Clear rules for AI use. Tailored to your business.

AI is already in your business — whether you know it or not. Without a governance framework, your team is making decisions about AI use on their own, in different ways, with different tools, and different standards. We fix that with a complete, customisable set of policies that bring everyone onto the same page.

Get in touch See what's included

The problem

Shadow AI is already happening in your business.

Shadow AI refers to the use of AI tools by employees without the knowledge, approval, or oversight of the business. It's not malicious — it's just what happens when people find useful tools and start using them without guidance. Staff are signing up for AI platforms with personal or work accounts, pasting sensitive information into public AI systems, and generating business outputs with no review process in place.

Without governance, you have no visibility into what tools are being used, what data is being shared, or what liability you might be accumulating. That's a risk most businesses can't afford to ignore as AI becomes embedded in everyday work.

Without governance

What happens when there are no rules.

The risks of unmanaged AI use are real, and they grow as AI becomes more capable and more embedded in how people work.

Data exposure

Staff share sensitive client, financial, or operational data with public AI tools that may store and use that information for training. A single well-meaning employee can create a serious breach.

Inconsistent outputs

With no shared standards, different people use AI differently — producing inconsistent quality, tone, and accuracy across the business. There's no way to audit or control what's being generated.

No accountability

When something goes wrong — an AI-generated document with an error, a biased decision, a compliance issue — there's no policy framework to fall back on and no clear line of responsibility.

Regulatory exposure

As AI regulation evolves, businesses without documented governance practices will find themselves exposed. Demonstrating responsible AI use is increasingly expected by regulators, insurers, and enterprise clients.

Reputational risk

AI-generated content that is inaccurate, biased, or inappropriate reflects on the business that publishes it. Without review processes, there's nothing standing between a bad output and your customers.

No foundation to build on

Governance isn't just about preventing harm — it's what makes responsible AI adoption possible. Without a policy foundation, every AI project your business undertakes starts from scratch with no shared framework to guide it.

What we provide

A complete governance framework, built for your business.

Our framework is a customisable set of policy documents that together give your business a complete foundation for responsible AI use. Delivered as ready-to-use documents, tailored to your context.

Acceptable use policy

A clear policy defining what AI tools employees are permitted to use, how they can be used, and what's off-limits. Removes ambiguity and gives staff a simple set of rules to follow.

Data handling guidelines

Specific guidance on what types of information can and cannot be entered into AI systems. Covers confidential data, client information, personally identifiable information, and internal business data.

Approved tools register

A maintained list of AI tools that have been assessed and approved for use within the organisation, with guidance on the approved scope of each tool. Eliminates shadow AI by making the right choice the obvious one.

Risk assessment framework

A structured approach to evaluating AI use cases and tools before they're adopted. Ensures that risk is considered up front, not discovered after the fact, and that decisions are documented and defensible.

Review & oversight policy

Defines how AI-generated outputs should be reviewed before use, who is responsible for sign-off, and what quality standards apply. Keeps humans appropriately in the loop without creating unnecessary friction.

Incident response guidelines

A clear process for identifying, reporting, and responding to AI-related incidents — from data exposure to a biased output or a system failure. Ensures the business can respond quickly and consistently.

Roles & responsibilities

Clarity on who owns AI governance within the business, who is responsible for tool assessment, and how decisions are escalated. Governance only works if someone is accountable for it.

Policy review schedule

AI changes fast. Our governance framework includes a structured review schedule to ensure your policies stay current as tools evolve, regulations change, and your business grows.

Staff acknowledgement process

A simple process for ensuring staff have read, understood, and agreed to the AI policies that apply to them. Provides a documented record for compliance and HR purposes.

With governance in place

The confidence to adopt AI — without the risk.

Good governance doesn't slow AI adoption down — it makes it possible. When your team knows what's allowed, what tools are approved, and how to use AI responsibly, they can move quickly with confidence. You get the productivity gains without the liability. Leadership gets visibility and control. Clients and partners get reassurance that you take AI seriously.

Paired with our AI training, governance becomes even more powerful. Staff don't just know the rules — they understand why the rules exist and how to apply them to real situations. Together, they form a complete foundation for responsible AI use across your business.

FAQ

Common questions.

A few things people usually want to know before getting started.

Is this relevant to small businesses?

Yes. The risks of unmanaged AI use don't scale with company size — a small team can create just as much exposure as a large one. Our framework is designed to be practical and proportionate, so smaller businesses aren't burdened with enterprise-level complexity.

How customised are the documents?

Significantly. We tailor every document to your business — your tools, your industry, your risk appetite, and your existing policies. You don't receive a generic template; you receive a framework that reflects how your business actually operates.

Do we need a legal or compliance team to implement this?

No. Our governance framework is written in plain language and designed to be implemented by business owners and managers, not lawyers. We'll walk you through everything and make sure it makes sense for your context.

Can governance be paired with your training?

Yes — and we recommend it. Training and governance together are significantly more effective than either alone. Staff who understand the policies and why they exist are far more likely to follow them consistently.

What happens when AI tools or regulations change?

The framework includes a built-in review schedule. We also offer ongoing advisory support for clients who want a partner to help keep policies current as the landscape evolves. AI moves quickly — your governance should too.

How do we get started?

Get in touch and we'll have a conversation about your business, what AI tools are currently in use, and what risks you're most concerned about. From there we'll scope the framework and give you a clear picture of what's involved.

Get ahead of AI risk before it becomes a problem.

A governance framework is one of the most valuable things you can put in place right now. Let's build one for your business.

Get in touch View AI training