Skip to main content
SUMMITGUARD
Interactive AI risk check

How exposed is your firm’s current AI use?

Answer a short set of practical questions about AI tools, client data, human review, policy ownership, and governance evidence. You will receive an indicative risk level and suggested next steps.

This check is a starting point only. It does not replace qualified professional guidance or a scoped assessment.

Start the risk checkRequest a scoping conversation
10-question check

Answer what is true today.

01 / Tool visibility

How clearly does your firm know which AI tools are being used?

02 / Client-data boundaries

What rules exist for putting client or confidential information into AI tools?

03 / Human review

When AI supports client-facing work, how is human review handled?

04 / Policy ownership

Who owns AI governance in your firm?

05 / AI-enabled SaaS

How are AI features in SaaS platforms reviewed before use?

06 / Enterprise assistant exposure

If using or considering Copilot or Gemini-style workplace assistants, how confident are you in permission hygiene?

07 / Staff guidance

How are staff guided on acceptable AI use?

08 / Governance evidence

What evidence could leadership show if asked how AI use is governed?

09 / Escalation and recovery

What happens if AI produces a harmful, inaccurate, or unauthorised output?

10 / Connected or agentic workflows

Can AI tools access systems, trigger actions, update records, or automate workflows?

What the result can inform

Practical next steps, not a generic maturity score.

Governance baseline

Tool visibility, ownership, rules, and evidence needed before AI use scales.

Client-data boundaries

Where prompts, uploads, summaries, connected apps, or SaaS features may touch sensitive information.

Human review and escalation

Where professional judgement, approval, issue handling, and correction steps should be defined.

Source basis

Informed by recognised AI governance guidance.

Summit Guard uses public AI governance guidance as a practical reference point for inventories, risk classification, review rules, evidence, monitoring, and improvement actions.

Framework references are used for alignment and source attribution only. They do not imply endorsement or external sign-off.