Yes. We provide a pre-built package including SOC 2 Type II report, penetration test summary, data processing agreement, architecture diagrams, and answers to SIG, CAIQ, and VSA questionnaires.

How does data residency work?

You choose where data is stored: US, EU, or your own cloud environment. For on-premises and VPC deployments, no data leaves your network. Encryption keys can be customer-managed.

Can I enforce approval workflows for prompt changes?

Yes. On enterprise plans, you can require a second reviewer to approve prompt changes before they go live in production. Changes are staged and only promoted after approval.

How do I monitor AI usage across multiple teams?

The enterprise dashboard provides organization-wide visibility into usage, cost, quality, and errors — broken down by team, project, model, and environment. Set budgets and alerts per team.

What's the onboarding process?

Typically: security review (1-2 weeks), SSO setup (1 day), pilot team integration (1 week), then phased rollout. Your dedicated CSE manages the process end-to-end.

Solutions

Respan for Enterprise

Govern, monitor, and improve AI at scale — with the security, compliance, and access controls your organization requires. SOC 2 Type II, HIPAA, SSO, and dedicated support.

Talk to sales View security docs

Proven at scale

SOC 2 Type II certified. HIPAA compliant. ISO 27001. GDPR ready.

What you get

Everything in Respan, plus the security, governance, and support features that enterprise organizations require.

SOC 2 Type II certified

Annual audit and penetration testing. Pre-built security review package for procurement: SOC 2 report, pen test summary, architecture diagrams, and questionnaire responses.

HIPAA compliance with BAA

Business Associate Agreement available for healthcare organizations. PHI handling controls, encryption at rest and in transit, audit logging.

SSO and identity management

SAML-based SSO with your identity provider. Automatic provisioning and deprovisioning. Enforce login policies centrally.

Role-based access control

Fine-grained permissions at the organization, team, and project level. Control who views logs, edits prompts, runs evals, and manages billing.

Audit logging

Every user action, API call, and configuration change is logged with timestamp, actor, and details. Export audit logs for compliance review.

Data residency options

Deploy in your AWS, GCP, or Azure environment. On-premises and VPC deployment available. Full control over where data is stored and processed.

Dedicated support

Named customer success engineer. Private Slack channel with direct engineering access. SLA-backed response times for production issues.

Custom SLAs and contracts

99.99% uptime guarantee. Custom data retention policies. Flexible payment terms and committed-use volume pricing.

How enterprise teams use Respan

Security & compliance

→Pass procurement security reviews with pre-built documentation
→Enforce SSO and RBAC across all AI teams
→Audit every action for regulatory compliance
→Control data residency for sensitive workloads

Governance at scale

→Centralize visibility into AI usage across all teams
→Set cost budgets and alerts per team and project
→Enforce prompt review workflows before production deployment
→Track and report on AI quality SLAs for enterprise customers

Enterprise deployment

→Deploy Respan in your VPC for maximum data control
→Integrate with your existing identity provider and monitoring stack
→Connect to enterprise data pipelines (S3, BigQuery, Snowflake)
→Scale from pilot team to organization-wide rollout

How enterprise onboarding works

From security review to organization-wide rollout. Your dedicated CSE manages the process.

Security review

Share the pre-built security package with procurement. We respond to questionnaires within 24 hours.

→ Procurement approval

SSO and access setup

Connect your identity provider. Define roles and permissions for each team and project.

→ Secure, policy-compliant access

Pilot team onboarding

Start with one team. Add the SDK, verify logging, and configure evals and alerts.

→ Working integration with real data

Organization rollout

Onboard additional teams. Set per-team budgets, quality thresholds, and governance policies.

→ Centralized AI governance

Ongoing governance

Monitor usage, quality, and cost across all teams. Audit actions. Report to leadership.

→ Continuous compliance and visibility

By the numbers

SOC 2

Type II certified

99.99%

uptime SLA available

HIPAA

compliant with BAA

24h

security questionnaire response

Frequently asked questions

Explore more

Tracing →Evaluations →AI Gateway →Prompt optimization →For AI Teams →

Ready to govern AI at scale?

Talk to our enterprise team about security, compliance, and deployment options.