AI Governance Scorecard

Get Your Governance Score

A 5-section diagnostic across infrastructure, vendor lock-in, AI usage, operator governance capacity, and compliance exposure.

Surface the governance gaps your enterprise customers are about to test
See which infrastructure decisions are made by vendors, not by you
Receive a category-level breakdown by email — no sales sequence, no auto-DM

Your details are captured at the end. Start with the questions.

Step 1 of 5 · Infrastructure Dependency

Question 1 of 15

Can you export ALL your business data and move to different platforms within 24 hours?

Yes, tested it Probably, but never tested No / Don't know

Question 2 of 15

If AWS/Google/Microsoft shut you down tomorrow, how long until you're operational?

<24 hours (we have backups) 1-7 days >7 days / Never

Question 3 of 15

Where are your business passwords stored?

Encrypted vault (Bitwarden, 1Password) Browser / Spreadsheet Sticky notes / Memory

Step 2 of 5 · Vendor Lock-In

Question 4 of 15

How many SaaS subscriptions does your business pay for?

1-5 (lean) 6-15 (normal) 16+ (high dependency)

Question 5 of 15

Could you replace your top 3 business tools within 30 days without losing data?

Yes, we own the data Partially No, we're locked in

Question 6 of 15

Do you know your exact monthly SaaS spend?

Yes, tracked and reviewed Rough estimate No idea

Step 3 of 5 · AI & Data Leakage

Question 7 of 15

Do your team members paste confidential data into ChatGPT/Claude/AI tools?

No, we have private AI / clear policy Not sure / No policy Yes, regularly

Question 8 of 15

If OpenAI/Claude went down for a week, could you operate?

Yes, we have fallbacks Reduced capacity Completely stuck

Question 9 of 15

Are your AI prompts version-controlled and owned by the company?

Yes, documented system Some employees have them Ad-hoc, in people's heads

Step 4 of 5 · Operator Governance Capacity

Question 10 of 15

When was the last time someone other than you reviewed a major AI vendor decision before approval?

Within the last 90 days, with a documented review Informally — has happened sometimes Never — I make these decisions alone

Question 11 of 15

If an enterprise customer asked who in your company is accountable for AI tool selection — can you name a specific role?

Yes — the role is documented and assigned Sort of — it's spread across a few people No — it's me, by default

Question 12 of 15

How many of your AI tool subscriptions have been reviewed in the last 90 days for actual usage and necessity?

All of them — we have a review cadence Some — we look at the big ones occasionally None — no one reviews them

Step 5 of 5 · Compliance & Risk

Question 13 of 15

Do you have customers in the EU or UK?

No EU/UK customers Some EU/UK customers Majority of customers in EU/UK

Question 14 of 15

Which regulations apply to your business?

None / Not sure One regulation (GDPR/CCPA/etc) Multiple regulations (GDPR + CCPA + HIPAA/etc)

Question 15 of 15

If a customer asked "Where is our data stored?" can you answer in 30 seconds?

Yes, documented and clear Partially (I think I know) No, would need to check

Assessment Complete

Where should I send your score?

Your category breakdown is ready. Add your details to receive your full report and see your score.

Full Name*

Work Email*

Company Name*

Your results are emailed instantly. No automated sequences, no spam, unsubscribe anytime.

How Governed Is Your AI Layer?

Get Your Governance Score

Where should I send your score?