<!-- ADVISOR_ARCHITECT_CHECKLIST_STUB (auto-inserted) -->
Advisor / Architect Minimal Checklist (AUTO-STUB)
-----------------------------------------------

- protects: Which founder goal does this protect? (pick one)
- sina_workload: reduces / increases + short rationale
- permission_loop: yes / no + explanation
- sandbox_autonomy: yes / no + where/how (sandbox lane path)
- target_to_blocker: yes / no + mitigation
- canon_version: (string)
- sandbox_evidence: link(s) to sandbox receipt(s)

# Procurement competitive FAQ (v1)

**Use:** Source for `/copilot/procurement/` buyer FAQ. Orientation only — not legal advice.  
**Internal battle cards:** [COMPETITIVE_LANDSCAPE_LOCKED_v1.md](../diligence/COMPETITIVE_LANDSCAPE_LOCKED_v1.md)

---

## How should we think about Noetfield vs Microsoft Purview?

Microsoft Purview and the Copilot Control System secure and administer your M365 tenant — labels, DLP, DSPM for AI, audit, and agent lifecycle. Noetfield records whether a **specific Copilot rollout** is authorized under your policy **before production**, and exports a Trust Ledger Entry (TLE) plus board PDF and procurement ZIP that reviewers can attach to governance minutes. We index **metadata evidence** from Purview, Entra ID, and Audit — we do not replace Microsoft admin tools.

---

## We are evaluating Credo AI / enterprise AI governance platforms. Do we still need Noetfield?

Enterprise AI governance platforms excel at inventory, regulatory policy packs, and program-wide risk workflows. Noetfield is scoped to the **Copilot adoption moment**: pre-execution evaluate, signed TLE, and board-ready export in a **90-day fixed-fee pilot** ($2k–10k). Many institutions run a program platform for the enterprise and a Copilot Governance Pack for the rollout receipt.

---

## What about Securiti or other data+AI security vendors?

Unified data and AI security platforms address multicloud DSPM, agent guardrails, and broad compliance automation. Noetfield is narrower: **governance execution + evidence** for Microsoft 365 Copilot — evaluate → TLE → export — with fail-closed integrity on procurement bundles.

---

## How is this different from a Copilot readiness assessment from an MSP?

Readiness assessments typically remediate SharePoint permissions, labels, and tenant hygiene over several weeks at services rates. Noetfield delivers a **repeatable evaluate API**, Trust Ledger receipts, and exportable board/procurement artifacts — productized pilot with a defined success signal: **one board PDF in a real governance meeting**.

**QuickScan sub-band (NF-QS):** CAD $2,000–$3,500 · sample TLE and export walkthrough — upgrade path to Readiness Pilot ($5k–$10k) for board-meeting success signal.

---

## Runtime AI gateways (inline LLM proxy) — same category?

Runtime gateways intercept every model request for redaction, block, and per-request logging. Noetfield evaluates **operational intent** for Copilot governance (rollout scope, policy version, approver chain) and produces **organizational go/no-go evidence** — metadata-only M365 index, not inline LLM traffic for all models.

---

## Canadian federally regulated institutions (OSFI E-23)?

OSFI E-23 (effective May 2027) expects enterprise AI model risk management. Noetfield provides **independent-style decision records** (TLE + evidence index) for Copilot adoption — orientation toward E-23 evidence, not a replacement for your OSFI program. See [CANADIAN_OSFI_E23_COPILOT_ORIENTATION_v1.md](../diligence/CANADIAN_OSFI_E23_COPILOT_ORIENTATION_v1.md). Bank Pilot offers read-only shadow simulation.

---

## What is out of scope?

No payments, custody, settlement, or money transmission. No ISO/SOC certification claims from Noetfield. Framework citations are **orientation only**.

---

## Proof without NDA

- [Proof case (redacted)](https://www.noetfield.com/copilot/proof-case/)  
- [SSOT compliance demo](https://www.noetfield.com/copilot/demo/)  
- [TLE samples](https://www.noetfield.com/trust-ledger/sample-report/)  
- [Free sandbox](https://www.noetfield.com/start/)  

---

**End v1**
