Knowledge
Key terms from AI, compliance and enterprise technology — explained for CEOs, CIOs and CFOs.
AI systems that autonomously make decisions, execute actions and orchestrate multi-step tasks — as opposed to purely generative models that only produce text.
At VentumIQ: Our multi-agent platform uses Agentic AI to autonomously handle complex business processes — from tender analysis to contract review.
The EU regulation governing AI systems. Defines risk classes, transparency obligations and requirements for human oversight. In force since 2024, with phased application through 2026.
At VentumIQ: Our AI strategy consulting incorporates AI Act requirements from the outset — ensuring your AI systems remain compliant.
SAP extension mechanism that integrates custom logic into standard processes without modifying SAP source code. Essential for clean-core-compliant extensions.
At VentumIQ: Our SAP integrations leverage BAdIs and side-by-side extensions via BTP to preserve the clean core.
Statistical ranking model for keyword-based text search. Complements semantic vector search in hybrid search architectures, as it is better at finding exact technical terms and codes.
At VentumIQ: Our RAG pipelines combine BM25 with vector search in a hybrid approach for maximum retrieval accuracy.
SAP strategy that minimises custom developments in the S/4HANA core. Goal: maintain upgrade capability, avoid technical debt, realise extensions via BTP side-by-side.
At VentumIQ: We integrate AI capabilities as side-by-side extensions so your SAP core stays clean.
EU-wide standardised classification system for public procurement. A 9-digit code that categorises products and services in tenders.
At VentumIQ: TenderIQ automatically analyses CPV codes to identify relevant tenders for your organisation.
A method where a neural network jointly analyses query and document (full bidirectional attention) to assess relevance more precisely than a bi-encoder.
At VentumIQ: Our search pipelines use cross-encoder reranking as a second stage after the initial vector search.
Contract under Art. 28 GDPR between the data controller and data processor. Governs the handling of personal data when using external services.
At VentumIQ: We execute a DPA with every client and ensure downstream LLM providers are contractually bound as well.
EU regulation for the operational resilience of the financial sector. Defines requirements for IT risk management, incident reporting and third-party oversight.
At VentumIQ: Our platform supports DORA-compliant documentation and auditability for financial institutions.
Risk assessment under Art. 35 GDPR, required when processing activities pose a high risk to data subjects. Documents risks and countermeasures.
At VentumIQ: We support you with DPIAs for AI projects and provide the necessary technical documentation.
A numerical vector representation of text in a high-dimensional space. Semantically similar texts are placed close together, enabling similarity search and intelligent matching.
At VentumIQ: We generate embeddings from your corporate documents to enable precise semantic search in our RAG architecture.
An AI approach where decisions and results are transparent and verifiable by humans — in contrast to black-box models.
At VentumIQ: Our systems display sources and decision paths transparently — for C-level traceability.
EU regulation for the protection of personal data. Defines data subject rights (access, erasure, portability) and processor obligations (purpose limitation, data minimisation, technical measures).
At VentumIQ: GDPR compliance is a design principle — from data processing to our on-premise deployment option.
Safety mechanisms that control AI outputs: pattern matching filters obvious violations, LLM classifiers evaluate nuanced cases, webhook checks validate against external rules.
At VentumIQ: Multi-layered guardrails are built into every platform solution — configurable per tenant and use case.
Cryptographic method for ensuring the authenticity and integrity of a message. Sender and receiver share a secret key.
At VentumIQ: HMAC secures communication between our microservices and external interfaces.
International standard for Information Security Management Systems (ISMS). Defines requirements for risk assessment, security controls and continuous improvement.
At VentumIQ: Our platform and processes align with ISO 27001 — for enterprise-grade information security.
A compact, signed token for the secure transmission of authentication information. Contains claims (user ID, roles, expiry time) in a Base64-encoded JSON format.
At VentumIQ: JWT-based authentication secures access to all platform APIs and user interfaces.
A large language model such as GPT-4, Claude or Mistral. Trained on extensive text data, capable of understanding, generating and contextualising natural language.
At VentumIQ: We deploy various LLMs — via API or on-premise with vLLM — depending on cost, latency and data privacy requirements.
A system of multiple specialised AI agents that cooperate in a division-of-labour fashion. Each agent has its own capabilities, tools and responsibilities.
At VentumIQ: Our product platform is built on MAAIS architecture — specialised agents for analysis, research, generation and quality control.
An open protocol that connects AI models with external data sources and tools. A single connection exposes multiple tools that are automatically discovered.
At VentumIQ: MCP enables our agents to access SAP, databases and other enterprise systems through a standardised interface.
Mutual certificate authentication: not only the server but also the client must present a valid certificate. Stronger security than standard HTTPS.
At VentumIQ: mTLS secures service-to-service communication within our platform architecture.
An architectural principle where a single platform instance serves multiple isolated tenants (organisations). Each tenant has its own data, configuration and access rights.
At VentumIQ: Our platform is fully multi-tenant — with strict data isolation between tenants.
EU directive on cybersecurity for critical infrastructures. Defines reporting and due-diligence obligations for organisations across 18 sectors.
At VentumIQ: Our security architecture supports NIS2 requirements — from incident reporting to technical safeguards.
A single-use random value that prevents replay attacks. The receiver stores used nonces and rejects duplicates.
At VentumIQ: Nonces protect our API communication against replay attacks and ensure the integrity of every request.
An architecture pattern where an LLM retrieves relevant document chunks from a knowledge base before generating an answer. Reduces hallucinations and enables up-to-date, source-based responses.
At VentumIQ: RAG is the core of our products — from ChatFlow to TenderIQ to ContractIQ.
An access control model that assigns permissions to roles rather than individual users. Typical roles: Admin, Manager, Member.
At VentumIQ: Fine-grained RBAC governs access to documents, agents and configurations — individually configurable per tenant.
A method for combining multiple search result rankings. Weights top ranks more heavily than lower ones, regardless of the absolute scores from individual search methods.
At VentumIQ: RRF merges BM25 and vector search results into an optimal ranking within our hybrid search pipelines.
Protocol for unidirectional real-time notifications from server to browser. Simpler and more scalable than WebSockets for the typical case: server informing the client of changes.
At VentumIQ: SSE delivers real-time streaming of AI responses and status updates to the user interface.
A process management model where a project passes through defined phases (stages) and quality gates. Each gate verifies the completeness of required information.
At VentumIQ: Our AI implementation projects follow a stage-gate model — from discovery through pilot to production.
Measures under Art. 32 GDPR for the protection of personal data: encryption, access control, pseudonymisation, backup concepts.
At VentumIQ: Our TOMs include AES-256 encryption, RBAC, audit logging and regular security reviews.
A specialised database for high-dimensional vectors (embeddings). Enables fast similarity search across millions of documents. Examples: Qdrant, Pinecone, pgvector.
At VentumIQ: We use vector databases as a core component of our RAG architecture — for fast and precise document retrieval.
Open-source framework for high-performance LLM inference. Uses PagedAttention and continuous batching for maximum GPU utilisation in on-premise deployments.
At VentumIQ: vLLM is part of our AI Sovereignty solution — for cost-effective and privacy-compliant on-premise AI.
International standard for accessible web content. Level AA covers: keyboard navigation, screen reader support, colour contrast, focus management.
At VentumIQ: Our user interfaces are developed to WCAG 2.1 Level AA — for accessible AI applications.
A security architecture where every access — internal and external — is verified. No implicit trust, not even within the network.
At VentumIQ: Our platform follows the zero-trust principle — every request is authenticated, authorised and logged.
Whether you want a demo of our products or a strategic consultation — we are here for you.