Toolkit bundle

AI Governance Starter

Establish your AI governance baseline and connect it directly to a unified AI and security risk method.

Best for: First implementation step.

Each bundle combines complementary AIBI Systems toolkits into a focused route. Toolkit 6 is now available in the AI Risk & Lifecycle Control bundle and the Complete System Bundle.

£695 inc. VAT bundle price £848 inc. VAT individually. Save £153 (18%). 32 artefacts included
Toolkit 1Toolkit 5
Your Implementation Route

Two toolkits. One connected governance baseline.

Step 1 Week 1-2
TK1 - AI Readiness Assessment
assess
Score your current AI governance maturity
Identify gaps across 6 control domains
Produce a prioritised action plan
📄 Deliverable: Governance Baseline Report
Step 2 Week 3-6
TK5 - Unified AI & Security Risk System
manage
Build your unified AI and security risk register
Map risks to ISO 27001 and ISO/IEC 42001 controls
Establish ongoing risk monitoring cadence
📄 Deliverable: Live Unified Risk Register
🎯
End result: A documented, audit-ready governance baseline Assessed, risk-managed, and mapped to ISO 27001 & ISO/IEC 42001

Available now

Instant digital download
32 artefacts. No subscription. One-off purchase.
£695inc. VAT
Get the bundle - £695 inc. VATCompare bundles

🔒 Secure checkout via Lemon Squeezy ⚡ Instant delivery to your email 📄 7-day refund policy 👤 Your governance data stays with you

Included in this bundle

  • Toolkit 1 - AI Readiness Assessment
  • Toolkit 5 - Unified AI & Security Risk System

£848 inc. VAT individually. Save £153 (18%).

32 artefacts included across Toolkit 1 and Toolkit 5.

Includes all current files from Toolkit 1 and Toolkit 5, delivered as a one-off digital download.

Note: Toolkit 5 is also included in the AI Ethics & Risk bundle. If you already own Toolkit 5, choose the standalone toolkit option or contact us before purchase.

Outputs may be shared with auditors, customers, regulators, and advisers for assurance.

By the end of implementation you will have

  • A scored readiness baseline and a clear view of what to fix first.
  • One unified risk method for AI and security risks.
  • A cleaner route from diagnostic insight into risk treatment.
  • A board-ready view of maturity, gaps, decisions, and next actions.

Designed for

  • Organisations taking their first serious AI governance implementation step.
  • CISO, GRC, InfoSec, and risk leaders who need baseline and risk discipline.
  • ISO-literate teams preparing for proportionate AI governance.
  • Teams under customer, audit, or reputational pressure to evidence control.

Toolkit contribution comparison

Use this matrix to compare what each included toolkit contributes, what it costs, and what manual work it replaces.

Capability
PrimarySupportingBlank = not relevant
TK1 - AI Readiness AssessmentTK5 - Unified AI & Security Risk System
Baseline scoring
 Primary Scores readiness and produces the maturity baseline. Supporting Uses baseline outputs to target risk action.
Gap prioritisation
 Primary Prioritises what to fix first and creates a 90-day plan. Supporting Turns priority gaps into risk treatment actions.
Unified risk register
 Primary Provides the unified AI and security risk register.
AI inventory and impact screening
 Supporting Highlights visibility and lifecycle gaps. Primary Maintains inventory, supplier data, and AISIA screening.
Treatment and evidence
 Supporting Provides findings that justify action. Primary Tracks treatment, evidence links, and audit exports.
Price
£349inc. VAT£499inc. VAT
What it replaces
Replaces ad hoc readiness workshops, scattered gap spreadsheets, and manually written status reports.Replaces separate ISMS risk logs, AI inventories, supplier spreadsheets, and impact assessments.

Toolkit 1 - AI Readiness Assessment

£349 inc. VAT

  • Baseline scoring: Scores readiness and produces the maturity baseline.
  • Gap prioritisation: Prioritises what to fix first and creates a 90-day plan.
  • AI inventory and impact screening: Highlights visibility and lifecycle gaps.
  • Treatment and evidence: Provides findings that justify action.

What it replaces: Replaces ad hoc readiness workshops, scattered gap spreadsheets, and manually written status reports.

