NLEN
Home Knowledge Base ISO 27001 NIS2 DORA ISO 42001 ISO 27701 GDPR Web Pentest AI & LLM Security AI Governance GRC Platform About Careers Contact vCISO Netherlands DPO-as-a-service NIS2 Healthcare NEN 7510 Healthcare NIS2 Manufacturing NIS2 Accounting Case Studies ISO 27001 Pillar NIS2 Pillar DORA Pillar vs IRM360 vs Vanta vs Drata
Home AI Governance & Compliance

AI Governance Consultant

EU AI Act status (April 2026): the regulation applies in phases. Full applicability lands on 2 August 2026; for high-risk embedded systems the deadline is extended to 2 August 2027. ISO 42001 certification provides documented evidence of compliance.

AI governance guide: AI without governance is like driving without brakes — things go well until they don't. The EU AI Act categorises AI systems by risk and sets obligations from August 2026 for high-risk applications. We help you make AI governance concrete: risk classification per AI system, bias audits, transparency documentation and an AI policy that works in practice. Based on ISO 42001 and the NIST AI Risk Management Framework.

AI governance policy

Why AI Governance Now?

AI systems increasingly make decisions that affect people — in HR, credit lending, healthcare, enforcement and marketing. Without governance, organisations risk discriminatory outcomes, reputational damage, legal liability and non-compliance with rapidly evolving regulation.

The EU AI Act, NIST AI RMF and ISO 42001 each provide a framework. We help you choose and implement the right combination — tailored to your AI portfolio and risk appetite.

Framework Implementation

We align your AI operations with leading governance standards:
  • EU AI Act: The EU AI Act classifies AI systems by risk level. High-risk AI (HR, credit scoring, biometrics, critical infrastructure) requires mandatory conformity assessments, registration in the EU database and continuous monitoring. Prohibited AI practices (manipulative systems, social scoring) must be identified and ceased.
  • NIST AI Risk Management Framework (AI RMF): The NIST AI RMF provides four core functions — Govern, Map, Measure and Manage — for systematically managing AI risks across the full lifecycle of AI systems.
  • ISO 42001: The international standard for AI Management Systems, which embeds governance, accountability and continuous improvement in your organisation. More about ISO 42001 →

Bias & Fairness Audits

Algorithmic bias is a growing legal and reputational risk. Models trained on historical data reproduce and amplify historical inequalities — with potentially discriminatory outcomes for protected groups. We conduct bias audits on your models and data:
    Identification of proxy variables representing protected characteristics Measurement of demographic parity, equalised odds and other fairness metrics Concrete recommendations for fairness interventions in data, modelling or post-processing

Policy Development

Internal AI governance begins with clear policy. We develop:
  • Acceptable Use Policy for AI: What can and cannot be done with AI tools and systems within your organisation?
  • Data Privacy Policy for AI: What data may be input to external LLMs? How is training data selected and managed?
  • Model Transparency Policy: How are AI decisions explained to users and affected individuals?
  • Human Oversight Protocol: When is human review mandatory for AI-driven decisions?

Risk Inventory

Before governance can be put in place, you need to know what you have in house. We catalogue and classify all AI assets in your organisation:
    Inventory of all AI systems, tools and models (internally developed and SaaS) Classification based on EU AI Act risk levels Impact assessment per system: what decisions does it make, who are affected by outcomes? Prioritisation of governance efforts based on risk and impact

Relevant Frameworks

  • EU AI Act (2024/2026)
  • NIST AI RMF (2023)
  • ISO 42001:2023
  • ALTAI (AI Ethics, EU)
  • OECD AI Principles

EU AI Act Risk Levels

  • 🔴 Unacceptable — Prohibited
  • 🟠 High risk — Heavily regulated
  • 🟡 Limited risk — Transparency
    • 🟢 Minimal risk — No requirements

Related Services

AI Governance Assessment?

We inventory your AI systems and assess your position relative to the EU AI Act and NIST AI RMF.

Free Consultation

AI Governance properly organised?

Book a call about your AI governance framework. We inventory your AI assets, assess your EU AI Act risks and build the governance structure that protects your organisation.

Free Consultation

Knowledge Base: AI Governance