How long does the audit take?

10 working days from kickoff. Includes 3 structured interviews with key stakeholders and a full technical review.

Do you need access to our systems?

Read-only access to logs, tool registries and vendor contracts. No code access required for governance audits.

Is this specific to EU AI Act compliance?

It covers EU AI Act, GDPR AI implications, and ISO 42001 alignment. The framing is business risk, not checkbox compliance.

A written audit report (20-40 pages), an executive slide deck (10 slides), and a prioritised remediation roadmap.

Do you help implement the remediation?

Optionally. The audit is self-contained. Clients can implement internally or engage for a follow-on sprint.

AI AUDIT · GOVERNANCE DIAGNOSTIC

AI Audit: Know What You Actually Have Before You Scale It

Most companies deploying AI don't know what they're running, who owns it, or whether it's compliant. The audit answers all three — in two weeks.

Book an audit Download audit scope

Signs you need an AI audit

✕
Teams using ChatGPT, Copilot, and 6 other tools with zero data governance. Customer data leaving your perimeter daily.
✕
You've spent on AI. You don't know if it's working. Nobody can answer what's our AI ROI.
✕
Legal flagged a potential EU AI Act high-risk system. Nobody in the company knows what that means or what to do.
✕
You're about to hire an AI vendor or sign a multi-year contract. You need an independent view before you commit.

What the audit covers

01

AI inventory

Map every AI tool, model, and workflow in use across the company. Shadow IT included. Most audits find 3x more AI than the CTO knew about.
02

Governance gap analysis

Assess data flows, access controls, model versioning, and incident response against EU AI Act and ISO 42001 standards.
03

ROI measurement

Tie each AI deployment to a business metric. Identify which tools deliver value and which are unused spend.
04

Risk prioritisation

Rank findings by blast radius. Deliver a remediation roadmap sorted by risk and effort — not a 100-point checklist.
05

Executive report

Board-ready summary: current state, risk exposure, ROI baseline, and recommended next steps. Delivered in 10 working days.

Proof-of-work

Frihet ERP — designed the AI governance layer for a B2B SaaS from scratch. Includes model risk registry, audit trails, and access controls.
Firma — compliance and AI audit for a law firm's legaltech platform. GDPR, data minimisation, and responsible AI embedded.
ICEN — AI audit of the learning management stack for 13 professional programmes. Shadow AI and data risk identified and remediated.

Pricing

AI Governance Audit: from 2,500 EUR (companies up to 100 employees). Enterprise scope (100-500 employees): from 5,000 EUR. Deliverable: written report + exec presentation.

FAQ

How long does the audit take?: 10 working days from kickoff. Includes 3 structured interviews with key stakeholders and a full technical review.
Do you need access to our systems?: Read-only access to logs, tool registries and vendor contracts. No code access required for governance audits.
Is this specific to EU AI Act compliance?: It covers EU AI Act, GDPR AI implications, and ISO 42001 alignment. The framing is business risk, not checkbox compliance.
What's the output?: A written audit report (20-40 pages), an executive slide deck (10 slides), and a prioritised remediation roadmap.
Do you help implement the remediation?: Optionally. The audit is self-contained. Clients can implement internally or engage for a follow-on sprint.

Go deeper

Know what you're running.

The audit takes 10 days. The risks you find were already there — now you can act on them.

Book an audit

AI Audit: Know What You Actually Have Before You Scale It

Signs you need an AI audit

What the audit covers

AI inventory

Governance gap analysis

ROI measurement

Risk prioritisation

Executive report

Proof-of-work

Pricing

FAQ

Go deeper

Know what you're running.