One free assessment. One opinionated framework. One dashboard.

A free web tool that tells an AI Adoption Lead (or executive sponsor, or department champion, or security lead, or compliance counsel) where their organization sits on the AI-governance maturity curve — plus a framework-grounded roadmap pointing at the specific framework sections, workflow steps, and ready-to-use templates that close each gap.

The full framework is built into the platform — browse it under Framework, Workflows, Templates, and Overlays. The assessment is the most useful entry point.

Most companies hire an AI Adoption Lead (or appoint one) without giving them a playbook. The position is usually new; the regulations are usually unfamiliar; the internal stakeholders are usually scattered. Day 1 looks like: read NIST AI RMF, read the EU AI Act, read ISO/IEC 42001, read a stack of cloud-adoption guides and vendor blog posts — and synthesize an actual operating model.

This package is what that synthesis looks like when someone has already done the reading. The assessment is the lightest-weight way for a new AI Lead to figure out which parts of the framework to read first.

• Pick a persona — AI Adoption Lead, Executive Sponsor, Department Champion, Security / Platform Lead, or Compliance / Legal. Questions are filtered to your role.
• Pick applied overlays — EU AI Act, HIPAA, and/or SOX. Each one adds a small set of jurisdiction-specific questions.
• Answer five pillars of questions— Governance Foundation, Lifecycle Discipline, Stack & Identity, Operations, and Compliance & Cost.
• Get a maturity profile — a per-pillar score (0–100) on a 6-level maturity scale, plus a radar visualization. Weakest and strongest pillars surfaced explicitly.
• Get a roadmap — for each gap, a citation to a specific section of framework.md, a step of workflows.md, and a ready-to-use template to address it. Sorted by priority (Priority 1 / Priority 2 / Priority 3).
• Get a shareable result link — bookmark it, send it to your sponsor, return to it later. Results are deleted automatically after a retention period; no account, no email, no tracking.

The framework cites the primary sources directly. The scoring rubric, the risk-tier definitions, the readiness gates, the lifecycle stages, and the overlays are all traceable to:

• NIST AI RMF 1.0 + NIST AI 600-1 GenAI Profile + NIST IR 8596 Cyber AI Profile
• EU AI Act — Regulation (EU) 2024/1689
• ISO/IEC 42001:2023 — AI management system standard
• HIPAA (45 CFR Parts 160 + 164) + HITECH
• Sarbanes-Oxley Act of 2002 + PCAOB AS 2201
• Public cloud-adoption frameworks for AI
• Published agent-design guidance + cross-industry AI Center-of-Excellence practice

Each framework citation in the dashboard links directly to the corresponding section of the platform's built-in framework browser.

Built by Morteza Moradi. Dual purpose: (1) a working portfolio piece for AI-developer roles, and (2) a genuinely useful free tool for any company standing up an AI program.