Services · S1 AI Risk Assessment

AI Risk Assessment.

See what you're running. Know what it could cost you. We surface the full picture — every AI system, every risk, ranked and ready for the board.

S1
2–4 weeksStandaloneNIST AI RMF

What you get

Six defined deliverables. Fixed scope, fixed timeline, agreed before work begins.

D.01

System inventory

Complete inventory across all business units — vendor-embedded, in-house, shadow AI.

D.02

Risk register

Ranked by likelihood and severity; plain-language, board-readable, ready to action.

D.03

Remediation roadmap

Prioritized, scoped to your capacity, sequenced with internal milestones.

D.04

Executive summary

Board-ready narrative. The five things leadership needs to know — and decide.

D.05

NIST AI RMF map

Mapping every finding to NIST AI RMF functions so the next step is unambiguous.

D.06

Engagement letter

Scoped, fixed, and transparent — agreed before any work begins.

S1 · Common questions
Q.01How long does an AI Risk Assessment take?+
S1 runs 2–4 weeks as a standalone engagement, with the scope and timeline set transparently in the engagement letter before any work begins.
Q.02What does the AI Risk Assessment deliver?+
A complete AI system inventory, a risk register ranked by likelihood and severity, a prioritized remediation roadmap, a board-ready executive summary, and a mapping of every finding to the NIST AI RMF.
Q.03Do we need anything else before starting?+
No. S1 is the foundation the rest of the program builds on, and it works standalone — you can act on the findings with or without further engagement.
The full program

Each service stands alone or sequences into one governance program:
S1 AI Risk AssessmentS2 Governance Framework SetupS3 AI Standards ReadinessS4 IT Modernization. See the full services overview.

Start with a
discovery call.

30 minutes, scoped to your AI systems and timeline. You leave with a clear, reasoned estimate — whether or not you engage.