How Mature Is Your AI Governance?
This scorecard helps you evaluate where your organization stands in terms of AI adoption and governance. Each dimension represents a critical area that determines whether AI will create value or risk for your business.
1. AI Usage Visibility
Do you know what AI is being used?
Level 1: Unaware
No inventory of AI tools. Shadow AI is widespread and untracked.
Level 2: Emerging
Some awareness of AI usage. Partial inventory exists.
Level 3: Managed
Complete inventory of approved tools. Clear usage tracking.
2. Policy & Guidelines
Are there clear rules for AI use?
Level 1: None
No AI policy exists. Staff make individual decisions.
Level 2: Basic
Informal guidelines exist. Not consistently applied.
Level 3: Comprehensive
Formal AI policy covering usage, data handling, and accountability.
3. Data Protection
Is sensitive data protected?
Level 1: At Risk
No data classification. Sensitive data may be shared with AI tools.
Level 2: Partial
Some data rules exist but not systematically enforced.
Level 3: Protected
Clear data classification. nFADP/GDPR compliant processes.
4. Regulatory Alignment
Are you compliant?
Level 1: Unaware
No knowledge of applicable regulations (FINMA, EU AI Act, nFADP).
Level 2: Aware
Regulations identified but compliance not verified.
Level 3: Compliant
Documented compliance with all applicable regulations.
5. Measured Outcomes
Can you prove AI value?
Level 1: Unmeasured
No metrics for AI impact. Value is assumed, not proven.
Level 2: Anecdotal
Some success stories but no systematic measurement.
Level 3: Documented
Clear KPIs. ROI documented. Continuous improvement tracked.