A structured 26-control program framework for risk management teams and compliance officers. Generates the policies, evidence packages, and audit narratives independent reviewers require — with a five-level maturity model at every control.
Stop building from blank documents. Start from production-ready, AI-personalized artifacts.
Every control generates six tailored artifacts: governance policy, SOP, implementation checklist, log template, evidence package, and audit narrative — each customized to your organization.
A structured AI-guided dialogue — not a static form — draws out the specifics of your environment, probes material gaps when they surface, and iteratively builds artifacts grounded in how your organization actually operates.
Four structured courses covering the full framework. Assign to employees, track completion, and generate training records for your audit file.
Track progress across all 26 controls with a five-level maturity model. Dashboard view shows where you stand and where to prioritize next.
One-click executive program assessment: overall maturity score, domain breakdown table, top 5 priority gaps, and a board-ready narrative summary across your entire program.
Single-click download of all completed artifacts organized by control, with a program cover narrative identifying the organization, framework alignment, and artifact inventory — formatted for delivery to auditors, regulators, legal counsel, or other interested parties.
When your answers reveal a material governance failure — no policy, shadow AI use, no incident process — the AI probes the depth of the gap before moving on, surfacing the real risk exposure rather than accepting a surface answer.
Every control is mapped across six frameworks: NIST AI RMF 1.0, ISO 42001:2023, EU AI Act, SOC 2, NIST CSF, and NIST 800-53. Surfaced inline during each control interview and downloadable as a standalone reference workbook.
Your compliance content is stored exclusively in your browser's local database — never transmitted to Automate48 servers. Full workspace export and import for backups.
26 controls across four NIST AI RMF domains. Each control generates six audit-ready artifacts, customized to your organization, with crosswalk references across six frameworks.
| Control | Govern | Map | Measure | Manage |
|---|---|---|---|---|
| G-01AI Governance Policy | ✓ | |||
| G-02Roles and Responsibilities | ✓ | |||
| G-03Ethics and Acceptable Use | ✓ | |||
| G-04Vendor Management | ✓ | |||
| G-05Regulatory Compliance | ✓ | |||
| G-06Training and Awareness | ✓ | |||
| M-01Use Case Inventory | ✓ | |||
| M-02Risk Classification | ✓ | |||
| M-03Data Classification for AI | ✓ | |||
| M-04Impact Assessment | ✓ | |||
| ME-01Output Validation | ✓ | |||
| ME-02Monitoring and Alerting | ✓ | |||
| ME-03Bias and Fairness Testing | ✓ | |||
| ME-04Performance Review | ✓ | |||
| ME-05Human Oversight | ✓ | |||
| ME-06Explainability and Transparency | ✓ | |||
| ME-07Trustworthiness Assessment | ✓ | |||
| MA-01Risk Treatment Planning | ✓ | |||
| MA-02Change Management for AI | ✓ | |||
| MA-03Access Controls for AI | ✓ | |||
| MA-04Incident Response for AI | ✓ | |||
| MA-05Vendor Oversight | ✓ | |||
| MA-06Third-Party Assessment | ✓ | |||
| MA-07Continuity and Shutdown Controls | ✓ | |||
| MA-08Continuous Improvement Review | ✓ | |||
| MA-09Agentic AI Controls | ✓ |
Each artifact is generated through a guided AI conversation and tailored to your organization, industry, and AI use cases.
One license per company. Cancel anytime.
Need a custom arrangement for a larger organization or reseller program? Contact us.