AI Governance Policy
A complete, board-ready master policy for governing AI responsibly across its lifecycle — principles, roles & RACI, an ISO 42001-aligned management system, stage gates, acceptable-use rules and a full regulatory mapping (EU AI Act, NIST, ISO, GDPR, Canada).
Aligned to: ISO/IEC 42001 · EU AI Act · NIST AI RMF · OECD
AI Risk Management Policy
A practical, continuous AI risk-management policy — three lines of defence, risk appetite, a 10-category AI risk taxonomy, a 5×5 assessment method, the four-T treatment model, KRIs & thresholds, agentic-AI controls and incident escalation clocks.
Aligned to: EU AI Act Art. 9 · ISO/IEC 23894 · ISO 31000 · NIST AI RMF