שפת ממשק
תפעולרשימת בדיקהcontent.hero.readingMinutescontent.hero.updated May 20, 2026

AI governance checklist — 12 items before your next audit

Use this as a working list, not a certification checklist. Tick what you have evidence for. If more than three items are “not started” and you sell B2B, treat AI governance as a 90-day program.

content.layout.tocMobileLabel
  1. 01 The 12 items
  2. 02 Next step

The 12 items

  1. Written scope: which teams and systems are in scope for AI governance this quarter.
  2. Inventory of AI tools — approved and discovered shadow AI.
  3. Data classification rules: what must never enter public models.
  4. Owner (RACI) for approving new AI pilots.
  5. Human oversight defined for decisions that affect people.
  6. Vendor list with DPAs or equivalent for AI sub-processors.
  7. Incident path when AI output causes harm or exposure.
  8. Training: short module + where to read the policy.
  9. Link to privacy / security programs (27001, SOC 2, PIPEDA) where relevant.
  10. Evidence folder: decisions, approvals, and review dates.
  11. Executive summary one pager for board or key customer.
  12. Review cadence (at least every 6 months).

Next step

Pair this list with a shadow AI discovery pass and an AI risk assessment. The portal on aigrc.app (also iso42001.co, ai-grc.app) branches by your answers and highlights ISO 42001 / EU AI Act gaps in about 15 minutes.

Need a facilitated program? ISO 42001 consulting (international) · Israel ISO 42001 services.

content.layout.faqHeading

content.layout.faqCount
Is this an ISO 42001 certification checklist?

No. It is an operational readiness list for security and GRC leads. For AIMS structure and Annex A mapping, see our ISO 42001 guide and the portal assessment.

How often should we rerun this?

At least every six months, or after a major AI launch, vendor change, or customer audit request.

content.layout.ctaBadge

content.layout.ctaDefaultTitle

content.layout.ctaDefaultSubtitle

content.layout.contactTitle

content.layout.contactBadge

content.layout.contactBody

content.topicsMap.eyebrow

content.topicsMap.headingTemplate

content.topicsMap.legendHint

content.layout.clusterLabel תפעול

AI Governance Checklist — 12 Items Before Your Next Audit | Alice GRC Portal