For Any Business Adopting AI

Your new AI tools could be your biggest compliance gap.

Your team is already using ChatGPT, Copilot, and AI scribes. This pack is the governance almost no one has yet — the AI use policy, risk assessment, and vendor checklist that keep AI adoption from leaking data or failing an audit. Built on NIST AI RMF and the OWASP LLM Top 10.

NIST AI RMF OWASP LLM Top 10 SecAI+ author
$147 one-time
Instant download · no subscription
  • AI Acceptable Use & Governance Policy
  • AI Tool Risk Assessment + Register
  • AI Vendor / LLM Due-Diligence Questionnaire
  • Employee AI Use Acknowledgment + Quick-Ref
  • AI Incident & Misuse Response addendum
Get Instant Access →

Secure checkout via Stripe · Questions? sanchez@ironsentinelhq.com

Govern AI before it governs you.

Five documents that turn "everyone's using ChatGPT" into a controlled, defensible program — mapped to the frameworks regulators and customers now ask about.

AI Acceptable Use & Governance Policy

Approved tools, the no-sensitive-data rule, human-in-the-loop, and prohibited uses.

NIST AI RMF: Govern

AI Tool Risk Assessment + Register

Score each AI tool's data, vendor, and model risk before you approve it.

Map / Measure

Vendor / LLM Due-Diligence Questionnaire

The 10 questions to ask any AI vendor — training opt-out, retention, sub-processors, DPA/BAA.

Vendor risk

Employee AI Use Acknowledgment + Quick-Ref

A signed sign-off and a pin-up do/don't card your whole team will actually read.

Workforce

AI Incident & Misuse Response

Data leakage, prompt injection, agent overreach — what to do, mapped to OWASP LLM risks.

OWASP LLM

Framework-aligned throughout

Every document references NIST AI RMF and the OWASP Top 10 for LLM Applications.

Defensible

Every company has AI. Almost none have AI governance.

Doing nothing

Shadow AI

Staff paste customer data into public chatbots, no policy, no record. One leak or one questionnaire and it's a problem.

AI Governance Pack

$147

A written, framework-aligned AI program your team, customers, and auditors can see — in an afternoon.

AI-security expertise, not a generic template.

CompTIA SecAI+NIST AI RMFOWASP LLM Top 10NIST SP 800-53Security+ / CySA+

Pursuing SOC 2 or HIPAA too?

Bundle AI governance with the Full Compliance Kit — 12 governance templates covering policies, backup, access, training, and more.

$247 full kit
Get the Full Kit →

Before you buy

We're small — do we really need an AI policy?

Yes. The moment one employee pastes customer data into a public chatbot, you have exposure. A one-page policy + acknowledgment prevents the most common AI data leaks.

What's NIST AI RMF / OWASP LLM Top 10?

The leading frameworks for AI risk and LLM security. Aligning to them makes your program credible to customers, insurers, and auditors.

Does this replace SOC 2 or HIPAA?

No — it complements them. AI governance is increasingly part of those audits and customer questionnaires.

Need help rolling it out?

Book a free AI Security Snapshot from our home page, or ask about a vCISO retainer with AI governance included.