Reporting (internal and customer-facing)
Governance earns trust only when its outputs are visible. Bizzi publishes four tiers of internal reports and a quarterly Transparency Report to Enterprise customers. Each report follows a fixed template on a fixed cadence. The Transparency Report is the single document the market uses to judge whether our governance commitments are real.
Context
Section titled “Context”A report nobody reads is a control nobody runs. We split internal reporting into four tiers so each audience sees only what is actionable for them. We publish a customer-facing report on a quarterly schedule so the commitment shows up the same way every quarter. Not only when something goes wrong.
Internal reporting
Section titled “Internal reporting”Four tiers, each with a fixed audience and cadence:
| Tier | Cadence | Audience | Contents |
|---|---|---|---|
| Squad weekly | Weekly | Squad lead, Steward | Squad-level KPIs, drift, top errors, action items |
| CoE monthly | Monthly | CoE Lead, all Stewards | Cross-squad trends, vendor performance, evaluation results |
| Compliance quarterly | Quarterly | DPO, Legal, CPTO | DPIA log, vendor risk, compliance status, incident summary |
| Board quarterly | Quarterly | AI Governance Board | Strategic KPIs, top risks, BAGF compliance, customer feedback |
Each report uses a standard template and is retained in the internal document repository for at least 5 years.
Customer Transparency Report. Quarterly
Section titled “Customer Transparency Report. Quarterly”This is our public-facing transparency commitment to Enterprise customers, including those in regulated industries. Published 30 days after each quarter closes.
Standard contents:
- Executive summary. One page on the quarter’s major movements.
- KPI dashboard. STP rate, extraction accuracy, hallucination rate, cost per transaction, uptime. At the platform level and per-tenant for major customers (anonymized).
- Model and data changes. Which models were retrained or released. Which datasets were added or removed.
- Incident summary. SEV1 and SEV2 incidents in the quarter (detail only for incidents affecting the reading tenant). Each entry: severity, duration, root-cause summary, action taken.
- Vendor changes. LLM vendor changes, sub-processor list updates.
- Regulatory updates. Changes in Decree 13, the EU AI Act, ISO 42001, and our response to each.
- Audit and red-team summary. Quarterly red-team results (severity counts, no exploit details).
- Upcoming changes. Preview of next-quarter changes affecting customers.
Annual report
Section titled “Annual report”The annual report adds:
- Results of the independent third-party audit.
- The next-year BAGF roadmap.
- A reflection. What worked, what did not, what surprised us.
Recipients
Section titled “Recipients”- Enterprise customers with an active contract. Automatic delivery via the report subscription channel.
- Strategic partners. By separate agreement.
- Public. Six months after release, selected sections of the annual report are published at
bagf.bizzi.vn(summary only, no customer-specific data).