Someone should check the AI before it ships.
Built an AI tool or agent? I run an independent assurance review and hand you a report you can keep — and share with your own clients as evidence you did the work. Risk classification, control gaps, and adversarial testing, in plain language.
A report, not a verdict from a black box.
Risk classification
Your system placed against the EU AI Act — Prohibited, High, Limited or Minimal — with the reasoning written out, not asserted.
Control review
Mapped across NIST AI RMF, ISO/IEC 42001 and the EU AI Act at once, so one piece of evidence answers three frameworks.
Adversarial testing
Prompt injection, jailbreak, PII leakage, bias, hallucination and oversight — probed and scored, not assumed.
Gap analysis
A prioritised remediation list with residual-risk ratings. What to fix first, and what can wait.
A shareable report
A branded assurance report you keep and can hand to your own customers as evidence of due diligence.
A re-test
After you fix the gaps, I run it again and confirm they're closed. Done means done.
Four moves.
Intake & classify
Scope the system and place its EU AI Act risk tier.
Crosswalk
Review controls across all three frameworks; find the gaps.
Red-team
Run adversarial probes against the live system and score them.
Report
Everything in one signed-off deliverable you keep.
The report you keep.
Risk tier, a control heatmap across the three frameworks, every open gap with the evidence needed to close it, and the red-team results — in one branded document. Yours to share.
A live sample is available on request. Real reports are confidential to the client.
Shipping an AI product?
Let's make sure it holds up before your customers ask the hard questions. Independent review, a report you keep, no theatre.
Request an audit