How SIFTR Works
SIFTR uses a proprietary two-stage analysis pipeline to map governance artefacts to CAF outcomes with zero inference.
1. The Two-Stage Pipeline
- Stage 1: Sanitisation: The engine identifies and masks PII (Personal Information) and removes “document noise” (headers/footers).
- Stage 2: Evidence Mapping: The sanitised text is evaluated against the official NCSC Indicators of Good Practice (IGP).
2. Evidence Classification
| Label | Audit Meaning |
|---|---|
| Strong | Explicit evidence found that directly supports the outcome. |
| Partial | Evidence is present but lacks specific detail or consistency. |
| None | No explicit evidence was identified in the provided documents. |
3. Human-in-the-Loop
SIFTR is a Decision Support Tool. It surfaces the evidence, but the final assessment judgement remains with the qualified organisation lead.