Question 1

What does this engagement cost?

Accepted Answer

Engagements typically run $15K to $45K. A focused AI policy and one-time security review of existing deployments is at the lower end. Full governance program with ongoing audit alignment runs higher.

Question 2

What's the timeline?

Accepted Answer

3 to 6 weeks. Week 1 is discovery on your current AI usage, regulatory environment, and risk tolerance. Weeks 2 to 4 are policy drafting and security review. Final week is training rollout and documentation handoff.

Question 3

Who from our team needs to be involved?

Accepted Answer

An executive sponsor, your legal or compliance lead (a few hours during policy drafting), your IT or security lead (interview plus review), and the operators using Claude today (brief interviews so policy reflects reality, not theory).

Question 4

Can this align with frameworks like NIST AI RMF or SOC 2?

Accepted Answer

Yes. We map deliverables to NIST AI Risk Management Framework, SOC 2 Trust Services Criteria, and ISO 42001 where relevant. The documentation is built to feed directly into your existing audit work.

Question 5

Do you replace our existing legal counsel?

Accepted Answer

No. We work alongside your counsel and produce documentation they can review and ratify. Our role is operational and technical risk; legal review of final policy stays with your counsel.

Question 6

What happens after the engagement?

Accepted Answer

You own the policy and documentation. Most clients move to a quarterly review cadence under the Ongoing Partnership retainer to keep policy current as the AI landscape changes.

AI Security & Governance

What we deliver

Who this is for

What success looks like

Common questions

Ready to get started?