Tier 1

Basic AI Risk Assessment

From £750 · 5–7 Working Days

A full audit of your AI tool usage mapped across six frameworks. Identifies every active compliance failure and delivers a clear, prioritised action plan for your business.

What's Included

01

AI Tool Inventory

We document every AI tool in use across your business — by department, by function, and by the data each tool touches. Businesses typically discover tools they weren't aware staff were using.

02

EU AI Act Risk Classification

Each tool in your inventory is classified against the EU AI Act's four-tier risk hierarchy: Unacceptable Risk, High Risk, Limited Risk, Minimal Risk. Prohibited applications are flagged immediately.

03

OWASP LLM Top 10 (2025) Assessment

All 10 vulnerability categories assessed against your current tool usage and deployment. Includes prompt injection, insecure output handling, sensitive data exposure, and training data poisoning risks.

04

NIST AI RMF & NIST CSF 2.0 Maturity Snapshot

A rapid maturity assessment across NIST AI RMF's four functions (GOVERN, MAP, MEASURE, MANAGE) and NIST CSF 2.0's six functions. Establishes your current baseline and identifies the highest-priority gaps.

05

GRC Posture Overview

Governance, Risk, and Compliance assessed and scored across your current AI usage. Identifies structural gaps in oversight, accountability, and control that create organisational exposure.

06

UK GDPR & DUAA 2025 Compliance Snapshot

A targeted review of your AI-related compliance position under UK GDPR and the Data Use and Access Act 2025. Includes lawful basis assessment, DPIA requirement identification, and ADM compliance.

07

Full Risk Register

Every identified risk documented with: risk description, relevant framework, severity rating, likelihood, business impact, and the specific immediate action required to remediate. Every finding includes at least one free action you can take this week.

08

Prioritised Remediation Roadmap

All findings organised into three action horizons: This Week (zero-cost immediate actions), 30 Days (quick-win implementations), and 90 Days (strategic compliance investments).

09

Dual Sign-Off: CEO & CTO

Every Basic Assessment is independently reviewed and signed by our CEO (Rowan Money, commercial delivery and client engagement) and CTO (Govend Abdul-Hameed, technical validation and framework accuracy). Two expert perspectives in one report.

Turnaround

5–7 working days from completion of your discovery call.

Get Started — From £750Not Sure? Request a Quote