The complete audit-defensible AI governance program. Ready to implement same-day.
Twenty-one documents covering seven different domains as follows:
| Domain | Documents |
|---|---|
| D1 — AI Governance Foundation | AI Risk Governance Policy · AI Governance Charter · AI Ethics Policy |
| D2 — AI Inventory & Classification | AI System Inventory Policy · Use Case Registration Procedure · AI Risk Classification Framework |
| D3 — AI Risk Assessment | AI Risk Assessment Policy · AI Risk Assessment Procedure + Template · Algorithmic Impact Assessment · Vendor AI Risk Assessment Questionnaire |
| D4 — AI Controls & Incident Response | AI Controls Framework · AI Incident Response Plan · Pre-Deployment Review Checklist |
| D5 — Transparency & Accountability | AI Transparency Policy · Model Card Template · AI Decision Disclosure Notice Templates |
| D6 — Monitoring & Audit | AI Monitoring Policy · Program Maturity Assessment Tool · Annual AI Risk Report Template |
| D7 — Generative AI Controls | Acceptable Use Policy for Generative AI |
Implementation tools included: 90-Day Quick-Start Roadmap · AI Regulation Tracker · Document Control Index · Executive Briefing Deck (PPTX)
These policies and tools are specifically written to align to the following frameworks:
NIST AI RMF 1.0 (full) · NIST AI 600-1 Generative AI Profile · ISO/IEC 42001:2023 · EU AI Act · GDPR Article 22 · EEOC / DOL AI Employment Guidance · NY Local Law 144 · FCRA / ECOA · HIPAA · Colorado SB 205 · Illinois AEDT Act
Who this is for
CISOs, vCISOs, compliance teams, and risk managers who need a structured AI governance program that holds up in a board presentation, a regulatory examination, or an internal audit — without building it from scratch or using expensive consultants.
This module does not constitute legal advice. Documents should be reviewed against your organization's specific regulatory environment and legal counsel before implementation. Regulatory references reflect the landscape as of May 2026.
