Sample AI Readiness Report

Example Professional Services Ltd

Professional services · 51-250 staff · Sample output

56

/ 100

Exposed

AI usage is likely moving faster than governance, data rules, and operational controls. Immediate action should focus on visibility, data handling rules, and a simple approval route.

Executive summary

Example Professional Services Ltd is likely adopting AI faster than current governance and controls can support. Immediate action should focus on tool visibility, data handling rules, ownership, and a small set of approved low-risk use cases.

Top five red flags

1.No complete inventory of AI tools or embedded SaaS AI features.
2.Staff may be using personal AI accounts for work.
3.AI vendor data retention and training terms have not been reviewed.
4.No named owner for AI risk and approvals.
5.AI use cases are not prioritised by value, risk, and data sensitivity.

Dimension score breakdown

01

AI Usage Visibility

11/25
02

Data Protection & Confidentiality

13/25
03

Governance & Accountability

10/25
04

Security & Access Control

17/25
05

People, Training & Acceptable Use

18/25
06

Value, Use Cases & Control

15/25

30-day action plan

1.Create an AI tool inventory and identify unapproved usage.
2.Define what data can and cannot be used in AI tools.
3.Name an AI owner and set an approval route for tools and use cases.
4.Review Microsoft 365 permissions before any Copilot rollout.
5.Issue plain-English staff guidance with safe and unsafe examples.

Evidence gaps

  • Approved AI tools list
  • AI acceptable use policy
  • Vendor data processing terms
  • AI approval workflow
  • AI use case register

Safe first AI use cases

  • Summarising internal meeting notes where confidential data rules are clear
  • Drafting internal knowledge base articles from approved source material
  • Creating first drafts of non-client-facing communications for human review
  • Classifying low-sensitivity support tickets or internal requests

Avoid for now

  • Legal, financial, HR, medical, or regulated advice without specialist review
  • Client-facing advice or deliverables where AI output is not checked by a human
  • Processing special category, highly confidential, or client-restricted data in public tools
  • Automated hiring, disciplinary, credit, or eligibility decisions

Ready to generate your own report?

The real report is based on your answers and saved to a private UUID link.

Start AI readiness check