AI/GenAI Security and Compliance

What we do

By platform: Microsoft 365/Copilot, Google Workspace/Gemini, Azure/OpenAI, Vertex
By compliance: APPs, NDB, ISO 27001—optional ISO 42001 readiness
By maturity: Foundational -> Intermediate -> Advanced rollout focused on highest-risk use cases.
By industry: Retail, finance, public/critical suppliers

AI Governance Starter (4–6 weeks): AI policy + acceptable use, use-case register, PIA templates, roles, metrics
Privacy & Legal Guardrails: PIA workflow, NDB playbooks, contract clauses for AI vendors
Platform Hardening: Tenant baselines, DLP/egress controls, safe-prompting configs, runbooks & training
LLM Security Testing & Red Teaming: OWASP LLM Top 10, jailbreak checks, model/toolchain review
ISO 42001 Readiness: AIMS scope, risk/control mapping, audit support
AI Incident Response: Playbooks, telemetry patterns, tabletop exercises
Content Provenance: C2PA “Content Credentials” and disclosure guidance
Training: Board briefings, secure-AI engineering, end-user do’s & don’ts