Meridian Request a Proof of Value
All components

Policy engine

Chancery

Standalone

Author regulatory requirements as machine-readable policy. The starting point for any team that needs compliance to be something a machine can enforce, not just a document someone can read.

What it does

Chancery is Meridian's policy authoring environment. It lets compliance and GRC teams write regulatory requirements as structured, machine-readable definitions — not prose documents, but schemas that downstream tools can act on directly. Requirements can be authored from scratch or imported from existing documentation. Chancery ships pre-seeded with the FINOS Common Cloud Controls catalog and the OpenSSF OSPS Baseline, giving teams a battle-tested starting point for the most common cloud and pipeline compliance frameworks.

Before any policy change takes effect, Chancery lets teams preview its impact: which systems would be affected, which controls would be triggered, which current configurations would fall out of compliance. Policy is not applied until it has been reviewed and approved through the configured governance workflow.

Who it's for

Chancery is primarily used by Policy Authors and GRC or compliance analysts — the people responsible for translating regulatory requirements into organisational policy. It is also relevant to Security Engineers who need to define what "approved state" means before Meridian Patrol can monitor for drift.

Personas Policy Author GRC / Compliance Analyst Security Engineer

Start here if…

Your GRC team wants to move from document-based policy to machine-readable policy that tools can act on — but you are not ready to overhaul your architecture governance or deployment pipeline at the same time. Chancery can be deployed as a standalone policy authoring and management environment. The policy definitions it produces are usable by Meridian Loft, Meridian Tackle, and Meridian Patrol when those components are added, but Chancery delivers value on its own as the authoritative, version-controlled record of your organisation's compliance requirements.

A common entry point: an organisation under a new regulatory obligation (DORA, FedRAMP, SOC 2) that needs to translate framework requirements into enforceable, auditable organisational policy without a six-month platform programme.

Works best with

  • Meridian Loft

    Chancery policy flows automatically into Meridian Loft, which validates architecture designs against it before any code is approved. Add Meridian Loft when your architecture team needs designs validated against your organisation-specific policies rather than public control catalogs.

  • Meridian Tackle

    Active Chancery policy drives Meridian Tackle's tool selection and configuration. Add Meridian Tackle when you want dev tooling to be automatically aligned with current policy rather than manually configured.

  • Meridian Patrol

    Chancery defines what "approved state" means. Meridian Patrol monitors for drift against it. Add Meridian Patrol when you need continuous runtime verification that production reflects what policy requires.

How it fits the platform

Chancery sits at the top of the policy-to-production loop. Every other Meridian component consumes its output in some form — Meridian Loft validates against it, Meridian Tackle is configured by it, Meridian Patrol monitors against it, and Meridian Admiralty reports on compliance with it. It is the authoritative source of what your organisation has decided compliance means, expressed in a form the rest of the platform can enforce automatically.

Request a Proof of Value All components