AI Compliance Readiness Assessment

35-40: Compliance-ready — minor gaps to address
25-34: Partially prepared — significant work needed in specific areas
15-24: High risk — major gaps across multiple dimensions
8-14: Critical — immediate action required before any regulatory review

Evaluate organizational readiness for AI governance regulations and generate an actionable compliance roadmap.

When to Use

When asked to assess AI compliance readiness, gather these inputs:

Industry (legal, healthcare, financial-services, insurance, construction, manufacturing, government, other)
Company size (employees or revenue range)
AI systems in use (list: chatbots, document review, fraud detection, hiring tools, customer service, analytics, other)
Jurisdictions (US-only, EU-exposed, both, global)

Score each dimension 1-5 (1=no controls, 5=mature):

Risk Classification — Have you categorized AI systems by risk level per EU AI Act / NIST?
Documentation — Technical docs, model cards, data lineage for each AI system?
Human Oversight — Defined human-in-the-loop processes for high-risk decisions?
Bias & Fairness — Regular bias audits, fairness metrics, disparate impact testing?
Data Governance — Training data provenance, consent, retention, and deletion policies?
Incident Response — AI-specific incident playbook, reporting procedures, rollback plans?
Vendor Management — AI vendor risk assessments, contractual AI governance requirements?
Audit Trail — Logging, explainability, decision traceability for AI-assisted outputs?

Generate a report with:

Executive Summary — Overall score, risk level, top 3 gaps
Dimension Scores — Table with score, evidence, and gap description per dimension
Regulatory Exposure — Which regulations apply and key deadlines:
- EU AI Act: Aug 2, 2026 (high-risk system requirements)
- HHS AI Transparency: April 3, 2026 (healthcare)
- NIST AI RMF: Ongoing (federal contractors + best practice)
- State bar AI rules: Varies (legal industry)