GovReady

Do you know how your company uses AI?

We'll find out for you. We identify risks, set up governance, and prepare you for the AI Act — before the auditor asks.

Free AI risk checkI want an assessment
govready.app · Case #24-118

Maturity score

28/ 45
Emerging

Critical domains

GOV
72%
INV
45%
DAT
58%
SEC
81%
USE
36%
80 controlsLive

Transparency deadline

December 2, 2026

Max fine

€35M / 7%

Companies not ready

64%

Most companies can't answer basic questions about AI

01

How many people in your company use AI tools every week?

02

If an auditor asked you tomorrow 'which AI systems do you use and how do you control them' — could you answer within 10 minutes?

03

Do you have someone formally accountable for AI decisions and AI incidents?

If you hesitated on any of these, you're not alone. 64% of EU companies are in the same position.

How we help

Three connected services — from initial audit to ongoing governance program.

Maturity28 / 45
GOVINVDATSECUSE

AI Governance Assessment

We walk the entire organization — 10 domains, 80 controls, evidence-based review. Get maturity scoring and a clear roadmap.

About assessments

Level 2 · Valid

GovReady AI Governance

sha256:4e3f…b2c1

Readiness Statement

A document you can present to your board, investor, or auditor. Issued by GovReady (Sarnecky & Co.).

About certification readiness
Live monitoring24/7

Copilot · DPA update

Review required

12 tools tracked3 alerts →

Monitoring AI tools

We keep your governance current — AI-BOM monitoring, tool status alerts and reassessment.

About monitoring AI tools

How it works

Four steps from the first question to a finished report.

  1. 1
    5 min

    AI risk check

    5-minute online test. Instantly see where you stand — free.

  2. 2
    45 min

    Scoping Call

    45 minutes with an expert. We define scope, stakeholders, timeline.

  3. 3
    2–6 weeks

    Assessment

    2–6 weeks of evidence review across 10 domains.

  4. 4
    Immediate

    Output

    Report with maturity scoring, findings, roadmap and path to a Readiness Statement (certification readiness).

AI Tool Intelligence

We know the AI tools you use

A curated database of AI services with ready-made compliance profiles. Connect them to your AI-BOM and get alerts whenever a vendor changes anything — DPA, sub-processor, data residency, security incident.

OpenAI
Microsoft
Anthropic
Google
Meta
Mistral
Midjourney
Notion
Perplexity
Stability AI
Hugging Face
GitHub

50+ AI tools tracked

Updated weekly

How the AI tool intelligence works
Free · No sign-up · Open API

Use GovReady inside Claude and ChatGPT — for free

We built the GovReady Companion so anyone can navigate the EU AI Act, check AI tool risk and run a quick governance maturity audit — directly inside the AI assistant they already use. No account, no plan, no friction.

GovReady Companion in ChatGPT

Public Custom GPT · ChatGPT Plus, Pro, Team

Open the public GovReady AI Governance Companion GPT. Ask it to classify a use case, look up an Article or run the 12-question audit. Works on any ChatGPT plan that supports custom GPTs.

  • EU AI Act navigator with citations to EUR-Lex
  • AI tool risk checker with vendor due-diligence questions
  • 12-question governance audit with optional PDF report
Open the GPTHow to use it

GovReady Companion in Claude

MCP server · Claude Desktop · Cursor · CLI

Add the GovReady Companion as an MCP server in Claude Desktop, Cursor or any MCP-aware client. The same toolset, fully native to your assistant, available offline-style as part of your normal chat.

  • Streamable HTTP MCP — one snippet, ready in 60 seconds
  • mcp-remote bridge for older clients also documented
  • Same OpenAPI surface usable as a plain REST API
Install in ClaudeOpenAPI spec

Built by GovReady. Open data, EUR-Lex citations, no conversation logging — just the same governance know-how, available where your team already works.

Visit companion.governanceready.com
The platform

One platform, every AI control

From the first finding through continuous AI tool monitoring to certification readiness with a verifiable Readiness Statement — all in one place.

01

Case Workspace

Evidence, findings, severity and roadmap across 10 domains — in real time for your team and your client.

govready.app · Case Workspace

Active case

ACME Corp · Core AI governance

In review
HighGOV-03Board-approved AI Risk Register missing
MediumDAT-07Data lineage not documented for Copilot
HighUSE-02Acceptable-use policy missing in Slovak
LowSEC-11MFA not enforced on admin console
12 findings · 80 controlsOpen all

02

AI Tool Intelligence

A curated database of AI tools wired to your AI-BOM. Vendor changes → alerts for you.

govready.app · AI Tool Inventory

AI Bill of Materials

ACME Corp · 12 tools

+ Add tool
ToolRiskStatus

Microsoft Copilot

Microsoft

MediumApproved

ChatGPT Enterprise

OpenAI

MediumApproved

Claude

Anthropic

LowApproved

Midjourney

Midjourney Inc.

HighReview

Notion AI

Notion Labs

LowApproved
3 new alertsView alerts

03

Public Verify

Readiness Statements with cryptographic hash and public URL. Partners verify in 2 seconds.

verify.governanceready.com

Public Readiness Statement

GovReady AI Governance · Level 2

Issued to: ACME Corp

Issued

2026-02-14

Expires

2027-02-14

Verification hash

sha256:4e3f…b2c1a9 · verified

Validgr.link/acme-24

Who GovReady is for

We serve companies that must deal with AI governance — regardless of size.

