Colorado AI Act Jun 30, 2026
EU AI Act Aug 2, 2026
California ADMT 2026
Governance Assessment

Know where you stand before the deadline hits

A structured assessment against ISO 42001 and NIST AI RMF, delivered through our platform in 3–4 weeks. Not a PDF. An actionable baseline your compliance officer or GC can sign without going through IT procurement.

Book a governance assessment

What you get

Structured output, not a stack of slides

ISO 42001 Coverage

93 controls across 10 Annex A domains. Every control mapped, scored, and documented.

NIST AI RMF Crosswalk

Full function mapping—Govern, Map, Measure, Manage—with gap identification.

Regulatory Timeline

Colorado AI Act, EU AI Act, HIPAA—mapped to your specific exposure.

Gap Analysis

Prioritized remediation roadmap with effort estimates and risk ratings.

Platform-Delivered

Results live in the GLACIS platform. Filter, export, share. Not a static PDF.

Standards-Based Output

Structured data that integrates with your existing governance tools.

Who this is for

Built for teams navigating AI governance

Organizations figuring out their AI governance posture—and needing a structured starting point.

Compliance officers preparing for regulatory deadlines with limited internal AI expertise.

AI governance committees needing a defensible baseline to present to leadership and the board.

Health systems evaluating AI vendor compliance and managing third-party model risk.

Engagement details

Scoped to deliver, not to drag

$20–40K

Typical engagement, scoped to your AI footprint and regulatory exposure.

2–4 Weeks

From kickoff to delivered results in the GLACIS platform.

Assess + Subscribe

Can be structured as initial assessment plus annual platform subscription.

Regulatory exposure

These are current liabilities

These are not future risks. They are current liabilities accumulating daily.

Colorado AI Act June 30, 2026
EU AI Act August 2, 2026
Book a governance assessment

Common questions

What to expect

Who needs to be involved from our side?
Typically your CISO, compliance lead, and one technical lead who understands your AI deployment architecture. We handle the heavy lifting.
How is this different from a consulting engagement?
We deliver through our platform, not as a PDF. Your results are structured, searchable, and exportable. When you’re ready for continuous compliance, the data is already there.
Do we need to be pursuing ISO 42001 certification?
No. The assessment benchmarks against ISO 42001 as a framework, but many organizations use it to understand their posture without pursuing formal certification.
What happens after the assessment?
You get a prioritized remediation roadmap. Many clients transition to our Compliance Platform for ongoing governance. But there’s no obligation—the assessment stands alone.
Can this be structured as an annual engagement?
Yes. Many clients pair the initial assessment with an annual platform subscription for continuous monitoring.
Book a governance assessment

More from GLACIS

From assessment to continuous evidence

Compliance Platform

Continuous AI governance

The compliance platform purpose-built for AI systems. ISO 42001 mapping, automated evidence, standards-based export.

Request a demo

Zero-Egress Deployment

Ship AI without the risk

Zero-egress proxy with built-in controls and audit-ready evidence generation. No BAA required.

Talk to us