GOVERNANCE ROADMAP
What the first 90 days of AI Governance looks like
A governance deployment roadmap built on AEVA โ designed to move an enterprise from AI governance gap to structured, board-visible governance in 90 days without disrupting delivery.
This plan adapts per engagement. Structure is consistent. Specifics change based on your organisation's AI maturity, industry, and risk profile.
๐DAYS 1-30
Discovery and Inventory
Objectives
- - Map every AI tool currently in use โ sanctioned and unsanctioned
- - Conduct stakeholder interviews across 3 levels: C-suite, team leads, individual contributors
- - Assess current AI policy (if any) against actual usage patterns
- - Identify top 3 Shadow AI risk areas
- - Establish baseline metrics: number of tools, risk tier distribution, governance overhead per team
Key Deliverable
AI Governance Baseline Report โ one document, board-ready, showing current state and top risks
โ๏ธDAYS 31-60
Governance Layer Implementation
Objectives
- - Deploy AEVA Agile Governance Layer into existing sprint ceremonies
- - Launch AI tool registry and declaration process
- - Draft and socialise AI usage policy โ fast lane and standard lane
- - Implement AI Risk Review in retrospectives across all active teams
- - Build first version of AI Governance Dashboard
Key Deliverable
AI Governance Framework v1 โ policy document, tool registry, dashboard, ceremony integration guide
๐DAYS 61-90
Scaling and Board Reporting
Objectives
- - Scale governance framework to all departments
- - Produce first board-level AI Governance Report
- - Identify and close remaining Shadow AI gaps from Phase 1
- - Connect AI tool usage data to regulatory requirements
- - Define ongoing governance cadence โ quarterly reviews, annual policy refresh
Key Deliverable
AI Governance Board Report โ one page, showing risk exposure, mitigation actions, and forward governance plan
Take this plan into your next leadership conversation