Free tool
Build an AI risk register your board can act on
An AI risk register is how a UK board shows it is governing AI: each risk paired with an owner, a control, the evidence that proves it, and a next action. Answer a few questions and we generate a tailored starting register you can take into your next board meeting.
Choose at least one AI use to continue.
What the board needs to decide
- Who owns each AI risk, and is that owner named?
- Which AI uses touch personal data, decisions about people, or vulnerable groups?
- What evidence would show a regulator the controls actually operate?
Frequently asked questions
- What is an AI risk register?
- A board-level record of the risks your AI use creates, each with an owner, a control, the evidence that proves the control works, and a next action. It is how a board demonstrates it is governing AI, not just using it.
- Is this legal advice?
- No. It is a starting point for board discussion, generated from common AI governance risks and tailored to your sector. Review it with a qualified person before relying on it.
- What frameworks does it map to?
- The register references ISO/IEC 42001, the NIST AI RMF and UK GDPR, and is written for UK regulated organisations.
- Do you store my answers?
- Your register is generated on request and shown to you. We only capture your details if you ask us to email you a copy.
Find out where your AI exposure sits.
We'll tell you plainly what's worth doing, what isn't, and what a board or regulator will expect to see. No pitch deck.
No obligation · no pitch.