Capabilities
The module is made up of five connected areas:AI System Registry
A catalog of every AI system your organization runs or relies on. You register each system with its purpose, use cases, and data flows. The registry is the foundation that links risk classifications, vendor assessments, and incidents to specific systems.Risk Classification
Classify each registered system against the EU AI Act and NIST AI RMF frameworks. The system analyzes your use cases and suggests a risk tier automatically. You can accept the suggestion or override it with a documented rationale.Vendor Assessments
Send structured security questionnaires to your AI vendors and track their responses. Vendors receive a secure link to complete the questionnaire directly — no account required. Responses are scored automatically and assigned a risk tier when submitted.Incident Tracking
Report and manage AI-related incidents from initial discovery through resolution. Each incident has a full lifecycle with investigation fields, remediation steps, and regulatory notification tracking — giving you a documented record for audits.Regulatory Timeline
A pre-loaded view of AI regulation deadlines drawn from the EU AI Act, Colorado AI Act, and NIST AI RMF. The system suggests which regulations apply to your organization based on your registered systems and operating jurisdictions, and tracks your compliance status per milestone.Availability
AI Governance module features are included based on your engagement scope. Contact your Ayliea engagement lead to confirm which of the five areas are part of your engagement.

