What you get
- AI tool inventory with risk tiering and ownership.
- AI acceptable-use policy updates and approval workflow draft.
- Mitigation roadmap mapped to Govern, Map, Measure, and Manage.
Service Walkthrough
AI Risk Audit walkthrough
See how we evaluate live AI use, inventory the highest-value workflows, and turn AI risk questions into one practical operating plan.
What we review
- Current AI and automation use cases, including shadow usage patterns.
- Data classifications touched by AI workflows and vendor terms.
- Current controls for prompt handling, output validation, and monitoring.
How we execute
- Discovery workshops with legal, security, IT, and business owners.
- Risk scenario mapping for prompt injection, data leakage, and unsafe output.
- Control recommendations prioritized by business impact and effort.
What leaders see
- AI RMF-aligned maturity summary and risk heat map.
- Top control gaps with owner, timeline, and decision notes.
- Buyer-ready summary for customer and partner due diligence.
What happens next
- Optional governance sprint for policy and accountability structure.
- Optional pulse scans for recurring AI risk monitoring.
- Quarterly roadmap updates for new AI tools and vendor changes.
Preview deliverable (redacted)
Executive Scorecard preview
| AI RMF area | Current | Target |
|---|---|---|
| Govern | Partial | Defined |
| Measure | Foundational | Developing |
| Manage | Partial | Defined |
Policy Table of Contents preview
- AI Acceptable Use Policy
- Model and Vendor Intake Procedure
- Human Review Requirement Standard
- AI Incident Handling Procedure
AI Inventory Snapshot preview
- Tool: [Redacted] GenAI assistant
- Data class: Internal + confidential product context
- Key risks: prompt injection, data retention ambiguity