The Responsible AI Starter Toolkit

A complete, draft-ready AI usage policy covering acceptable use, data handling, accountability roles, employee obligations, and jurisdiction-specific compliance requirements.

• ✓ AI usage policy, multi-section
• ✓ Jurisdiction-specific compliance obligations
• ✓ Employee conduct rules
• ✓ Governance & accountability framework

Pre-populated AI risk register with scored risks across data privacy, model bias, security, and compliance — mapped to your sector, jurisdiction, and risk appetite.

• ✓ Pre-scored risk register — same content in .xlsx + .docx
• ✓ Risks mapped to your sector
• ✓ Mitigation controls per risk
• ✓ Risk appetite-adjusted thresholds

Plain-language AI usage guidelines for your workforce — covering acceptable tools, data handling rules, prohibited uses, and escalation procedures.

• ✓ Staff-facing guidelines (.docx)
• ✓ Training Matrix + Glossary (.xlsx) companions
• ✓ Approved & prohibited uses list
• ✓ Data handling rules

Aligned to ISO/IEC 42001 or NIST AI RMF (your choice). Executive Summary (.docx) for sign-off plus a 30-question scored Excel workbook with evidence requests and a Procurement Checklist companion.

• ✓ Executive Summary (.docx)
• ✓ Detailed 30-question workbook (.xlsx)
• ✓ ISO 42001 / NIST AI RMF aligned
• ✓ Procurement Checklist (.xlsx) companion

Per-framework gap analysis (EU AI Act / NIST AI RMF / ISO 42001) driven by your customer self-assessment answers. Executive Summary (.docx) for sign-off plus a multi-sheet Excel workbook with action plan, heat map, timeline, and a live Dashboard with native radar + doughnut charts.

• ✓ Executive Summary (.docx)
• ✓ Per-framework gap sheets (.xlsx)
• ✓ Action Plan + Heat Map + Timeline
• ✓ Live Dashboard with native charts

Intake-driven bias audit covering data, model, deployment and outcome dimensions. Executive Summary (.docx) for sign-off plus a 9-sheet Excel workbook (risk classification, 34-item checklist, fairness testing protocol, RACI matrix, permitted/prohibited use cases, monitoring plan, action plan, live Dashboard with native radar + doughnut).

• ✓ Executive Summary (.docx)
• ✓ 34-item audit checklist (.xlsx)
• ✓ Fairness Testing Protocol + RACI matrix
• ✓ Live Dashboard with native charts

Schedule-based GDPR Art.28(3)-aligned Data Processing Agreement covering AI vendor procurement. 12 main clauses + 4 schedules (Particulars / TOMs / Sub-Processors pre-populated / International Transfer Mechanism) + AI-specific contract terms + negotiation checklist + consolidated qualified-legal-review notes.

• ✓ 12-clause DPA + signature blocks
• ✓ Schedules: Particulars + TOMs + Sub-Processors + Transfers
• ✓ AI-specific contract terms + Negotiation Checklist
• ✓ Inline qualified-legal-review callouts

P1–P4 severity-classified AI incident response playbook. Executive Summary (.docx) for sign-off plus a 9-sheet Excel workbook (Severity Matrix / 6-Step Response Process / Regulator Directory / 12 Communications Templates / Evidence Checklist / RCA + Lessons Learned + Corrective Actions / Live Incident Log / Readme / Dashboard with native radar + doughnut).

• ✓ Executive Summary (.docx) for sign-off
• ✓ 9-sheet operational playbook (.xlsx)
• ✓ Detect → Contain → Assess → Notify → Remediate → Review
• ✓ Live Dashboard + 12 ready-to-use comms templates

Board-ready AI governance programme. Executive Summary (.docx) with 3 visual charts plus a 7-slide PowerPoint board pack plus a 10-sheet Excel workbook (org chart, RACI, 12 KPIs, 90-day roadmap, board report template, audit calendar, AI tool register, intake answers, readme, and a live-formula Dashboard with native radar + doughnut). Sized to your maturity stage and anchored to NIST AI RMF + ISO/IEC 42001.

• ✓ Executive Summary (.docx) for board sign-off
• ✓ 7-slide PPTX board pack
• ✓ 10-sheet operational workbook (.xlsx)
• ✓ 12-KPI dashboard + 90-day roadmap