AI Governance Consultancy · UK & EU
Put AI governance in place before adoption outpaces accountability.
Practical AI governance for organisations with live deployment. Use-case classification, board accountability, model lifecycle controls and the evidence pack regulators and customers now expect. Mapped to EU AI Act, ISO 42001 and NIST AI RMF.
02Typical triggers
When this service is on the desk.
- 01First AI tool in production
- 02Board AI risk paper requested
- 03EU AI Act provider / deployer classification
- 04Customer or regulator AI governance ask
- 05Shadow-AI exposure surfaced
03Typical outputs
Artefacts that earn the audit, the customer or the board.
- ·AI policy and governance forum charter
- ·Use-case classifier and approval workflow
- ·Model and system card library
- ·AI risk register and reporting cadence
- ·Board-ready AI governance pack
04Engagement shapes
Three ways the engagement is typically scoped.
SHAPE 01
Stand-up
8–12 weeks to put the governance forum and pipeline in place.
SHAPE 02
Retainer
Quarterly governance support, including new use-case classification.
SHAPE 03
Board pack
Single-cycle delivery of a board-ready AI governance paper.
DELIVERED BY
Paul Jolliffe
FOUNDER · INFOSECAI · MBA · CISSP · ISO 27001:2022 LA / LI / IA · PRINCE2 Practitioner
Twenty years of senior security leadership across financial services, healthcare, government, telecoms and technology. Engagements are senior from day one: no subcontracted juniors, no introduce-and-exit.