Service · Govern

A structured review against the five governance frames that matter.

A short-form review of your AI plans (or existing AI footprint) against GDPR, ethics, data quality, security, and data sovereignty, with a hand-to-compliance report at the end.

Book a 30-min scoping call See an example report
Fit

Who it's for, who it isn't

It fits when

  • You have AI in production or about to be, and you haven't formally reviewed governance.
  • A procurement, board, or audit event has triggered "can we defend this?"
  • You operate in a regulated sector and need the evidence on file.

It doesn't fit when

  • You're still at "is AI right for us?": start with a Discovery Sprint.
  • You need a technical deployment review: use Rapid Secure AI POC.
  • You want a certification or stamp: this is alignment work, not a certificate.
What you get

The deliverable

  • Assessment report. Findings per framework (GDPR, AI ethics, data quality, security, sovereignty) with evidence and gaps.
  • Gap register with severity ratings, so the compliance team knows what to fix first.
  • Remediation priority list. Ordered by effort and impact. Handed to the people who will action it.
  • Readout session with the owners of each framework inside your organisation.
How it works

The phases

  1. Intake + documentation review

    What AI is already in play, what policies exist, what audit triggers are in flight.

  2. Stakeholder interviews

    DPO, security lead, AI owner, procurement. Short, structured, on-record.

  3. Framework-by-framework assessment

    GDPR, ethics, data quality, security, sovereignty. Evidence, gaps, severity.

  4. Written report + readout

    Joint session with compliance and operations. Report handed over for the file.

Duration & price

What to budget

Duration

1–2 weeks

Price shape

Fixed fee

Fixed fee at kickoff. Scope covers one AI footprint (one product line, one department, or one adoption plan).

Sample deliverable

What the output looks like

An anonymised sample of a past deliverable for this engagement is being prepared. Until it's published here, the clearest picture comes from the methodology page. This service is one productised slice of the same method.

You can usually get the compliance team to approve something. The question is whether you can defend it later, when something goes wrong, when an auditor asks, when the regulator changes position.
Book a 30-min scoping call See an example report
Not the right fit?

Try one of these instead