Home / Tools / Exposure Diagnostic
LEVEL 03 · FOR DIRECTORS · CISO · RISKAI Data Exposure Diagnostic
Eight questions about how AI is actually used in your organisation — not how policy says it's used. Answer honestly; the diagnostic scores entirely in your browser and nothing is transmitted. Two minutes to a grade your risk committee can act on.
AUDIT Eight questions
Q.01 How do staff use public AI tools (ChatGPT, Gemini, Copilot…)?
Q.02 The most sensitive data plausibly already pasted into one:
Q.03 AI vendor contracts and data-processing terms have been reviewed:
Q.04 Your regulatory environment for data:
Q.05 Visibility of what's being sent to AI services:
Q.06 If your main AI vendor announced a breach tomorrow, could you list what of yours was exposed?
Q.07 Dependency on AI vendors:
Q.08 If AI services went down for 72 hours, your operations would be:
EXPOSURE GRADE— / 16
AWAITING INPUT
CONTAINEDSEVERE
- Complete the eight questions, then run the diagnostic.
Scores compute locally. No answer leaves this page — which is rather the point.
Close the flags
An air-gapped appliance retires most of this list.
Sensitive work moves to a machine that physically can't leak — the cloud stays for everything harmless. We'll map your flags to a deployment in one call.
BOOK THE RISK REVIEW →