Can you support audits, buyer questionnaires, and regulator questions?

Yes. We prepare evidence packs, audit readiness documentation, and help you respond to customer/buyer AI governance questions and procurement questionnaires. Our AI Compliance Ops service includes quarterly reviews and ongoing support.

EU AI Act Readiness

Get EU AI Act-ready without slowing delivery.

Q: How long does AI Act readiness take?

Our AI Act Readiness Sprint typically takes 2 weeks (includes inventory, role clarification, risk classification, gap analysis, and evidence planning). Full implementation takes 6–10 weeks depending on scope.

Q: Do we need ISO/IEC 42001 as well?

Not required for AI Act compliance, but ISO/IEC 42001 can operationalise your governance and evidence for AI Act readiness. Many organisations use it as a best-practice framework to support their AI governance.

Q: What if we use third-party models or GPAI?

Great question. The EU AI Act distinguishes between providers and deployers, and GPAI (general-purpose AI) systems have specific obligations. We help you map your systems, clarify roles, understand supplier/procurement controls, and document your risk management.

Inventory your AI systems, clarify provider/deployer roles, classify risk tiers (including high-risk screening), and establish governance, documentation, and evidence. We use ISO/IEC 42001 as a best-practice framework where it accelerates maturity.

Get Started Now Book a 30-min Call

EU AI Act Compliant

Risk-Tiered Classification

Evidence-Ready From Day One

Get Started

From inventory to audit-ready evidence in weeks.

AI System Inventory Map systems, ownership, and use cases.

Risk Classification Clarify roles, tier risks, identify high-risk systems.

Governance & Evidence Establish controls, documentation, and audit trails.

Background Cybersecurity, Risk & Governance

Deliverables Risk registers, evidence packs, management review packs

Clients include SaaS, regulated environments, enterprise procurement

Who we help

Product & Engineering Getting your AI systems inventory-ready and classified for risk tier without governance slowing deployment

Risk & Compliance Responsible for AI Act compliance and need a practical framework for governance and evidence

Procurement & Legal Facing AI governance questions from customers or suppliers and need documented evidence

Three ways we get you AI Act-ready

Choose your starting point. Each offer is designed to move quickly and build evidence from day one.

Start Here

AI Act Readiness Sprint

2 weeks (typical)

Included:

AI system inventory + ownership mapping
Provider/deployer role clarification
Risk-tier classification workshop (incl. high-risk screening)
Gap analysis + prioritised roadmap
Evidence plan + quick-win templates

Book a Readiness Call

Implementation

AI Act Compliance Build

6–10 weeks (typical)

Included:

AI risk management process + registers
Technical documentation pack + templates
Human oversight + transparency patterns
Supplier/GPAI controls + procurement pack
Monitoring + incident workflow design

Discuss Implementation

Ongoing

AI Compliance Ops

Monthly retainer

Included:

Change control + release governance
Quarterly reviews + KPI reporting
Evidence upkeep + audit trail support
Policy refresh + staff enablement
Customer/procurement questionnaire support

Talk About Retainers

Why Narrate Compliance?

Clean documentation is only half the job. We focus on ownership, operating rhythm, and evidence that stands up to scrutiny.

Board-Ready

Clear Reporting

Simple governance reporting your stakeholders can actually use. Risks, controls, actions, and proof — with zero noise.

Pragmatic

Minimal Disruption

We reuse what you already have (like ISO 27001 frameworks) to avoid parallel systems and build something that fits your reality.

Audit-Ready

Evidence-First

Templates and evidence capture mechanisms are built in from day one, not bolted on at the end in a panic.

Need ISO/IEC 42001 certification too?

ISO/IEC 42001 can operationalise your AI governance and provide a structured framework for evidence and controls. We can help with that.

Gap Assessment

Current-state review mapped to ISO/IEC 42001.

Outcome

Prioritised roadmap + evidence plan + executive summary.

AIMS Design & Build

Governance model, risk framework, and operational documentation.

Outcome

Policy set + risk method + registers + governance model + training.

Audit Readiness

Internal audit support and certification preparation.

Outcome

Evidence review + corrective actions + management review pack + audit week prep.

View ISO 42001 Services

Typical implementation timeline

From first conversation to audit-ready. Timelines adapt to your organisation's size and starting point.

Week 1

Discovery & Scoping

Initial assessment call, AI inventory review, system mapping, and scope definition. Delivered: scoping document + project plan.

Weeks 2-3

Gap Analysis & Risk Classification

Control-by-control assessment, AI risk classification (EU AI Act tiers), and gap report. Delivered: prioritised roadmap + executive summary.

Weeks 3-5

Policy & Documentation Build

Governance framework design, policy drafting, risk register setup, and evidence planning. Delivered: complete policy set + risk framework.

Weeks 5-7

Implementation & Evidence

Controls implementation, evidence collection, team training, and process integration. Delivered: populated evidence library + training records.

Week 8

Audit Preparation

Internal audit, management review, corrective actions, and certification body preparation. Delivered: audit-ready evidence pack + management review minutes.

Frequently Asked Questions

How long does AI Act readiness take? Typical: 2–10 weeks

Do we need ISO/IEC 42001 as well? Not required, but helpful

What if we use third-party models or GPAI? We handle it

Can you support audits and buyer questionnaires? Yes

Quick Start

Ready to start?

Send us a brief outline of your AI systems and goals.

Use Enquiry Form

Speed things up: Our Narrate Platform can accelerate evidence mapping, audit trails, task tracking, and documentation management.

The Narrate Platform for Consultants

Everything you need to manage multiple client compliance programmes from a single dashboard. White-label ready.

Command Centre

Multi-Client Dashboard

Manage all client organisations from one place. Pipeline stages track each client from kickoff through initial alignment, evidence collection, gap review, to audit-ready. Health scores and activity feeds keep you informed at a glance.

Your Brand

White-Label Branding

Upload your logo, set custom primary and secondary colours, and add your portal title. Every client-facing screen shows your brand, not ours. Defaults to Narrate branding when not configured.

Client Access

Client Portal

Invite client contacts via magic-link login. They get scoped access to training courses and compliance progress for their organisation — no account setup needed. You control what they see.

Every Module

Full Feature Parity

Every module available to direct customers is available for your clients: Align, Toolkit, Evidence, Tasks, CAPA, Risk Register, AI Governance, Training, Calendar, Internal Audit, SoA, Readiness, Audit Logs, and Evidence Harvester.

Unlimited AI

Bypass AI Limits

Consultants bypass tier-based AI usage limits entirely. Run unlimited evidence analysis, gap analysis, document AI, and compliance copilot queries across all your clients without hitting monthly caps.

Deliverables

Client Reports & Exports

Generate professional client compliance reports with print-optimised views. Export PowerPoint presentations for board meetings. Bulk evidence exports with mapping matrices for audit packs.

Consultant Dashboard — multi-client pipeline with health scores and activity feeds

Upload screenshot or GIF to assets/screenshot-consultant-dashboard.png

Start Your Enquiry

Send us your details and we will return with a recommended path, timeline, and quote.

Help us give you the right fit:

What AI systems/use cases are in scope?
Your role (provider/deployer) + markets
Any likely high-risk systems (if known)
Timeline + key stakeholders
Existing governance/ISO programmes (if any)

Full Name

Work Email

Company

Interested In

How can we help?

Book a 30-minute Call

What you'll get from the call:

Recommended route (Gap / Build / Audit readiness)
Timeline estimate for your situation
Indicative effort + next steps

We typically reply within 24 hours.