For vCISOs · fractional security firms

You'll want: Northbeams Evidence + Sentinel

Carry one AI evidence layer across all your clients.

Every client is going to ask about AI in 2026. You don't have time to build a bespoke answer per engagement. One Northbeams tenant per client. Standard control mappings. White-label Evidence Packs. Recurring revenue share for the firm.

Talk to partnerships → See a sample pack

01 / The problem

Every engagement now includes "the AI question."

EU AI Act, ISO 42001, NIST AI RMF, SOC 2 + AI. They're not separate engagements; they're one engagement that runs through every client. The evidence is the bottleneck.

01 · Per-client custom

Every client asks for a control-by-control answer.

Bespoke policy docs and Notion tables don't scale to 12 clients. You need one evidence engine that produces standardized packs per framework, per tenant.

02 · No staff to build

Fractional security firms don't have eng headcount.

You can't write the telemetry pipeline. You can't host the evidence store. You can't sign packs. You need the layer as a product, not a project.

03 · The Big-4 ask

Auditors want a vendor-issued signed pack.

"You told me." doesn't pass review anymore. The pack needs a verifiable signature from a third party. Your firm's letterhead on top, vendor signature underneath.

02 / What we ship to vCISO firms

The partner-grade tenant model.

Built for firms that operate 5, 20, or 50 client engagements at a time. Multi-tenant from the bottom of the stack, not a workaround.

01 · Multi-tenant console

One login. All your clients.

Switch between client tenants without re-authenticating. Per-tenant audit log of who in your firm looked at which client's data. Read-only consultant role available per engagement.

02 · White-label Evidence Packs

Your letterhead on the cover. Our signature on the integrity row.

The customer attestation block reads from your firm. The cryptographic signature attests Northbeams produced the underlying data. Both lines on the cover; auditors get the chain of custody they want.

03 · Per-client signing keys

Optional per-client X.509 key escrow.

For engagements where the client wants to hold their own signing key (regulated industries, M&A diligence), keys can be customer-controlled. Northbeams never holds the private key.

04 · Bulk operations

Generate a pack for every client. Monthly.

One scheduled job, one cadence, every client gets a fresh pack on the same day. Drop them into shared client folders, Slack channels, or your GRC platform via the Evidence API.

03 / Partner economics

Recurring share. Sliding to co-sell.

Three tiers, depending on how much of the sale your firm carries. Same product on the customer side; the share scales with effort, not volume.

Engagement model What you do Your share Term

Referral Warm intro. Northbeams closes. 10% First 2 years

Co-sell Joint pitch. Shared deal motion. 15% First 3 years

Resell You own the customer. You bill. 20% For life of contract

Written agreement before any commercial activity. Mutual NDA on first call.

04 / A common shape

A 12-client vCISO firm in 30 days.

Composite, based on the partner conversations underway. Numbers are illustrative, not committed.

Composite engagement

One firm. 12 clients. One evidence layer.

Week 1. Firm signs MSA with Northbeams. Three lead clients onboarded as multi-tenant. ISO 42001 + EU AI Act variants selected on each.

Weeks 2 to 3. Each client's IT lead deploys the desktop app via MDM. Browser extension via CWS. No proxy, no MITM, no procurement cycle. Telemetry starts populating the daily AUTO checks.

Week 4. First Evidence Packs land in the firm's shared drive on a Friday. The vCISO reads each, attests where ATTEST is required, and forwards three packs to three different auditors that Monday.

Outcome. Three audits accept the format. The firm rolls remaining 9 clients onto the same template by month 2. Recurring 15% co-sell share on each.