Fintech and insurance

Regulated players with strict requirements for data, audit trail and vendor control.

Shared Service Centres

Mid-size organizations with fast Copilot and Microsoft 365 AI rollouts.

Companies before M&A or investment

Due diligence on AI usage is now a common deal item — GovReady delivers a standardized output.

Every company with Copilot or ChatGPT

If your employees use AI, you need governance. Full stop.

Framework: 10 domains, 80 controls

Our proprietary framework maps the AI Act, ISO 42001 and NIST AI RMF into concrete, auditable controls.

10
domains
5
critical for readiness
80
controls in total
~38
mandatory
View full frameworkRun the risk check
GOV

Governance & Accountability

INV

AI Inventory & Visibility

DAT

Data Governance for AI

SEC

Security & Access Control

USE

Responsible Use & Human Oversight

RSK

AI Risk Management

VEN

Vendor & Third-Party AI

TRN

Training & Awareness

INC

Incident Response for AI

DOC

Documentation & Evidence

Indicative pricing

Project pricing for assessments. Monitoring AI tools is billed monthly. We prepare a tailored quote based on scope.

Baseline

On request

indicative · tailored quote

2–3 weeks

First clear picture — AI inventory, top-line gap analysis, baseline report. Ideal as a first step.

Book a call
Most popular

Standard

On request

indicative · tailored quote

4–6 weeks

Full assessment of all 10 domains and 80 controls. Maturity scoring, findings, roadmap and Readiness Statement.

Book a call

Enterprise

On request

indicative · tailored quote

8–12 weeks

Extended scope for large companies, multiple stakeholders, complex AI stacks and regulated environments.

Book a call

These are indicative minimum prices. The final amount depends on company size, scope and specific needs. We will prepare a precise quote after a short scoping call.

Monitoring AI tools

Ongoing monitoring, AI-BOM updates, tool alerts, quarterly reassessment and priority support.

€229 / month

from €150 / month

indicative · tailored quote

Detailed pricing

Why act now

Transparency & watermarking duties for AI-generated content (Art. 50) now apply from 2 December 2026 — moved from 2 August 2026, with a 4-month grace period for systems already on the market. By then your governance program must be running and documented.

December 2, 2026

days until 2 December 2026 (transparency & watermarking)

AI Act vs. GDPR — financial exposure

AI Act€35M or 7% of global turnover
GDPR€20M or 4% of global turnover

AI Act fines exceed GDPR. They also cover general-purpose AI models and their deployers.

A governance program usually takes 6–12 months to implement. If you haven't started, start now.

Timeline update: the transparency & watermarking obligations (Art. 50) are now confirmed for 2 December 2026 — moved from 2 August 2026, with a 4-month grace period for systems already on the market. High-risk (Annex III) obligations are being postponed further — expected 2 December 2027 under the Digital Omnibus, pending formal EU adoption.

Frequently asked questions

The answers we give most often on scoping calls.

How do you differ from ISO 42001?
ISO 42001 is a comprehensive long-running management system (typically 12+ months of implementation, audit 3× more expensive). GovReady is the accelerated practical version — focused on the AI Act and real risks, delivered in weeks. We see it as complementary: GovReady gets you ready, ISO 42001 formally certifies you later.
Is this an accredited certification?
No — GovReady is not a certification authority. The Readiness Statement is a structured attestation issued by GovReady. It is not an accredited ISO certificate; it is structured evidence of certification readiness for board, investors, RFPs and AI Act compliance.
How much of our time will it take?
For a Tier 2 Standard assessment, typically 2–4 hours per week on the client side over 4–6 weeks — workshops, evidence uploads, reviews. The work is spread out.
What if we have no governance documentation?
That's common. The assessment identifies gaps and drafts templates (AUP, policies, incident playbook). The monitoring AI tools helps you keep documents current.
We're a smaller team — is this relevant for us?
Yes, if you use Copilot, ChatGPT Business, Claude or any AI SaaS tool. The AI Act applies to deployers, not just developers. We offer a Baseline tier for companies that want a first overview without a big investment.
Do you work outside Slovakia / CZ?
Yes. We work across the EU. Languages: Slovak, Czech, English. The framework applies across EU jurisdictions.
What happens to our data during the assessment?
Evidence is stored in our governance platform hosted in the EU (Frankfurt). Before sharing sensitive information we sign an NDA. We never use client data for AI training.
Can we start just with a free AI risk check?
Yes — the free 15-question risk check gives you a first scoring in 5 minutes, shows the AI Act fines you are exposed to and highlights your most critical gaps. You can use the result internally to pitch the governance project.
What if we're in M&A or due diligence?
An assessment and Readiness Statement are often directly requested by the buyer or investor. We can accelerate the timeline for due diligence.
Do you work with an in-house legal team?
Yes. We work with your in-house lawyer or external counsel. We don't issue legal opinions — we deliver structured compliance material that legal teams can use.

Free AI risk check

5 minutes · 15 questions · instant risk score

Start the risk check
GovReady — AI Governance for the EU AI Act (SME & mid-market)