Responsible AI Assessment

Is Your Organisation Using AI
Responsibly?

Twelve questions across six responsible AI dimensions — aligned to the NIST AI Risk Management Framework. Discover your RAI maturity level, your most critical exposure, and what to address before your next AI deployment.

12
Questions
5 min
To complete
Free
Instant result
Accuracy & Reliability Human Oversight Security & Resiliency Transparency Privacy Bias & Fairness
NIST AI Risk Management Framework Aligned
Each section maps directly to the NIST AI RMF’s seven trustworthiness characteristics (NIST AI 100-1, January 2023). Your result includes a NIST alignment summary and ISO 42001 pathway note.
1
2
3
4
5
6
7
8
9
10
11
12
🎯
Section 1 — Accuracy & Reliability
2 questions · up to 2 points · NIST AI RMF: Valid & Reliable (§3.1)
1
Output Verification Practice
Does your organisation treat AI-generated outputs as drafts requiring human verification before they are shared with clients, used in decisions, or acted on operationally — rather than as final answers?
2
Reliability Monitoring
Is there any process — however informal — for tracking the accuracy and error rate of AI outputs that influence your key decisions or client deliverables?
👤
Section 2 — Human Oversight & Accountability
2 questions · up to 2 points · NIST AI RMF: Safe (§3.2) + Accountable & Transparent (§3.4)
3
Named AI Initiative Owner
Does every active AI initiative in your organisation have a named human owner — someone explicitly accountable for that system’s performance, governance compliance, and incident response — documented in writing rather than assumed by role?
4
Safe Failure Protocol
If an AI system used in your organisation produced an unexpected, incorrect, or harmful output, is there a defined protocol for stopping, escalating, and remediating — with a named response lead and documented containment steps — before more harm occurs?
🛡
Section 3 — Security & Resiliency
2 questions · up to 2 points · NIST AI RMF: Secure & Resilient (§3.3) · OWASP LLM Top 10
5
Adversarial & Security Risk Assessment
Before deploying AI tools — including agentic AI systems — that access sensitive data, connect to external systems, or can take autonomous actions, does your organisation assess the security risks? This includes adversarial manipulation such as prompt injection (where malicious inputs hijack AI behaviour) and data exposure.
6
Least Privilege Access for AI Systems
Do AI tools and agentic AI systems in your organisation follow the principle of least privilege — accessing only the data, APIs, and systems required for their specific task, with access boundaries documented and reviewed regularly? An AI agent with unrestricted access creates a significantly larger blast radius when it behaves unexpectedly.
🔍
Section 4 — Transparency & Explainability
2 questions · up to 2 points · NIST AI RMF: Accountable & Transparent (§3.4) + Explainable (§3.5)
7
AI Disclosure to Affected Parties
Does your organisation disclose to clients, employees, or other affected parties when an AI system has been used to make or materially influence a decision that affects them — and is this disclosure governed by a written policy rather than left to individual judgement?
8
Explainability of AI-Influenced Decisions
If a client, employee, or regulator asked how a specific AI-influenced decision or recommendation was reached, could your organisation provide a plain-language explanation of the factors considered — for at least your medium- and high-stakes AI use cases?
🔒
Section 5 — Privacy Protection
2 questions · up to 2 points · NIST AI RMF: Privacy-Enhanced (§3.6)
9
Data Classification Rules for AI Input
Are there written, enforced rules defining which categories of data — client personally identifiable information (PII), employee records, confidential financials, proprietary business information — may not be entered into AI tools without explicit approval? And are employees trained on these specific restrictions?
10
Vendor Data Handling Review
Before adopting an AI tool, does your organisation review how the vendor handles your data — specifically whether the vendor uses your inputs to train their public models, what data isolation protections exist, and whether data processing agreements are in place?
Section 6 — Bias & Fairness
2 questions · up to 2 points · NIST AI RMF: Fair — Harmful Bias Managed (§3.7)
11
Pre-Deployment Bias Review
For AI systems that influence decisions affecting people — hiring, performance evaluation, client eligibility, pricing, or service terms — is there a pre-deployment review to assess whether the system could produce biased or discriminatory outcomes across demographic groups?
12
Post-Deployment Bias Monitoring
After an AI system is deployed, is it periodically reviewed to ensure its outputs remain fair over time — checking for demographic patterns, shifting outcomes, or model drift that could introduce or amplify bias that was not present at launch?

What Your Responsible AI Score Tells You

AI governance is not an ethics aspiration. It is an operational obligation with real legal, client trust, and reputational consequences.

1
Your RAI maturity tier
Trustworthy, Developing, or Exposed — scored across six NIST-aligned dimensions with a full coverage breakdown.
2
Your most critical RAI gap
The specific dimension creating the highest legal and reputational exposure — with a concrete action to address it.
3
NIST RMF alignment note
Which NIST AI RMF functions to prioritise and how your score maps to the GOVERN and MAP foundations.

Ready to embed responsible AI into your governance framework? The consultation identifies your highest-risk gaps and produces a sequenced remediation plan matched to your current AI portfolio.

LATEST Posts

The Four Quadrants

The Four Quadrants of AI Value: A Strategic Classification Framework for SMEs

Small and medium-sized enterprises face a specific AI adoption challenge: the volume of potential AI applications is overwhelming, yet resources …
AI Strategy

The Complete Guide to AI Strategy for Mid-Market Leaders

An AI strategy is a documented plan that defines what artificial intelligence your organization will deploy, in what sequence, governed …
The-Workplace-AI-Tool-Landscape-for-Leaders

The Workplace AI Tool Landscape for Leaders

Leaders today are surrounded by AI requests. One department wants a writing assistant. Another wants AI inside email and meetings …
Start With the Task, Not the Tool

Start With the Task, Not the Tool: A Practical Way to Learn AI

Many people begin their AI learning journey by asking the same question: “Which AI tool should I use?” It is …
AI Readiness- What Organizations Should Fix Before Scaling AI

AI Readiness: What Organizations Should Fix Before Scaling AI

Many organizations want to scale AI quickly. They see competitors experimenting with generative AI. Employees are using ChatGPT or Copilot …
What Agentic AI Means After Basic AI Tools

What Agentic AI Means After Basic AI Tools

Many people first experience AI through chat. They ask a question, receive an answer, refine the prompt, and use the …