OKOSIEME

Arinze Okosieme
AI Governance, Security and Assurance
UK based independent assurance
AO
Flagship AI assurance service
Independent, control-based AI assurance

AI Controls and Assurance Readiness Review

A senior, independent assessment that turns AI principles into operational controls, defensible evidence, and audit-ready assurance across the AI lifecycle.

In simple terms: you will know what AI you have, what risks matter most, what controls should exist, and what you can actually prove today.

Run the UDSA self assessment
Controls first. Evidence always. Practical delivery without theatre.
Aligned to
NIST AI RMF ISO/IEC 23894 ISO/IEC 42001 CSA AICM Zero Trust
These frameworks inform the checklist and evidence expectations. Your output is still based on your actual controls, artefacts, and operating reality.
Best for regulated or high-impact AI Audience board, CISO, AI leads, risk
CSA Trusted AI Safety Expert (TAISE) Certified Information Systems Security Professional (CISSP) Certificate of Competence in Zero Trust (CCZT) Certified Cloud Security Professional (CCSP)
Outcomes

What you get at the end

A defensible view of AI risk, control coverage you can evidence, and a roadmap leadership can act on.

Defensible view of AI risk

Clear scoping, risk tiering, ownership, and escalation paths for the AI systems that matter.

  • Use-case inventory and risk drivers
  • Accountability and decision points
  • Practical oversight expectations
Outcome: risk decisions you can justify

Control coverage and gaps

A control baseline and gap analysis across governance, data, and security controls mapped to lifecycle stages.

  • Control coverage matrix
  • Effectiveness and maturity signals
  • Prioritised gaps by materiality
Outcome: clarity on what is missing

Evidence and auditability

What you can prove today, what needs strengthening, and what auditors and regulators typically expect to see.

  • Evidence inventory and ratings
  • Auditability review
  • Board-ready assurance narrative
Outcome: evidence-based assurance
Scope

Control-led, evidence-driven

Frameworks are reference points. Evidence and operational reality are the standard.

Core activities

Structured work to understand your AI landscape, validate controls, and produce defensible outputs.

  • AI system and use-case scoping with risk tiering
  • Control baseline and gap analysis across lifecycle stages
  • Evidence inventory and auditability assessment
  • Findings synthesis and prioritised recommendations
  • 12-month assurance roadmap aligned to delivery reality

Typical deliverables

  • AI system register and risk tiering
  • Control coverage and gap matrix
  • Evidence inventory with assurance ratings
  • Executive summary for boards and senior leadership
  • 12-month governance and assurance roadmap

Who this is for

Boards, CISOs, AI leads, and risk functions in regulated or high-impact environments. Ideal when AI is moving from pilot to production, scaling across teams, or facing external scrutiny.

Regulated environments High-impact AI Audit readiness Controls and evidence

Typical timeline

  • Foundation 2–3 weeks
  • Core 4–6 weeks
  • Enterprise 6–10 weeks
Outputs are designed to be regulator- and auditor-ready
Pricing

Fixed fee ranges by region

Fees are agreed upfront. Final pricing depends on scope, risk profile, and organisational complexity.

United Kingdom

£9,500 – £65,000
Three tiers depending on scale and complexity.
Foundation for a single team. Core for most organisations. Enterprise for multi-system, multi-stakeholder scope.
  • Foundation £9,500 – £15,000
  • Core £18,000 – £30,000 (typical engagement)
  • Enterprise £35,000 – £65,000
Most clients start with Core

European Union

€12,000 – €80,000
Documentation depth and multi-entity scope often increase effort.
Often chosen when you need evidence that stands up across entities, jurisdictions, or group structures.
  • Foundation €12,000 – €18,000
  • Core €22,000 – €40,000 (typical engagement)
  • Enterprise €45,000 – €80,000
Suitable for cross-border governance needs

GCC

AED 55,000 – 320,000
Senior delivery, speed, and executive-ready outputs.
Best suited to rapid assurance needs, executive sponsorship, and time-critical governance decisions.
  • Foundation AED 55,000 – 85,000
  • Core AED 95,000 – 160,000 (typical engagement)
  • Enterprise AED 180,000 – 320,000
Often delivered alongside executive workshops

Start a confidential conversation

If you are planning a significant AI initiative, scaling AI across teams, or need independent assurance on existing systems, I am happy to explore whether this engagement fits. There is no obligation.

Typical next step Discovery call, followed by a short scope note outlining options and recommended tier.
Email arinze@okosieme.com

Independent, practical, and regulator-literate. Controls first. Evidence always.

Name
Email
Organisation
Role
What would you like to discuss?
When you submit this form, your message will be emailed securely to me via Formspree.