EU AI Act
74%
18 ready6 open1 overdue
Art. 12 logging gap — hiring system
NIST AI RMF
61%
29 ready18 open
Measure function at 40% — monitoring gaps
ISO 42001
48%
22 ready24 open
Clause 9 performance evaluation not started
SQF AI Addendum
91%
11 ready1 open
QMS integration complete — audit ready
AI Tool Inventory
34
Total tools
3
High risk
8
Limited risk
23
Minimal risk
2 tools pending assessment
Policy Acknowledgments
AI Use Policy88%
Data Handling95%
Vendor Approval72%
Incident Response61%
AI Ethics44%
Vendor Risk
OpenAI82Low
Salesforce Einstein77Low
HireVue48Med
VendorX AI31High
UiPath69Low
Open Audit Items
Article 12 — Automatic logging not configured on HireVue system
EU AI Act · High-risk hiring AI requires automatic logging
Overdue 5d
6 employees overdue on AI Ethics Guidelines acknowledgment
EU AI Act · Operations team — follow up with managers
Due May 20
VendorX AI — vendor risk assessment required
EU AI Act · Deployed 34 days without formal assessment
Due May 24
Measure function gap analysis — monitoring and testing protocols
NIST AI RMF · Quarterly review item
Due May 31
Clause 9 — Performance evaluation process not yet established
ISO 42001 · Required for certification pathway
Due Jun 16
Overall Posture
Ready68%
In progress21%
Open/overdue11%
Personnel
47
Trained
6
Non-compliant
6 employees overdue on AI Ethics Guidelines acknowledgment
