Our Method

A five-step framework to get you compliant and keep you there

Built on regulatory experience and practical implementation — not theory. Each step builds on the last, so nothing gets missed.

Start with a free call

The five steps

From inventory to auditable governance

Each step produces a concrete output you can use, share with auditors, or build on in the next phase.

1

Inventory & Classification

We map every AI system in use across your business and classify each one under the EU AI Act's risk tiers — unacceptable, high, limited, or minimal risk. This forms the foundation everything else is built on.

Output: AI system register with risk classification
2

Gap Analysis

We assess your current state against the Act's requirements for each risk tier — documentation, human oversight, data governance, transparency, and more. Every gap is scored by severity and compliance deadline.

Output: Gap report with severity scoring
3

Documentation Build

We create or update the technical documentation, conformity records, and governance policies required for your high-risk systems. We write it in plain language so your team can maintain it going forward.

Output: Compliant technical documentation pack
4

Controls & Oversight

We design and implement the human oversight processes, monitoring controls, and incident response procedures your systems require. Everything is proportionate to your actual risk level — no unnecessary overhead.

Output: Oversight framework and control procedures
5

Verify & Maintain

We run a final verification pass against the Act's requirements and set up a lightweight ongoing review process so you stay compliant as your AI use evolves and the regulatory landscape develops.

Output: Compliance sign-off and maintenance schedule

Why it works

Built on real regulatory experience

This isn't a generic compliance checklist. It's a method built specifically for the EU AI Act, tested against real business AI estates.

100%

Of clients who complete all five steps have a fully documented, audit-ready compliance position

5–8 wks

Typical end-to-end timeline from initial scan to compliance sign-off for most SMEs

Aug 2026

High-risk AI system obligations become enforceable — the deadline is closer than most businesses realise

Ready to start?

Book a free 30-minute call and we'll tell you exactly where you are in the journey and what the right first step looks like for your business.

Book a free readiness call