Uncontrolled tools
Employees test and deploy tools without the awareness of IT, compliance or leadership. The result is low visibility, no standard and no accountability.
AI Governance & Compliance for mid-sized companies
We bring AI under control in your company. AI Act readiness and operational governance without corporate jargon.
We design practical AI governance: from usage inventory and risk classification to policies and incident handling. We help teams get out of Shadow AI chaos and close the real compliance gap before it becomes a legal, operational or reputational problem.
Do not wait for the first lost tender. Do not wait for the first data leak. Do not wait for the first failing deployment. Do not wait for the first audit. Prepare today.
Audit, AI Act, vendor review, policies, use-case register and operational controls. Practical work, not slide decks.
Problems we solve
Three common risks in companies that adopt AI faster than they build control over its use.
If AI is already living inside the organization, but nobody owns it, registers it or governs it, this is where cost usually appears.
AI Act and regulatory exposure
Without usage classification, a register, procedures and owners, it is difficult to show that the company has its AI deployments under control.
Data security
AI suppliers, integrations and submitted data can create risks of leakage, transfers outside the company and harmful technology lock-in.
Services
Packages that can be bought without a long procurement process.
Pricing is indicative and tailored to the reality of mid-sized companies. Every package can be expanded with workshops, integrations or implementation support.
AI Inventory & Risk Triage
Inventory
4-7k EUR net
A fast audit, usage map and risk classification. Best for organizations that do not yet know what is actually happening across tools and processes.
- AI use-case inventory
- Shadow AI identification
- risk triage and priorities
- management report with recommendations
Starter Compliance
Starter
7-14k EUR net
The core offer: audit, classification, policy, register and vendor review. This is the level that turns ad hoc AI use into a real control system.
- full AI audit and use-case classification
- organization-wide AI policy
- register of use cases and owners
- vendor review and security checklists
AI Governance Suite
Full Suite
11-21k EUR net
For companies that want more than documents: training, escalations, monitoring and operational implementation.
- AI literacy for teams and managers
- implementation of controls and incident escalation
- operating governance model
- implementation support and follow-up
Knowledge base
Sample documents
Shared by email. Practical working materials that show how control over AI usage looks in practice.
Vendor review checklist
Assessment of an AI supplier in terms of data, risk and contracts.
PDF
Use-case register template
A simple register for control, classification and ownership.
XLSX
AI policy excerpt
A short practical fragment of policy for internal adaptation.
DOC
How we work
Three steps: Discovery -> Audit -> Implementation.
01
Discovery
We talk to process owners, identify areas where AI is used and determine what actually requires control.
02
Audit
Inventory, risk classification, vendor analysis, AI Act obligations and identification of control gaps.
03
Implementation
We establish policies, registers, vendor controls and escalation paths so the organization can operate steadily after the audit.
About us
Audit + Cyber Security
We are a modern specialist firm bringing together seasoned professionals with long experience in audit, cyber security and operational control. We do not sell AI theatre. We build order.
In practice this means that we can move from audit to implementation. From a document to a procedure. From identified risk to concrete action.
- process and technology audit
- AI Act, governance and compliance
- vendor review and data security
- training, escalation and operating procedures