Click here
Daxe Inc. Organizational Structure
A comprehensive overview of leadership hierarchy and reporting relationships supporting SOC 2 compliance requirements
View Structure
Executive Leadership Overview
Chief Executive Officer
Erika Bahr serves as CEO and holds ultimate accountability for Daxe Inc.'s strategic direction, investor relations, and organizational compliance. Her responsibilities encompass overall company governance, ensuring alignment between business objectives and regulatory requirements, and maintaining oversight of all compliance frameworks including SOC 2.
The CEO role is critical to establishing the tone at the top for security and compliance culture. Erika directly oversees the Technical Leadership function and maintains visibility across all business units to ensure consistent application of security controls and organizational policies.
Key Responsibilities
  • Corporate strategy and vision
  • Investor and stakeholder relations
  • Compliance oversight and governance
  • Organizational leadership and culture
Technical Leadership Structure
Chief Technology Officer
Nathan Standiford - CTO
Oversees product architecture, technical roadmap, and all data security controls. Responsible for GraphRAG infrastructure implementation and SOC 2 compliance frameworks across technical operations.
  • Technical strategy and architecture
  • Data security and privacy controls
  • SOC 2 technical compliance
  • Technology risk management
The CTO position reports directly to the CEO and serves as the primary technical authority for all security and compliance matters. This role bridges executive leadership with engineering operations, ensuring technical implementations align with compliance requirements and business objectives.
Engineering Management Team
Engineering Manager
Kevin Stallone leads the backend and systems engineering teams, providing day-to-day management of development operations. His responsibilities include managing development sprints using agile methodologies, overseeing quality assurance processes, and coordinating system integrations across the technology stack.
This role is essential for implementing security controls at the development level, ensuring secure coding practices, managing code reviews, and maintaining the integrity of the software development lifecycle. Kevin reports directly to the CTO and collaborates closely with front-end and AI development teams.
Core Functions
  • Sprint planning and execution
  • Quality assurance oversight
  • System integration management
  • Technical team coordination
Front-End Development Leadership
Head of Front-End Development
Jananadi Wedagedara directs all user interface and user experience design efforts, managing the implementation of customer-facing features and workflows.
Key Responsibilities
Jananadi oversees the integration of Daxe's secure data room interface and AI-powered workflows, ensuring that security controls are properly implemented in all user-facing components. This includes managing front-end authentication, authorization flows, and secure data handling in the browser.
Technical Scope
  • UI/UX design and implementation
  • Secure data room development
  • AI workflow integration
  • Client-side security controls
  • User authentication interfaces
The front-end development function reports to the CTO and works in close coordination with backend engineering to ensure seamless and secure integration of all system components.
AI Research & Development
AI Engineering Team
Benjamin Wang serves as AI Engineering Intern, supporting critical research and development initiatives in artificial intelligence.
Research Focus Areas
Benjamin contributes to the development and evaluation of agentic AI systems, search algorithm optimization, and performance benchmarking initiatives. This work is essential to Daxe's competitive advantage and requires careful attention to data security and model governance.
The AI engineering function operates under the supervision of the CTO, with work products subject to security review and compliance validation before deployment to production environments.
Key Activities
  • Agentic AI research and development
  • Search algorithm optimization
  • Performance benchmarking
  • Model evaluation and testing
  • AI security and governance
Organizational Chart & Reporting Structure
Clear Lines of Authority and Communication
01
CEO Level
Erika Bahr maintains overall organizational oversight and sets strategic direction for all business and technical operations.
02
CTO Level
Nathan Standiford reports directly to the CEO and manages all technical functions including engineering, front-end development, and AI research.
03
Technical Teams
Engineering Manager (Kevin Stallone), Head of Front-End (Jananadi Wedagedara), and AI Engineering Intern (Benjamin Wang) all report to the CTO.
This structure ensures clear accountability for security controls, compliance requirements, and technical decision-making across the organization.
Documentation Distribution & Accessibility
Chart Maintenance Procedures
The Daxe organizational chart is maintained as a living document within the company's shared Google Drive infrastructure, specifically within the Company Wiki folder under the path /Company/HR/Org Chart/.
This centralized approach ensures that all employees and contractors have access to current organizational information, supporting transparency and compliance requirements. The chart serves as official evidence for SOC 2 audits and internal control testing.
Update and Distribution Cadence
The organizational chart undergoes formal review and updates on a quarterly basis at minimum, or more frequently when organizational changes occur. Updates are communicated through two primary channels:
  • Internal Slack announcements to all personnel
  • Google Drive sharing notifications
  • Update tracking via version history
  • Quarterly access reviews

SOC 2 Evidence Requirements: For compliance purposes, a dated screenshot of the Google Drive folder structure and corresponding Slack announcement should be captured and retained, demonstrating chart availability and proper communication to all personnel.
Job Description Requirements for SOC 2 Compliance
Comprehensive Role Definition
Organizations must maintain formal job descriptions for all existing positions, upcoming roles, and C-Suite positions. Each description should clearly define basic role requirements, expected responsibilities, and reporting relationships.
Shared Role Documentation
When multiple individuals occupy the same role (e.g., multiple senior software engineers), a single comprehensive job description is adequate. The description should outline the core requirements and responsibilities applicable to all individuals in that position.
Universal Accessibility
Job descriptions must be freely available to everyone within the organization. If not facilitated through an HR platform, organizations should create a shared document repository (e.g., Google Docs) that is regularly updated as new roles are added or existing roles evolve.
Statutory, Regulatory & Contractual Obligations
Comprehensive Compliance Tracking
Organizations must maintain awareness of and document all relevant statutory, regulatory, and contractual obligations that apply to their operations. This documentation serves as critical evidence during SOC 2 audits and demonstrates management's commitment to legal and regulatory compliance.
Statutory Obligations
Requirements related to statutes and laws, including obligations to perform or refrain from specific actions as set out by state or federal law. Examples include compliance with the Sarbanes-Oxley Act, trademark protections, and labor laws.
Regulatory Obligations
Requirements stemming from government agency rules and regulations. Examples include standards set by OSHA, EPA, SEC, FDIC, or GDPR for organizations operating in applicable jurisdictions and industries.
Contractual Obligations
Commitments made by the company through contractual agreements with customers, partners, or vendors. This includes contractual requirements to provide SOC 2 reports, maintain specific security controls, or adhere to service level agreements.
Organizations should maintain a centralized tracking document (spreadsheet or database) that identifies each applicable obligation, the source of the requirement, responsible parties, and verification procedures. This tracking mechanism should be reviewed and updated regularly to reflect changes in the regulatory landscape or business operations.