Foundation

AI Governance Sprint

Your staff are already using AI tools. Some you know about. Some you don't. This sprint gets the governance foundations in place — fast, practical, and built for how your business actually operates.

The Situation

Shadow AI Is Already Here

Most organisations have no AI policy, no oversight, and no contractual protection in place. Staff are using ChatGPT, Copilot, and other tools — because they're useful and they're free. But nobody's checked the data protection implications.

That means real exposure under UK data protection law. Real risk if a client, parent group, or auditor starts asking questions. And a growing gap between what your people are doing and what you've authorised.

The instinct to wait until you have "a proper AI strategy" is understandable. But governance isn't something you build at the end — it's what makes safe adoption possible in the first place.

shield

Without Governance

warning
Staff using AI tools with no visibility or control over what data is being shared
warning
No Data Processing Agreements in place with AI providers
warning
No acceptable use policy for staff to follow
warning
No documented response when clients or auditors ask about AI governance

What You Get

Five Deliverables. Two to Three Weeks.

AI Tool Inventory & Risk Assessment

A clear picture of which AI tools are in use — including those IT doesn't know about — each assessed against data security criteria.

Data Classification Framework

A simple, practical scheme defining which data types can be used with which tools — built for how your business actually operates.

Acceptable Use Policy

A written, enforceable policy governing AI tool use across your organisation. Ready to issue to staff — clear enough to actually follow.

DPA Checklist

Confirmation of whether a Data Processing Agreement is in place with each approved tool. Gaps flagged with recommended next steps.

Governance Framework Summary

A one-page summary of your AI governance posture — for procurement responses, parent group reporting, or client assurance.

Optional Add-Ons

DPIA assessment · Staff training session · Microsoft 365 permissions review · Procurement response pack

The Outcome

verified

Reduced legal exposure

The contractual and policy gaps that create GDPR risk — closed.

lock_open

Confidence to move forward

A framework that lets you adopt AI tools without the risk of getting it wrong.

groups

Staff clarity

A policy people can actually follow, not a document that sits in a drawer.

question_answer

Answers to hard questions

When clients, parent groups, or auditors ask about your AI governance, you have a documented response.

rocket_launch

A platform for what's next

Governance in place means AI adoption can accelerate, not stall.

Investment

Fixed fee based on business size and scope. Indicative range: £1,500–£6,500 for businesses up to 250 staff.

Confirmed on a brief scoping call — no surprises.

AI Governance

Common Questions

Do we really need AI governance if we're a small company?

add

What if our staff aren't using AI at all?

add

How long does the Sprint take?

add

How much does it cost?

add

Can this run alongside other work with Charis AI?

add

Get the Foundations Right.

Book a free Discovery Call and we'll scope what governance looks like for your business. Fast, practical, and built to last.

Book a Discovery Call