AIRiskAware
Free Resources

AI governance, frameworks & checklists.

Practical, ready-to-use frameworks for the work of AI governance. Organised by role, find what is relevant to your seat. Free, on-site, and built from regulatory primary sources. No sign-up, no download required.

Browse by role

What is relevant to your seat.

The same resource is often useful to multiple roles. Jump to the role-curated set, or scroll down for the full library.

Boards & CROs2 resources
Chief AI Officers2 resources
GRC Teams5 resources
General Counsel3 resources
Internal Audit2 resources
CISOs1 resource
Risk Practitioners4 resources
Procurement2 resources

Full library

Every resource, in one place.

CHECKLIST

EU AI Act Readiness Checklist

A practical 40-point checklist covering scope assessment, classification, conformity assessment, technical documentation, and deployer obligations. Updated for August 2026 enforcement.

Compliance teams, legal, risk

Compliance teams, legal, risk

View resource
SELF-ASSESSMENT

ISO 42001 Implementation Self-Assessment

Map your existing AI governance against ISO 42001 requirements. Identifies the gaps between your current state and certification readiness across all clause requirements.

Risk teams, compliance, certification leads

Risk teams, compliance, certification leads

View resource
TEMPLATE

AI Usage Policy, SME Template

A one-page AI usage policy template for small and growing businesses. Covers approved tools, data rules, quality checks, and disclosure obligations.

SME owners, operations leads

SME owners, operations leads

View resource
BOARD KIT

Board AI Governance Question Kit

Twelve questions every board director should be asking about AI, paired with the answers that signal genuine governance and the answers that reveal gaps.

Directors, board secretaries, GCs

Directors, board secretaries, GCs

View resource
FRAMEWORK

AI Vendor Due Diligence Framework

Structured questionnaire for assessing third-party AI vendors before procurement. Covers technical documentation, bias testing, data processing, and contractual protections.

Procurement, legal, risk

Procurement, legal, risk

View resource
PLAYBOOK

AI Incident Response Playbook

Step-by-step playbook for responding to AI system failures: detection, escalation, regulatory notification, affected-individual communication, and post-incident review.

Risk, legal, operations

Risk, legal, operations

View resource

Free ยท on-site

Get new frameworks first.

Subscribers get every new resource as it's published, plus monthly regulatory updates and analysis. No spam.