Meridian Request a Proof of Value
All components

Policy engine

Chancery

Standalone

Author regulatory requirements as machine-readable policy. The starting point for any team that needs compliance to be something a machine can enforce, not just a document someone can read.

What it does

Chancery is Meridian's policy authoring environment. It lets compliance and GRC teams write regulatory requirements as structured, machine-readable definitions — not prose documents, but schemas that downstream tools can act on directly. Requirements can be authored from scratch or imported from existing documentation. Chancery ships pre-seeded with the FINOS Common Cloud Controls catalog and the OpenSSF OSPS Baseline, giving teams a battle-tested starting point for the most common cloud and pipeline compliance frameworks.

Before any policy change takes effect, Chancery lets teams preview its impact: which systems would be affected, which controls would be triggered, which current configurations would fall out of compliance. Policy is not applied until it has been reviewed and approved through the configured governance workflow.

Who it's for

Chancery is primarily used by Policy Authors and GRC or compliance analysts — the people responsible for translating regulatory requirements into organisational policy. It is also relevant to Security Engineers who need to define what "approved state" means before Patrol can monitor for drift.

Personas Policy Author GRC / Compliance Analyst Security Engineer

Start here if…

Your GRC team wants to move from document-based policy to machine-readable policy that tools can act on — but you are not ready to overhaul your architecture governance or deployment pipeline at the same time. Chancery can be deployed as a standalone policy authoring and management environment. The policy definitions it produces are usable by Loft, Tackle, and Patrol when those components are added, but Chancery delivers value on its own as the authoritative, version-controlled record of your organisation's compliance requirements.

A common entry point: an organisation under a new regulatory obligation (DORA, FedRAMP, SOC 2) that needs to translate framework requirements into enforceable, auditable organisational policy without a six-month platform programme.

Works best with

  • Loft

    Chancery policy flows automatically into Loft, which validates architecture designs against it before any code is approved. Add Loft when your architecture team needs designs validated against your organisation-specific policies rather than public control catalogs.

  • Tackle

    Active Chancery policy drives Tackle's tool selection and configuration. Add Tackle when you want dev tooling to be automatically aligned with current policy rather than manually configured.

  • Patrol

    Chancery defines what "approved state" means. Patrol monitors for drift against it. Add Patrol when you need continuous runtime verification that production reflects what policy requires.

How it fits the platform

Chancery sits at the top of the policy-to-production loop. Every other Meridian component consumes its output in some form — Loft validates against it, Tackle is configured by it, Patrol monitors against it, and Admiralty reports on compliance with it. It is the authoritative source of what your organisation has decided compliance means, expressed in a form the rest of the platform can enforce automatically.

Request a Proof of Value All components