Service Ladder

What We Deliver

Three tiers. Clear deliverables. No ambiguity. Every engagement is mapped against 7 frameworks and reviewed by both our CEO and CTO before it reaches you.

Tier 1

Basic AI Risk Assessment

£750

5–7 working days

A full audit of your AI tool usage mapped across six frameworks. Every active compliance failure identified. Clear, prioritised action plan.

  • Complete AI tool inventory
  • EU AI Act risk classification per tool
  • OWASP LLM Top 10 — all 10 categories
  • NIST AI RMF & NIST CSF 2.0 maturity snapshot
  • GRC posture overview — scored
  • UK GDPR & DUAA 2025 compliance snapshot
  • Full risk register with free actions per finding
  • Remediation roadmap — This Week / 30 Days / 90 Days
  • Dual sign-off: CEO + CTO
Get Started — From £750

Tier 2

Full AI Security Review

£2,500

7–10 working days

Board-ready. 16-section deep-dive. Everything in Basic expanded to full depth, plus MITRE ATLAS, DPA audit, Staff AI Policy, and 90-day reassessment call.

Everything in Basic, plus:

  • MITRE ATLAS adversarial threat mapping
  • EU AI Act full gap analysis — per tool, per article
  • NIST AI RMF full 4-function assessment
  • NIST CSF 2.0 full 6-function maturity assessment
  • GRC framework scored 1–10 across all three pillars
  • UK GDPR + DUAA 2025 full 11-article gap analysis
  • Framework cross-reference matrix — all 7 frameworks
  • DPA review — all AI tool providers
  • 13-clause Staff AI Usage Policy — ready to issue
  • 90-day roadmap with action owners
  • 90-day reassessment call included
  • Dual sign-off: CEO + CTO — board ready
Get Started — From £2,500

Ongoing Support

Retainer

Scoped Pricing

Quarterly cadence

AI adoption doesn't stop after a single assessment. A retainer keeps your compliance posture current as legislation evolves, new tools are adopted, and your AI footprint grows.

  • Quarterly AI risk reassessment
  • New AI tool vetting before adoption
  • Policy maintenance as legislation evolves
  • Incident response advisory support
  • Framework monitoring and update alerts
  • Same working-day priority access
Request a ProposalLearn More

The Process

What to Expect

Every engagement begins with a 20-minute discovery call. No technical knowledge required on your side. We map your AI tool usage, data flows, governance position, and sector-specific obligations.

From there, we work independently. You receive your report within the stated turnaround, walk through it together, and leave with complete clarity on next steps.

Get a QuoteBook a Discovery Call