Enterprise RAG you actually own.
Multi-tenant. On-prem. Audit-grade.
Your data. Your inference. Your audit trail. The enterprise RAG platform built for organizations that won't ship to OpenAI.
Why this exists
Generative Artificial Intelligence's most useful applications — answering questions about your corpus, drafting from your records, summarizing across your documents — require sending content to a model. The dominant pattern is to send it to a third-party Application Programming Interface (API) operated by someone you do not have a Business Associate Agreement (BAA) with, in a jurisdiction you may not control, on infrastructure you cannot inspect.
For most teams that is fine. For the teams who buy Citorum it is not. They run under Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), the Federal Risk and Authorization Management Program (FedRAMP), the Payment Card Industry Data Security Standard (PCI DSS), the European Union's General Data Protection Regulation (GDPR), and state data-protection laws — regimes that do not permit shipping their customers' material non-public information (MNPI) to a third-party API and hoping for the best.
Citorum was built for those teams. The corpus stays inside the environment you control. Inference runs on hardware you control. Every answer is scored for faithfulness against its sources before it returns to the user. Every retrieval, prompt, response, and confidence score is logged with chain-of-custody metadata. See the architecture →
Where Citorum runs
Three deployments. One shape.
On-premises
On customer-owned hardware in your data center. The data plane and the local control plane live entirely inside your network. Only license state and opt-in aggregate telemetry cross the boundary.
Customer cloud (single-tenant VPC)
Inside a Virtual Private Cloud (VPC) you own — Amazon Web Services, Microsoft Azure, Google Cloud Platform, or Oracle Cloud Infrastructure. Single-tenant by deployment shape, not by policy.
Citorum-managed dedicated tenant
The same single-tenant deployment, operated by Citorum in a managed cloud account on your behalf. Documented privileged-access controls. Migratable to either of the other two without data export.
Every answer carries its faithfulness score
Before any response reaches the user, an adjudication pipeline scores it against the sources it was drawn from — combining multiple grounding signals with an independent model judge — and assigns one of three labels:
- Verified — Cite Source. Sources support the claims. Safe to act on, with citations.
- Review Recommended. Plausible but unverified. Most regulated workflows route this label to a reviewer queue.
- Do Not Rely — Consult Expert. The sources didn't support the answer, or contradicted it. The user sees the label clearly. The system does not silently present unverified output as authoritative.
The label rides with every answer. Reviewers, auditors, and downstream workflows see the system's confidence at the moment the answer was given — not weeks later in a post-hoc evaluation. How adjudication works →
Built for regulated industries
Five regimes. One platform.
Legal
Discovery, contract review, and regulatory research with chain-of-custody preserved across every retrieval and response.
Healthcare
Clinical reference, claims analysis, and HIPAA-aware document workflows under a Business Associate Agreement (BAA).
Financial Services
Customer-file research, regulatory reporting, and material non-public information (MNPI) handling that satisfies SOX and the rest of the audit perimeter.
Public Sector
Federal, state, and local programs where data residency, the Federal Risk and Authorization Management Program (FedRAMP) trajectory, and audit are non-negotiable.
Compliance & Regulated Operations
SOX, the Payment Card Industry Data Security Standard (PCI DSS), the European Union's General Data Protection Regulation (GDPR) — risk teams running RAG over the policy and control documents the audit hangs on.
What we are. What we aren't.
Citorum is at an early stage as a company. We are not yet certified under Service Organization Controls (SOC) 2 Type II, the International Organization for Standardization's ISO/IEC 27001, the Federal Risk and Authorization Management Program (FedRAMP), or the Health Insurance Portability and Accountability Act (HIPAA). We say that plainly because the alternative — implying credentials we don't yet hold — would not meet the bar of the people we sell to.
What is in place today: the architecture described on the security page, cyber liability insurance, a signed Security & Architecture Whitepaper, self-attested responses to the Cloud Security Alliance's Consensus Assessments Initiative Questionnaire Lite (CAIQ Lite) and the Shared Assessments Standardized Information Gathering Lite (SIG Lite) under non-disclosure agreement (NDA), and an on-demand penetration test arranged through a recognized firm. SOC 2 Type II readiness work is in flight; the audit window opens once the first three paying customers are live. Most security teams find that, paired with the architecture, sufficient to move into a paid pilot before the Type II report arrives. *Full compliance posture →*
Ready when your security team is.
The Security & Architecture Whitepaper covers the threat model, controls inventory, key management, and incident response. Our engineering team takes the rest.