Free Governance Assessments
Information security and AI governance are no longer just technical issues. They affect how organisations handle sensitive information, use digital tools, make decisions, manage suppliers, protect clients and evidence responsible practice.
Our free governance assessments help you take a structured look at where you are now. Each assessment gives you a practical RAG-rated overview of key strengths, gaps and priority areas, so you can see what needs attention without starting with a full audit or consultancy project.
Choose the assessment that best matches your current concern, or complete both for a broader view of your governance position.
Free
Information Security Governance Assessment + RAG Report
How well protected is your organisation’s information?
Most organisations hold sensitive data, rely on third-party systems, work across devices and locations, and depend on staff making good day-to-day information security decisions. The risk is not always obvious until something goes wrong.
This assessment helps you understand how well your organisation manages information security from a governance, operational and staff-practice perspective.
It looks at:
- Information handling and confidentiality
- Governance, ownership and responsibilities
- Legal, regulatory and contractual obligations
- Policies, procedures and evidence
- Staff awareness and everyday practice
- Access control, devices and remote working
- IT responsibilities and supplier oversight
- Systems, backups and incident readiness
- Current concerns, weaknesses and priorities
What you receive:
A free 2-page RAG-rated overview highlighting key strengths, areas of concern and practical next steps
Ideal for: Charities, CICs, care providers, housing organisations, small businesses and people-focused services that want a clearer picture of their information security exposure.
Free
AI Governance Assessment + RAG Report
Is your organisation using AI safely, responsibly and with enough oversight?
AI tools are already being used across many organisations, sometimes formally, sometimes informally, and sometimes without senior leaders knowing exactly where, how or why. The risk is not just whether AI is being used, but whether it is being used with appropriate control, transparency, accountability and data protection.
This assessment helps you understand whether your organisation has enough governance around AI use, especially where it affects clients, customers, staff, volunteers, service users or sensitive information.
It looks at:
- Where AI is being used across the organisation
- AI ownership, approval and risk classification
- Use of AI in decisions, advice and service delivery
- Human review, accuracy checks and explainability
- Bias, fairness and transparency considerations
- Data protection, confidentiality and prohibited uses
- Third-party AI provider checks
- AI incidents, assurance and evidence
- Staff, volunteer and contractor understanding
- Legal, regulatory and contractual awareness
What you receive:
A free 2-page RAG-rated overview highlighting key AI governance risks, control gaps and practical next steps.
Ideal for: Charities, CICs, care providers, housing organisations, therapists, coaches, consultants and other organisations using or considering AI tools in their work.
Not sure which one to complete?
If your main concern is sensitive data, systems, staff practice, suppliers, access control or incident readiness, start with the Information Security Governance Assessment.
If your main concern is the use of AI tools, AI-assisted decisions, client-facing AI, data entered into AI systems, transparency, bias, or AI oversight, start with the AI Governance Assessment.
Many organisations benefit from completing both, because AI governance and information security are closely connected.
