Run a free AI governance assessment against ISO 42001 and UK requirements. Covers oversight, accountability, shadow AI and risk. Instant results for UK business leaders.
AI governance is how an organisation makes sure its use of AI is responsible, lawful, accountable and safe: the policies, roles, risk processes and oversight that sit around the technology. You need it because AI is already in your tools, suppliers and decisions, often before anyone wrote a rule. Without governance you cannot show a board, a regulator or a customer that the AI you rely on is under control.
ISO/IEC 42001:2023 is the world's first international standard for an AI management system, published in December 2023. It sets out how to establish, run and improve responsible AI governance, using the same clause structure (4 to 10) as ISO 27001, so boards familiar with information-security certification will recognise the shape. It is voluntary, not a law. Organisations pursue it as a credible, certifiable benchmark and an increasingly common procurement requirement, much as they did with ISO 27001 for security.
No. This is a self-assessment and a board-ready signal, not an audit, a certification or legal advice. It shows you where your AI governance is strong and where it is exposed, mapped to recognised frameworks, so you know where a deeper review would pay back. Certification against ISO 42001 is granted only by accredited third-party certification bodies after a formal audit.
It can. The EU AI Act reaches organisations established outside the EU if they place an AI system on the EU market, serve EU users, or if the output of their AI system is used in the EU. UK boards should treat it as extraterritorial, much like GDPR. Penalties run up to 35 million euros or 7% of worldwide annual turnover for the most serious breaches. This tool references the Act because it shapes the risk picture; it does not assess legal compliance with it.
The seven dimensions map to ISO/IEC 42001:2023 (its Clauses 4 to 10 and Annex A control themes), the NIST AI Risk Management Framework 1.0 and its four functions (Govern, Map, Measure, Manage), the EU AI Act's risk and transparency obligations, and the UK's five cross-sectoral regulatory principles. These are named in the methodology note and on your results.
Twenty-one questions, three per dimension, each scored from one (weakest) to four (strongest). The seven dimensions carry equal weight, and your points are normalised to a true 0 to 100 scale, where 0 is the weakest possible position and 100 the strongest. You are placed in one of four tiers and shown each dimension as a percentage, with your weakest dimensions named alongside what to do about them.
UK mid-market and non-profit boards, chief executives, trustees, COOs, CFOs and the leaders responsible for technology and risk. It is written in plain business language, so no technical or AI knowledge is needed. It is built for the person who has to answer to the board for how AI is governed, not for data scientists.
About eight minutes. Twenty-one questions, each with four plain-English options describing how things actually work in your organisation today. Answer based on what is true now, not what you intend to put in place, or the result will flatter you.
No. ISO 42001 is a strong foundation and its work is reusable, but on its own it does not confer the EU AI Act presumption of conformity, which requires a harmonised European standard once cited in the Official Journal. Think of ISO 42001 as the governance scaffold that makes regulatory readiness far easier, not as a regulatory shield in itself.
An overall score out of 100, your tier with a plain-language verdict, a breakdown across all seven dimensions, your weakest dimensions named with their practical consequence, and a clear next step calibrated to where you are. You can also receive a one-page, board-shareable summary.
No. Starkhorn is an independent technology consultancy. We do not certify, we do not sell AI tools, and we take no commission on either. We help boards and leaders design and run the governance behind their AI. This tool is free and exists to show you where you stand.