CertiSigma Prudentia SuiteModule: Prudentia Prompt Builder

Non-identifying AI requests · minimization · European product · national authorities

Prudentia Prompt Builder

Build ordered, non-identifying requests for AI/LLM. The prompt may be oriented toward a later output for third parties, but the direct recipient of the request is the AI and any reuse remains the operator’s decision.

Working rule: start from a high-level description, separate facts and hypotheses, and use the prompt to ask the AI without giving it the real case in identifying or reconstructive form.

PerimeterPrompt Builder prepares requests to submit to AI/LLM systems. It may orient the answer toward later use, but it does not send communications to third parties and does not authorize automatic transfer of AI output.

Case

Loading

new case

You can start from scratch, load a previously exported Prompt Builder case, or import a Drill JSON/GRC-SOAR dossier, including encrypted files.

New case ready. You can load an ordinary case or a Drill dossier, including encrypted files.
Encrypted dossier

Passphrase and vault

local

The same passphrase is used for encrypted import/export, case vault, structure vault and encrypted previous state. It is not stored and cannot be recovered.

Encrypted dossier: the passphrase is not stored and cannot be recovered. The local vault is a convenience, not a collaborative function: use one active session at a time.

Current case active: complete only what you want to declare. The prompt will show declared information and relevant material gaps.

1

Who is involved

Describe the reference subject or structure without entering real names, company names, domains, customers, suppliers or identifiers.

For Europe choose the EU/EEA country if already known, or leave “Not indicated”. For Switzerland the selection is automatic.

Optional structure details

Data, systems and assets normally processed or managed

State the general structure perimeter: it does not mean these categories are involved in the current case.

This section describes the reusable subject or structure. Dynamic case elements are collected in later sections.

The reusable structure may contain sensitive context: browser saving uses the encrypted vault and requires the dossier passphrase.

2

Action moment

State what is declared today: how delimited the perimeter is and which communications, authorities or channels have already been activated. Leave a point empty if you do not want to orient the prompt around that element.

“Perimeter not established” is a positive declaration. If you are not sure which posture to use, leave it empty and use preliminary framing.

Actions, communications or activations already performed

Select only what has already occurred. These items orient the request and, in comparison, show the change in operational position.

Authorities or institutional channels already activated

Declarative field: do not select authorities merely because they appear in the catalogue.

If completed, it enters the prompt as declared state, not as a recommendation.

3

Time distance

Time orients urgency, follow-up and cautions. It does not automatically calculate final legal obligations, but helps the LLM provide proportionate guidance.

4

Operational request

Choose a single move to prepare. Some choices may require additional cautions without being blocked.

State the context or interlocutor for which you want to orient the AI response. This is not a submission to third parties: reuse remains the operator’s decision.

Select a request to see how it will orient the prompt.
5

Minimum request details

Enter only useful abstract coordinates. Do not enter names, logs, emails, IPs, domains, customers, suppliers, contracts or real documents.

Systems, channels or assets potentially involved in the case

Only if specific to the case. Do not repeat the subject’s general profile here.

Categories of potentially involved subjects

Types of information or content potentially involved in the case

This is the case delimitation, not the ordinary organization profile.

Action possibly requested in the preparatory output

Use it only if the AI response must help prepare a request for concrete behavior, to be assessed before reuse.

Roles that must contribute or validate before use

They are not automatically recipients: they are roles that can contribute or validate before any later use.

6

Response rules

Result

Built request

Generate a request to enable copy and export.
No result generated.
Promemoria

Before use

Use the prompt as a methodological outline: complete only what is needed, in the appropriate channel.