Many companies are already using AI in their first pilot projects or in production applications – for example, in customer service, sales, knowledge management, document processing, or internal analysis processes. At the same time, requirements for transparency, risk assessment, documentation, and accountability are increasing. Companies need to know which AI applications are in use, what data is being processed, who is responsible, and which requirements under the EU AI Act, GDPR, or information security regulations must be taken into account.
Our client is already using various AI applications in specific departments: employees are testing public AI tools, and the first internal assistants are helping with research and documentation; additional use cases for sales, service, and knowledge management are planned. At the same time, questions are arising among management, IT, data protection, and compliance teams:
Which AI applications are actually in use? What risks does this entail? Which applications need to be approved or documented? And how can requirements from the EU AI Act, GDPR, and information security be implemented in a pragmatic way? We had to create a clear governance framework that ensures transparency regarding AI usage, assesses risks in a structured way, and enables the controlled rollout of additional AI applications.
Liquam has developed a modular AI compliance suite that helps companies establish and operate their AI governance frameworks.
The AI Governance Cockpit is at the heart of the system. It serves as a central repository for AI use cases and documents, among other things, areas of application, responsibilities, data sources, risk assessments, approval status, and actions taken. In addition, audit trails, model cards, and reports can be used to document AI usage.
The second component is regulatory intelligence. It provides regular updates, well-maintained templates, and practical guidance on relevant regulations such as the EU AI Act, the GDPR, BSI recommendations, ISO 42001, and internal AI guidelines. This allows companies to remain operational without having to build their own regulatory monitoring systems from the ground up.
The Expert Network complements the software and content with expert guidance. During consultation sessions, quarterly business reviews, and annual maturity assessments, specific questions regarding AI use cases, risk assessments, approval processes, and governance structures are discussed.
Optionally, the solution can be expanded to include an Executive Partnership. Under this arrangement, senior management receives regular briefings on the market, regulatory developments, platform usage, and specific opportunities for new AI applications.
Do you see any parallels to your challenges? Let’s discuss what a pragmatic AI governance framework might look like for your company.
