We surface every AI tool in use across your organisation, classify each one against EU AI Act and NIST RMF standards, and build a governance program that keeps you compliant — permanently.
Your teams are already using ChatGPT, Copilot, Notion AI, and dozens of other tools — many without IT approval, many processing confidential client data. Meanwhile, regulators have caught up. The EU AI Act is here. State-level laws are active. Boards are asking questions.
Most organisations of 50–500 people have significant unmitigated AI risk right now — not because of negligence, but because the tools moved faster than the policies. That gap is exactly what we close.
From a focused one-time audit to an embedded AI governance function — scoped to your size and risk exposure.
Full shadow AI audit with risk classification and a prioritised remediation roadmap.
Complete audit plus board-ready governance documentation and staff training.
Embedded AI strategy ownership — your outsourced AI governance function.
Monthly Governance Retainer (for Full Governance clients): $2,500–$5,000/month — quarterly re-audits, policy updates, new tool approvals.
A structured, four-phase engagement — designed so you never have to scramble before a regulatory deadline.
Kickoff, department interviews, and anonymous employee survey to surface every AI tool in use — including shadow tools.
Week 1Full tool inventory, EU AI Act & NIST RMF risk classification, SaaS subscription review, and vendor contract audit.
Weeks 2–3All governance documents drafted, reviewed, and prepared for board presentation and immediate deployment.
Weeks 3–5Board briefing, staff training session, Q&A — then monthly retainer begins to keep governance current.
Week 5–6A one-page briefing written for General Counsels, CISOs, and Compliance Officers — no jargon, no sales pitch. Take it into your next leadership meeting.
Download your copy below — no inbox required.
↓ Download the 1-PagerWant to discuss your organisation's specific exposure?
Book a free 30-min call →This isn't a sales call — it's a diagnostic. We'll ask three questions about your current AI governance posture and tell you honestly whether you have a problem worth fixing right now. If there's no fit, we'll say so.