Not slide decks. Working governance — scoped to your regulatory context, your board’s maturity, and your industry.
60 minutes. No pitch. We map your regulatory context, AI governance maturity at the board level, and where accountability gaps are creating exposure.
Tailored scope within 5 business days — specific to your industry, your regulations, and your board.
We map your AI landscape, identify accountability gaps, and set governance objectives with named ownership.
Monthly briefings, structured sessions, and responsive guidance — building governance capability over the engagement period.
We advise your board on what good AI and cyber governance looks like — and give you the tools to begin building it.
Structured inventory of your AI systems and cyber exposure — formatted for board review and regulatory submission.
Which regulations apply to your board — SEC priorities, DORA, NIS2, GDPR — and what your posture means for personal director accountability.
One focused hour per quarter with your board or risk committee — reviewing AI and cyber risk developments, governance progress, and emerging decisions. Remote.
A written briefing each month on material AI and cyber developments relevant to your board — regulatory changes, enforcement actions, governance practice updates. Concise and board-ready.
Direct access to your advisor for questions and emerging decisions throughout the engagement. Responses within three business days.
Board-ready summary at engagement close: improvements documented, gaps remaining, and a prioritised roadmap for continued governance development — owned entirely by your organisation.
We sit with your board while you build governance — active fractional advisory for organisations under regulatory or AI risk pressure.
Remote attendance at board or risk committee meetings where AI and cyber governance is on the agenda — providing real-time advisory input as decisions are made. Frequency agreed at engagement outset. On-site available on request.
Built for your AI use cases, risk appetite, and regulatory obligations. Not a template.
Board-level decision protocol for AI-caused failures: who is notified, what decisions must be made, what disclosures are required.
Three documents prepared for your counsel and insurers: an AI Governance Summary, a Director Accountability Map, and a Regulatory Posture Statement — giving D&O insurers and legal counsel what they need to address coverage and liability questions accurately. Cyber Hermes does not provide legal or insurance advice.
One structured crisis simulation per engagement period — tailored to AI-specific failure scenarios relevant to your sector and board composition.
Faster response for time-sensitive matters and direct escalation support for emerging incidents or board-level decisions under pressure.
We design the governance program your board will run independently — built to be audit-proof, durable, and yours.
Policies, accountability structures, decision rights, escalation paths, reporting cadences — designed to survive a regulatory examination.
A designed session building AI and cyber governance fluency for your specific board — covering the literacy regulators expect directors to demonstrate, mapped to your sector and risk profile. Remote, with on-site available on request.
Milestone-tracked roadmap with clear ownership at each stage. Built to satisfy audit requirements.
Structured review of AI risk in up to eight key vendor relationships — selected jointly at engagement outset based on AI exposure and data access. Produces a board-ready Third-Party AI Risk Summary.
Two advisory hours per week, bookable in advance via a shared calendar link — reserved exclusively for your engagement. Ensures board-level conversations happen when they need to, not when a diary permits.
Structured closeout delivering eight governance documents your board owns independently: AI Governance Policy, Director Accountability Framework, AI Risk Register, Regulatory Compliance Roadmap, Incident Response Protocol, Third-Party AI Risk Summary, Board Education Materials, and a Forward Governance Roadmap.
Fixed-scope. Two weeks. We map your board’s AI and cyber risk exposure, assess your governance posture, and deliver a board-ready report. No retainer required.
All services available as standalone engagements. Scoped individually.
A focused session for directors on AI and cyber governance responsibilities — mapped to your sector, your regulatory context, and your board's current maturity level. Remote, with on-site available on request.
Focused review of your existing AI governance documentation assessed against current regulatory expectations and best practice.
Structured review of your board’s posture against specific regulatory frameworks — SEC requirements, DORA, EU AI Act, NIS2 — with a prioritized gap analysis.
Direct access to your advisor for specific board-level questions, second opinions, or decision support. Available without a retainer.