AdobeStock_898164684.jpeg

Introducing ACE

AI-Powered Employee Support - Now Native to Workday

ACE: your always-on HR assistant that delivers instant answers, streamlines support, and simplifies complex HR workflows—directly within the systems your employees already use.

Hear about Workday + ACE in this quick 60 second clip.

Built for Precision. Tailored for HR. Optimized for Workday.

ACE is an intelligent HR assistant layered directly into your Workday environment to bring Workday customers an HR experience that’s faster, smarter, and fully embedded. The Workday implementation possibilities with ACE are endless, revolutionizing the function of HR operations as we know it. By embedding itself within individual Workday environments and utilizing personalized employee information, ACE transforms your company's Workday systems and makes them adaptable and more responsive to employee needs, enhancing productivity and overall strategic growth. Uplevel the Workday experience with ACE.

The ACE Advantage

  • Unlike generic AI assistants, ACE is purpose-built to sit natively within your Workday architecture. It connects to your existing data —meaning no rip-and-replace, no UI bloat, and no need to train employees on yet another platform. ACE works where your people already do, and it starts delivering value immediately.

  • When employees ask ACE a question, they don’t get vague or fabricated responses. Every answer is traceable to a real, up-to-date source—whether that’s a benefits document, policy file, or Workday record. With compliance and clarity on the line, ACE’s precision-first approach ensures nothing gets lost in translation.

  • ACE turns friction-filled HR processes into seamless conversations. Whether it's onboarding a new hire, handling a PTO request, or surfacing compliance alerts, ACE automates the repetitive work that eats up HR’s day. That means fewer backlogs, less inbox fatigue, and more time for strategic initiatives that move your business forward.

Use Cases

Onboarding

ACE delivers a tailored onboarding experience with guided checklists, digital forms, and instant access to relevant policies—all within your Workday environment.

Benefits Enrollment

Employees can explore benefit options, ask personalized questions, and get deadline reminders—no more bottlenecks or missed windows.

Policy Updates

Push policy changes instantly, track employee acknowledgments, and surface the most relevant info when it’s needed—all without mass emails.

Leave Requests

Employees simply ask how to take time off. ACE handles the rest—explaining policy, generating the form, and tracking approval workflows.

Handbook/Policy Compare

Compare historical versions of handbooks or policies side-by-side to spot updates, maintain compliance, and answer “what changed?” in seconds.

Compliance

ACE monitors certification deadlines, training requirements, and policy acknowledgments—keeping your team audit-ready

ACE Security Postures

  • We maintain a comprehensive Digital Security Plan that includes:

    • A formal Information Security Policy covering acceptable use, access controls, incident response, and data protection.

    • Annual risk assessments and ongoing vulnerability management.

    • Role-based access controls and multi-factor authentication (MFA).

    • Continuous monitoring of infrastructure using automated threat detection systems.

    • Regular training for all staff on cybersecurity awareness and best practices.

  • We have a documented and tested Incident Response Plan to address cybersecurity breaches, including:

    • A dedicated incident response team (IRT) that can be activated within minutes.

    • Predefined roles and communication protocols, including legal, PR, and executive escalation.

    • Logging and audit trails for forensic analysis.

    • A 72-hour notification timeline to stakeholders and, if applicable, regulators.

    • Post-incident reviews to improve defenses

    • We use government-grade or FedRAMP-moderate equivalent infrastructure, hosted on: Amazon Web Services (AWS)  in secure, geographically distributed data centers.

    • All servers are hardened according to CIS Benchmarks.

    • Data encryption at rest (AES-256) and in transit (TLS 1.2+).

  • Sensitive data is handled with strict controls, including:

    • Data minimization: Only the necessary data is collected and retained.

    • Encryption: All PII, PHI, and financial data is encrypted both at rest and in transit.

    • Segregated data environments for test and production.

    • Audit logging and fine-grained permissions for data access.

    • Regular third-party penetration tests and privacy impact assessments

  • Our security architecture includes:

    • Application Security: Code scanning (SAST), dependency scanning (SCA), and regular security reviews.

    • Endpoint Protection: EDR/XDR on all company devices.

    • Network Security: Web application firewalls (WAF), intrusion detection systems (IDS), and DDoS protection.

    • Authentication: SSO via SAML 2.0, MFA enforced for all privileged users.

    • Monitoring: 24/7 security operations center (SOC) support and centralized logging (SIEM).

  • We align our practices with industry and regulatory frameworks:

    • SOC 2 (Type I): We are pursuing a SOC 2 attestation, demonstrating security, availability, and confidentiality controls (anticipated completion in 2025)

    • HIPAA: For health-related data, we enforce HIPAA safeguards including signed Business Associate Agreements (BAAs), access logging, and encryption.

    • FERPA: Data access policies restrict student data to authorized users; logs are maintained for educational record access.

    • All third-party vendors undergo a security due diligence process, including review of SOC reports and DPAs.

    • Data Processing Agreements (DPAs) are executed with vendors handling sensitive data.

    • Vendors are re-evaluated annually or upon significant changes.

    • Regular backups with tested recovery procedures.

    • Recovery Time Objective (RTO): 4 hours.

    • Recovery Point Objective (RPO): 1 hour.

    • Annual disaster recovery tests with documented outcomes.

    • Role-based access and least-privilege enforced via IAM.

    • Immediate revocation of credentials upon termination.

    • Periodic access reviews conducted quarterly.

  • Security is a continuous process. We:

    • Perform quarterly vulnerability assessments.

    • Engage with external auditors for compliance validation.

    • Collect threat intelligence and adjust posture accordingly.

Certified by Compass IT Compliance LLC.