For vCISO firms
Your firm bills strategy hours, not screenshot-chasing hours.
Resell Screenata to your compliance clients — or refer and take a rev share. Vera, the agent inside every client workspace, absorbs the policy writing, evidence chasing, and status reporting your team can’t bill for. You keep the judgment, the relationships, and the margin.
Working with design partner firms today
The practice math
Same hours. Two to three times the clients.
We’re not replacing you. We’re replacing the part of the work that’s the same across every client — so the hours you do bill are the ones clients actually value: risk acceptance, scope decisions, auditor relationships, board reporting.
What Vera absorbs
The operational grind, off your team’s plate.
Policy generation
Vera scans the client's GitHub, AWS, and Okta, pre-fills the readiness questionnaire, and composes policies from their attestations — language that matches what's actually deployed. Your job becomes review and approve, not drafting the same Access Control Policy for the fifteenth client.
Evidence delegation
Vera DMs the client's team directly in Slack with step-by-step instructions, follows up on a 24h/48h escalation timeline, quality-checks what comes back, and files it to the vault. The ask-wait-follow-up-ask-again loop stops being your team's job.
Status reporting
Daily readiness snapshots and a 6:30 AM Slack briefing per client. You open Slack, see what changed and what's stale, and start on the actual work — no spreadsheet to update before the client call.
Multi-framework programs
SOC 2, HIPAA, and ISO 27001 map through NIST 800-53. One MFA scan satisfies CC6.1 and HIPAA 164.312(d). One program per client, shared evidence — not duplicated work per framework.
Partner program
Two ways to run it: resell or refer.
Reseller
You’re the commercial party. Buy client workspaces at a partner discount, own the billing, mark up inside your engagement.
- You sign a channel partner agreement covering your end customers, each onboarded via a separate order form.
- Screenata invoices you, not the client — client workspaces at a partner discount off list pricing.
- You own the client billing relationship and bundle or mark up Screenata inside your engagement.
- You get a firm-admin account spanning your client tenants.
Partner discount on every client workspace
You own the billing · you set the markup
Referral
Don’t want billing overhead? Your client pays Screenata direct and you collect a rev share.
- You recommend Screenata; your client subscribes directly — Screenata handles billing.
- You collect a recurring rev share on every client you bring.
- No billing overhead, no invoices to manage on your side.
- Same firm-admin account across client tenants, same advisory relationship.
Recurring rev share per client
Client pays Screenata direct · zero invoicing
This is live today: we’re working with several partner firms running client engagements on Screenata across SOC 2 and HIPAA. Specific terms — discount, rev share, and agreement structure — are covered on the partner call.
Auditor handoff
Your client looks professional. So do you.
Signed evidence packs
SHA-256 manifest per file, RSA/ECDSA signature, RFC 3161 timestamp. The auditor can verify the package from a terminal.
Claim traceability
Every policy sentence ties to a claim, a test, and an evidence artifact. The auditor accepts the output — not your AI.
Type II observation periods
Daily freshness checks and scheduled scans keep evidence current across the observation window — the place engagements usually go sideways.
Deterministic policies
Same attestation, same policy sentence. Control language doesn't drift, and the auditor can re-derive it from the questionnaire.
Partner FAQ
The questions every firm asks.
Can I white-label Screenata?
Full white-label isn't available yet, but the channel partner agreement is real today. As a reseller you buy client workspaces at a partner discount, own the billing, and bundle Screenata into your engagement. Prefer not to handle billing? Refer instead and collect a rev share. Either way you get a firm-admin account across your client tenants.
What if my client already has policies?
They can import existing policies. The claim extraction pipeline still runs — it identifies testable assertions and links them to controls, and the overpromise checker flags anything unsupported by evidence. You don't regenerate from scratch.
My clients are on Vanta or Drata. Why move them?
You don't have to. But compare: a Vanta client pays $10–50K/year for the platform plus your fees. Screenata starts at $499/month and your team spends fewer hours per client. The evidence quality — claim traceability, cryptographically signed packs — is something neither platform offers.
What if a client's setup is unusual?
The infrastructure scan covers what's actually there — 60+ providers, 500+ automated checks. Anything the scan doesn't cover goes through guided evidence collection with step-by-step walkthroughs, and you can override or customize any generated policy.
What does the AI do, and what stays with my team?
Vera handles scanning, policy drafting, claim extraction, automated evidence collection, freshness checks, evidence delegation, and readiness computation. Your team keeps the judgment: policy review and approval, risk acceptance, scope decisions, auditor relationship, board reporting. Vera never makes a judgment call — when she can't resolve something, she escalates and asks.
How mature is this? Can I put a real client on it?
Screenata runs live compliance programs in production today, including partner-run client engagements across SOC 2 and HIPAA. The scanning, policy generation, evidence delegation, and evidence-pack signing are all shipped — the pack verification you can run yourself from a terminal.
Partner with Screenata
Bring Vera into your next client engagement.
A 30-minute walkthrough of a live client workspace — the Monday-morning briefing, evidence delegation in Slack, and the signed evidence pack your client’s auditor receives. Then we talk structure and economics.