A platform we built, shown as proof
BoardServe
The system of record for the modern boardroom.
BoardServe is a multi-tenant governance and GRC platform we designed and shipped ourselves. It is where boards run assessments, audit their skills, measure their AI-governance maturity and keep their compliance records, with audit trails kept by default. It is the clearest evidence we have that we do not only advise on governance. We build the systems that meet it.
What BoardServe is
A multi-tenant governance platform, built and run by us.
BoardServe is a business-to-business governance and GRC product, scoped per organisation, that brings board effectiveness, skills, AI-governance maturity and compliance into one place. We built it the way we build for clients, with governance in the architecture rather than bolted on afterwards.
Multi-tenant by design
Each organisation is its own isolated tenant, with its own boards, committees, members and records.
Governance-native
Assessments, declarations, documents and meetings are governance objects, not generic files in a shared drive.
Production, not a prototype
A shipped product in active development, and the most direct proof that our build work reaches production.
What's inside
The modules that make up the boardroom's system of record.
Each module does a specific governance job. The AI-governance maturity assessments are aligned to ISO/IEC 42001 and the EU AI Act. That is alignment, not certification.
Assessments and questionnaires
Configurable assessment and questionnaire instruments for board reviews, surveys and structured self-evaluation.
Board skills audits
A living skills matrix that maps the competencies on your board and committees, and shows where the gaps sit.
AI governance maturity
Maturity assessments aligned to ISO/IEC 42001 and the EU AI Act, so a board can see where its AI governance stands.
Assessment cycles, run as Rounds
Assessments run in repeatable Rounds, so you can track how a board's position moves between one cycle and the next.
360 and temporary external links
Gather 360 input from members, and invite external contributors through time-limited links scoped to a single exercise.
AI-assisted analytics
Analytics that summarise assessment results, with export to Word for the documents a board and its advisers expect.
Compliance and declarations
Registers for interests, gifts and hospitality, expenses, succession, training and onboarding, kept in one place.
Boards, committees and meetings
Structure boards and committees with meeting workspaces, so the papers and the people line up.
Versioned Document Library
A version-controlled document library with AI drafting to help prepare governance documents from a known base.
Document Review
Structured review of governance documents, with the trail of who looked at what kept alongside the document.
Grace, a read-only MCP server
A read-only MCP server that lets governance data be queried by assistants without granting any write access.
Inside the build
The governance is written into the platform, not described next to it.
Grace, the read-only assistant in BoardServe, can read your governance data and cannot change it. That is not a setting we promise to honour. It is a database role that holds only SELECT, so writes are refused by Postgres itself. This is a real control from the BoardServe codebase, lightly redacted.
The same discipline runs through the platform: append-only audit trails, organisation-scoped access, and a named person on every decision.
// Runs as a database role that holds only SELECT.// INSERT, UPDATE and DELETE are refused by Postgres itself.const { data, error } = await supabase.rpc( "run_grace_readonly_sql", { query: sql },);if (error) return { ok: false, error: clean(error) };return { ok: true, rows: data ?? [] };Why it's defensible
The governance is in the platform, so the evidence is already there.
BoardServe is built for the standards a UK board answers to, and it keeps the record that proves it rather than leaving you to assemble one after the fact.
Audit trails by default
The platform records governance activity as it happens, so the evidence exists before anyone has to go looking for it.
Built for the UK Corporate Governance Code
BoardServe is built for the UK Corporate Governance Code, and ready for Provision 29's declaration on the effectiveness of material internal controls.
UK and EU data residency
Customer data is held with UK and EU data residency, for organisations that need to keep their governance records in-region.
UK GDPR and DPA 2018 alignment
Designed to align with UK GDPR and the Data Protection Act 2018, with a data-processing agreement available.
Organisation-scoped least-privilege
Every tenant is isolated, and access is granted on a least-privilege basis. People see the organisation, board and records they are entitled to, and no more.
What we don't claim
We'd rather be precise than impressive.
A few things are worth stating plainly, so nothing on this page is mistaken for more than it is.
Figures you may see in product screenshots, such as an 18 of 21 or 86% score against a “Q1 Board Effectiveness Review”, are interface mockups for layout. They are not real customer data or measured outcomes.
BoardServe does not hold ISO 27001, Cyber Essentials or SOC 2 Type II. Its security controls are designed around these standards. Certification status evolves and is available on request.
The trust signals on the platform are sector categories, not named clients. We do not publish customer logos or testimonials that have not been cleared for use.
Operating company
BoardServe is operated by The Governance Forum Limited, trading as BoardServe (company no. 06881402). You can explore the live platform directly, or talk to us about putting your board's governance on a defensible footing.
Find out where your AI exposure sits.
We'll tell you plainly what's worth doing, what isn't, and what a board or regulator will expect to see. No pitch deck.
No obligation · no pitch.