Toolkit 5 - Unified AI & Security Risk System

£499 inc. VAT

  • Baseline scoring: Uses baseline outputs to target risk action.
  • Gap prioritisation: Turns priority gaps into risk treatment actions.
  • Unified risk register: Provides the unified AI and security risk register.
  • AI inventory and impact screening: Maintains inventory, supplier data, and AISIA screening.
  • Treatment and evidence: Tracks treatment, evidence links, and audit exports.

What it replaces: Replaces separate ISMS risk logs, AI inventories, supplier spreadsheets, and impact assessments.

What each included toolkit adds

Each included toolkit keeps its full standalone content and purpose. The bundle gives you a joined-up route through those artefacts.

Toolkit 1 - AI Readiness Assessment preview

Toolkit 1 - AI Readiness Assessment

11 artefacts

Get a scored, defensible AI readiness baseline in 2-6 hours. Know where you stand and what to fix first with audit-ready outputs and a prioritised 90-day plan.

Key contribution

  • AI Readiness Assessment workbook - core scoring tool for domain scores, overall score, and maturity outputs.
  • How to Use guide - step-by-step guidance for completion, scoring discipline, and interpretation.
  • AI Readiness Maturity Model - maturity level definitions used by the assessment.
  • AI Readiness Assessment report template - documents findings, recommendations, and next actions.
View individual toolkit
Toolkit 5 - Unified AI & Security Risk System preview

Toolkit 5 - Unified AI & Security Risk System

21 artefacts

One risk register for information security and AI lifecycle risks. Replace fragmented ISMS and AI risk spreadsheets with a single governance-ready register, unified scoring method, and audit-traceable evidence hooks.

Key contribution

  • Unified Risk Register - master risk log with unified scoring, treatment tracking, heatmap, and audit-ready exports.
  • AI Inventory Workbook - AI system register with model metadata, supplier mapping, data lineage, and lifecycle dashboard.
  • AISIA Short Form - rapid triage for every AI system before deciding whether deeper assessment is needed.
  • AISIA Long Form - full weighted impact assessment for higher-risk AI systems across data, transparency, security, performance, and oversight.
View individual toolkit

Suggested implementation path

  1. Use Toolkit 1 to score readiness, identify gaps, and prioritise work.
  2. Use Toolkit 5 to turn the gaps into a unified risk register and treatment plan.
  3. Use the combined outputs as the first operational AI governance spine.

Why choose this bundle

This bundle is for organisations that need to move from a readiness snapshot into a working risk method without buying disconnected assets.

Procurement justification

This bundled purchase supports establishment of a foundational AI governance capability by combining organisational readiness assessment with structured AI and security risk-management processes.

The combined materials provide a baseline assessment, prioritised improvement route, unified risk structure and evidence hooks that can help our organisation move from initial governance discovery into repeatable risk treatment and assurance activity.

The materials can be implemented internally by governance, risk, information security, compliance, AI, data and internal audit teams without moving completed evidence into an external system.

This is a one-off digital bundle purchase. The supplier does not require access to our AI systems, prompts, models, datasets, customer data, source code, production environments, internal systems, risk registers or completed readiness and risk evidence to fulfil this purchase.

The purchase is proportionate because the bundle reduces duplicated drafting effort, creates a structured entry point into AI governance and provides a saving against buying the included toolkits separately.

Designed for internal approval and procurement workflows.

Frequently asked questions

Is this suitable before we start a full AI governance programme?

Yes. This bundle is intended as a controlled first step: Toolkit 1 establishes the readiness baseline and Toolkit 5 turns priority gaps into a risk-management method.

Do we need an existing ISO 27001 system?

No. It can be used without an existing certified ISMS, although organisations with existing security governance can use those structures as a foundation.

Does the supplier need access to our AI systems?

No. The materials are downloaded and completed internally. The supplier does not require access to AI systems, data, prompts, models, source code, risk registers or completed evidence.

What file formats are included?

The bundle is delivered as PDF, DOCX, XLSX, PPTX and TXT files, depending on toolkit.

Does this replace consultancy?

It does not replace legal, audit or certification advice. It provides reusable structures that can reduce internal drafting effort and make later assurance or consultancy work more focused.

How should this be implemented?

Start with the readiness assessment, then use the risk system to log priority risks, assign owners, document treatment activity and build the first evidence trail.

Complete indexed PDF remains standalone

Build Once. Comply Twice. is sold separately as a £17.99 inc. VAT complete indexed PDF desk reference. It supports the operating model, but it is not required to purchase or use these bundles.

View bookStart with Toolkit 1