AI-generatedRuns a public customer-support chatbot built on a third-party AI model, with a public developer API and still-light governance.
- Maturity
- Emerging
- Report type
- Sample · illustrative
Overall AI governance maturity is emerging with critical residual risk — strongest where controls are established and most exposed where foundational gaps remain.
Get a real, tailored report for your organization in about 12–18 minutes — free.
This is the free report. The full report is a 40-page comprehensive deep-dive — control-by-control gap analysis, framework mapping, and a prioritized remediation roadmap.
Target threshold 70
What you report as in place, before evidence adjustment.
Based on response consistency and supporting evidence.
- 40%Documented
- 60%Self-reported
- 0%Missing
What this assessment indicates
Your organization demonstrates its strongest practices in governance & ownership (54.8), placing overall maturity at the emerging stage with critical residual risk. The most material exposure is in monitoring & improvement (5). Closing these foundational gaps in inventory, accountability, and production controls will reduce operational, regulatory, and reputational risk as AI adoption expands.
Governance domain performance
Score out of 100 · benchmark 70Established capabilities
- Governance & ownership (54.8)
- Data governance (30)
- Security & operations (25.8)
Material governance gaps
- Monitoring & improvement (5)
- Inventory & use-case mapping (7.5)
- Vendor & third-party (9.2)
Priority remediation roadmap
Sequenced over the next 90 days, highest-impact gaps first.
- P0securityAdd misuse/abuse controls to public AI endpoints
- P0securityAddress prompt-injection risk in design reviews
- P0dataScope retrieval permissions by user or role
No actions in this window.
No actions in this window.
Assessment basis
What this score is built on.
Responses are checked for consistency and aligned to the selected frameworks.
Framework coverage
Indicative roll-up. Control-by-control mapping is in the full report.
How your domains map to the frameworks
Indicative, domain-level mapping — the control-by-control crosswalk lives in the dedicated assessments and the full report.
| Domain | EU AI Act | ISO/IEC 42001 | NIST AI RMF |
|---|---|---|---|
| Governance & ownership | Art. 9, 17 (risk & quality mgmt) | Clause 5–6, A.2–A.3 | GOVERN |
| Inventory & use-case mapping | Art. 11, 49 (docs, registration) | Clause 4, A.4 | MAP 1.6 (inventory) |
| Data governance | Art. 10 (data governance) | A.7 | MAP / MEASURE (data) |
| Security & operations | Art. 15 (robustness, cybersecurity) | A.6 / security | MEASURE 2.7 |
| Vendor & third-party | Art. 25 (value chain) | A.10 | GOVERN 6 (supply chain) |
| Transparency & human oversight | Art. 13, 14, 50 (transparency, oversight) | A.8–A.9 | Accountable & Transparent |
| Monitoring & improvement | Arts. 72–73 (post-market, incidents) | Clause 9–10 | MANAGE 4 (monitoring) |
Go deeper — recommended next assessments
This governance check is broad and cross-framework. For a control-level result, continue with a dedicated assessment — start with ISO/IEC 42001, where your indicative coverage looks weakest.
Build the ISO/IEC 42001 management-system view across all nine AIMS domains and certification prep.
Start assessmentProfile your system across NIST AI RMF — Govern, Map, Measure and Manage — with the GenAI profile.
Start assessmentGo deep on EU AI Act applicability, operator role, risk classification and conformity duties.
Start assessmentWant a report like this for your organization?
This is a fictional example of the free report. Run the free assessment for your own tailored report, or book a demo to see the full 40-page comprehensive report with control-by-control analysis and framework mapping.
