AI Governance
AI Governance for Businesses That Already Use AI
Your team uses AI to sell, to deliver, and to run the operation. ISO 42001 is the framework that makes that responsible, repeatable, and commercially defensible.
Your Biggest Enabler Could Be Your Biggest Showstopper
Businesses adopt AI for one reason: to do more business, or to do better business for their customers, their people, and their partners. Every AI tool, every automation, every model exists to serve that commercial purpose. And for most businesses, it is working. AI is already making teams faster, sharper, and more capable than they were twelve months ago.
So consider this: the technology delivering those gains is, in most businesses, completely ungoverned. No policy. No risk assessment. No documentation. No controls. No visibility at board level.
That means the single biggest enabler in your business could also be its single biggest showstopper. Not because AI is dangerous, but because ungoverned AI accumulates risk invisibly. And when that risk surfaces, whether through a client question, a regulatory enquiry, a data incident, or a failed investment, the commercial impact is immediate.
An AI Management System is the infrastructure that makes AI adoption sustainable, defensible, and commercially sound. It is the difference between AI that accelerates your business and AI that quietly builds a problem you cannot see until it is too late.
ISO/IEC 42001 is the international standard for that infrastructure.
AI Governance Is Broader Than You Think
Most consultants treat ISO 42001 as though it only applies to businesses that build AI products. That misses the point entirely. If your business uses AI in any of these three ways, governance applies to you.
AI Products
Software, platforms, or services where AI is a core component of what you sell to customers.
AI-Assisted Delivery
Using AI tools in the work you do for clients: content generation, analysis, recommendations, reporting.
AI-Enabled Operations
Internal use of AI in sales, recruitment, finance, customer service, or decision-making.
This three-scope view is the foundation of how I work. Your AIMS (AI Management System) needs to cover every way AI touches your business, not just the obvious ones.
How It Works
Readiness Assessment
A structured conversation that maps your AI usage across all three scopes, assesses your current governance posture, and identifies the gaps between where you are and where the standard says you need to be.
Written Report
Within a week, you receive a clear, evidence-based report: your AI inventory, governance snapshot, the key risk areas identified, and practical recommendations for what to do next.
Your Decision
With a clear picture in hand, you decide the right path for your business. Some organisations will want to move toward formal ISO 42001 certification. Others will want practical governance without the certification process. Either way, you now know exactly where you stand.
For organisations that choose to pursue full implementation or certification, I can support the next stages directly or work alongside specialist certification partners, depending on what your situation requires.
Why Work With Me
I am building this practice from the ground up with the standard as the foundation. That is a deliberate choice, and it is the reason I can offer something different.
ISO/IEC 42001 Foundation certified (UKAS-accredited, verified). Currently building practical implementation experience and working toward formal implementer certification.
23 years in commercial leadership, including regulated environments. I have built, led, and restructured commercial functions at board level, including in financial services. That experience taught me the difference between governance that enables safe commercial growth and governance that becomes an obstacle to it.
Navigated real operational failures. Even in businesses where diligence, risk management, and safety are part of the DNA, things go wrong. I have steered through the commercial consequences and know what governance needs to look like to survive contact with reality.
The natural path from sales transformation to AI governance. My core work is commercial transformation for UK SMEs. That work now inevitably leads to AI and automation. Businesses that jump straight into building or buying AI tools without an AI Management System in place risk failed investments at best and something much more severe at worst. Governance is what makes AI adoption safe and sustainable.
ISO/IEC 42001 Foundation certified, UKAS-accredited
You are not getting an academic with a checklist. You are getting someone who has seen the commercial value of strong governance first-hand, and who has helped pick up the pieces when reality tested what felt like good governance to breaking point. That experience shapes how I approach AI governance: it has to work in the real world, not just on paper.
Introductory Engagement
The best way to understand what ISO 42001 means for your business is to see it applied to your actual situation. That is what the Readiness Assessment does.
AI Governance Readiness Assessment
- 90-minute structured session that maps your AI usage, assesses your governance posture against ISO 42001, and identifies the gaps
- Written report delivered within a week: AI inventory, governance snapshot, key risk areas, and practical recommendations
- No commitment to certification, no obligation to go further. Just clarity on where you stand and what the standard would require
I am currently offering a limited number of complimentary assessments as I build this practice area. Get in touch to find out if a free session is still available.
Start with a conversation
If AI is already part of how your business operates, governance is not optional. A conversation is the first step to understanding where you stand.