GLACIS logo GLACIS
Colorado AI Act Jun 30, 2026 | EU AI Act Aug 2, 2026 | California ADMT 2026
Verification Baseline

Know what you can prove before the deadline hits

A structured assessment of your AI governance and verification posture against ISO 42001 and NIST AI RMF, delivered through our platform in 3–4 weeks. Not a PDF. A clear baseline your compliance lead, GC, or procurement team can use immediately.

Book a governance assessment

What you get

Structured output, not a stack of slides

ISO 42001 Coverage

All Annex A reference controls mapped, scored, and documented across every domain.

NIST AI RMF Crosswalk

Full function mapping—Govern, Map, Measure, Manage—with gap identification.

Regulatory Timeline

Colorado AI Act, EU AI Act, HIPAA—mapped to your specific exposure.

Gap Analysis

Prioritized remediation roadmap with effort estimates and risk ratings.

Platform-Delivered

Results live in the GLACIS platform. Filter, export, share. Not a static PDF.

Standards-Based Output

Structured data that integrates with your existing governance tools.

Who this is for

Built for teams navigating AI governance

Organizations figuring out their AI governance posture—and needing a structured starting point.

Compliance officers preparing for regulatory deadlines with limited internal AI expertise.

AI governance committees needing a defensible baseline to present to leadership and the board.

Health systems evaluating AI vendor compliance and managing third-party model risk.

Engagement details

Scoped to deliver, not to drag

$20–40K

Typical engagement, scoped to your AI footprint and regulatory exposure.

2–4 Weeks

From kickoff to delivered results in the GLACIS platform.

Assess + Subscribe

Can be structured as initial assessment plus annual platform subscription.

Regulatory exposure

These are current liabilities

These are not future risks. They are current liabilities accumulating daily.

Colorado AI Act June 30, 2026
EU AI Act August 2, 2026
Book a governance assessment

Common questions

What to expect

Who needs to be involved from our side?
Typically your CISO, compliance lead, and one technical lead who understands your AI deployment architecture. We handle the heavy lifting.
How is this different from a consulting engagement?
We deliver through our platform, not as a PDF. Your results are structured, searchable, and exportable. When you’re ready for continuous compliance, the data is already there.
Do we need to be pursuing ISO 42001 certification?
No. The assessment benchmarks against ISO 42001 as a framework, but many organizations use it to understand their posture without pursuing formal certification.
What happens after the assessment?
You get a prioritized remediation roadmap. Many clients transition to our Compliance Platform for ongoing governance. But there’s no obligation—the assessment stands alone.
Can this be structured as an annual engagement?
Yes. Many clients pair the initial assessment with an annual platform subscription for continuous monitoring.
Book a governance assessment

More from GLACIS

From baseline to continuous verification

Compliance Platform

Continuous AI governance

Turn your baseline into ongoing governance with runtime receipts, framework mapping, and standards-based export.

Request a demo

Zero-Egress Deployment

Ship AI without the risk

Generate those receipts at the boundary with a zero-egress sidecar that keeps plaintext data in your environment.

Talk to us