Get up and running. Fast.
We help you configure AI Sigil for your organization: register your AI systems, activate the right frameworks, and get your team working in the platform.
What's included
All implementation engagements are delivered through our network of vetted consulting partners: governance and compliance specialists selected for their expertise in AI regulation and hands-on platform experience.
Portfolio mapping
Your consulting partner documents every AI system in your portfolio, maps their components, data flows, stakeholders, and roles, and classifies each system against the regulations and frameworks that apply to your organization.
Framework configuration
our partner activates and validates the right regulatory frameworks per system, sets up evidence collection workflows, links existing documents to the correct controls, and configures cross-framework deduplication.
Team onboarding
Structured training program led by your partner: guided walkthroughs, first control assessments completed together, and hands-on practice until your team is fully comfortable with the platform.
Go-live review
Your partner conducts a final review to confirm the full setup is complete, regulatory mappings are accurate, evidence workflows are operational, and your team is fully ready to operate independently.
Typical timeline
Every implementation follows five stages. Duration varies by portfolio size and organizational complexity.
Scoping and kickoff
A discovery session brings together your AI, legal, compliance, and engineering stakeholders. The objective: build a complete picture of your AI portfolio.
- How many systems are in production or development
- Who owns them, what data they process, where they sit in your org structure
- Which regulations apply (EU AI Act, ISO 42001, NIST AI RMF, sector-specific)
- How mature your current governance practices are relative to target state
The output is a scoping document covering the engagement plan, key milestones, resource requirements, and a prioritized sequence for the stages that follow.
Estimated duration: Startup 2.5 weeks / SME 5 weeks / Large Enterprise 10 weeks
AI inventory and classification
Every AI system is registered in the platform through structured sessions with system owners. For each system, the following is documented:
- Underlying models and training data sources
- Input/output data flows and third-party vendors
- Internal stakeholders and downstream consumers
Risk classification workshops then walk your team through tiering decisions (high-risk, limited-risk, minimal-risk under the EU AI Act) and determine your role per system (provider, deployer, or both).
The result: a fully populated AI registry in AI Sigil with each system correctly categorized, its dependencies mapped, and its regulatory obligations identified.
Estimated duration: Startup 5 weeks / SME 10 weeks / Large Enterprise 20 weeks
Framework activation and configuration
The regulatory frameworks that apply to each AI system are activated based on classification results. From there:
- Controls are configured and obligations validated against each system’s risk tier and role
- Cross-framework deduplication ensures overlapping requirements across the EU AI Act, ISO 42001, and NIST AI RMF are tracked once, not duplicated
- Evidence collection workflows are set up: existing docs linked to the right controls, gaps identified, and ongoing collection/review/approval processes established
This stage ends with every system connected to its applicable controls and a clear picture of what remains before audit readiness.
Estimated duration: Startup 5 weeks / SME 10 weeks / Large Enterprise 15 weeks
Team onboarding and training
A structured training program is delivered, tailored to each role in your governance organization:
- Platform administrators learn configuration, user management, and reporting
- System owners and control assessors complete their first assessments in hands-on workshops, practice evidence upload and linking, and walk through the review/approval workflow end to end
- Compliance leads and committee members receive sessions on dashboard interpretation, completion tracking, and audit trail navigation
Internal governance processes and standard operating procedures are documented directly in the platform. Your team leaves with a single reference for how assessments, escalations, and reviews should be conducted after handoff.
Estimated duration: Startup 2.5 weeks / SME 5 weeks / Large Enterprise 10 weeks
Go-live review and handoff
A comprehensive configuration audit covers every layer of the setup:
- AI systems registered with the correct classification
- Frameworks activated with properly scoped controls
- Evidence collection workflows operational
- Team permissions and roles correctly assigned
A regulatory mapping check confirms no obligation has been missed or incorrectly linked. Your governance lead walks through a readiness checklist covering documentation completeness, assessment progress, and audit trail integrity.
The stage concludes with a formal sign-off confirming the platform is production-ready, and a handoff document summarizing the configuration, open items, and recommendations for ongoing operations.
Estimated duration: Startup 2.5 weeks / SME 5 weeks / Large Enterprise 10 weeks