Enterprise AI governance and compliance toolkit
A comprehensive toolkit for establishing and maintaining AI governance within organizations. As AI regulations like the EU AI Act become enforceable, organizations need structured approaches to compliance, risk assessment, and audit readiness.
This framework provides automated risk scoring, compliance checklist generation, model card creation, and audit trail logging β aligned with EU AI Act, NIST AI Risk Management Framework, and ISO/IEC 42001 standards.
- Risk Assessment Engine β Automated risk scoring based on EU AI Act risk categories (Unacceptable, High, Limited, Minimal) with multi-dimensional analysis
- Compliance Checker β Generate regulatory compliance checklists tailored to your AI system's risk level and applicable regulations
- Model Card Generator β Structured documentation for AI models following industry best practices
- Audit Trail Logger β Immutable logging of governance decisions, assessments, and compliance activities
- Policy Templates β Ready-to-use AI governance policy templates in YAML/Markdown
- FastAPI Service β REST API for integrating governance checks into CI/CD pipelines
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β AI Governance Framework β
ββββββββββββββββ¬βββββββββββββββ¬ββββββββββββββββ¬ββββββββββββββββ€
β Risk β Compliance β Model Card β Audit β
β Assessor β Checker β Generator β Logger β
ββββββββββββββββ΄βββββββββββββββ΄ββββββββββββββββ΄ββββββββββββββββ€
β Template Engine (Jinja2) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Policy & Checklist Templates (YAML) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Audit Storage (SQLite) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
# Clone the repository
git clone https://github.com/onurcandonmezer/ai-governance-framework.git
cd ai-governance-framework
# Install dependencies
make install
# Run risk assessment on an AI system
python -m src.risk_assessor --name "Customer Chatbot" --domain "customer_service" --uses-personal-data
# Generate compliance checklist
python -m src.compliance_checker --regulation eu-ai-act --risk-level high
# Generate a model card
python -m src.model_card_generator --config examples/model_config.yaml
# Run the API server
make runfrom src.risk_assessor import RiskAssessor
assessor = RiskAssessor()
result = assessor.assess(
system_name="HR Resume Screener",
domain="employment",
uses_personal_data=True,
uses_biometric_data=False,
is_safety_critical=False,
autonomy_level="semi_autonomous",
affected_population_size="large",
)
print(f"Risk Level: {result.risk_level}") # HIGH
print(f"Risk Score: {result.risk_score}/100") # 78/100
print(f"Key Risks: {result.key_risks}")
print(f"Mitigations: {result.recommended_mitigations}")from src.compliance_checker import ComplianceChecker
checker = ComplianceChecker()
checklist = checker.generate_checklist(
regulation="eu_ai_act",
risk_level="high",
system_type="decision_support",
)
for item in checklist.items:
print(f"[{'x' if item.completed else ' '}] {item.requirement}")from src.audit_logger import AuditLogger
logger = AuditLogger(db_path="governance_audit.db")
logger.log_event(
event_type="risk_assessment",
system_name="HR Resume Screener",
actor="governance_team",
details={"risk_level": "high", "score": 78},
)
ai-governance-framework/
βββ README.md
βββ pyproject.toml
βββ Makefile
βββ src/
β βββ __init__.py
β βββ risk_assessor.py # Risk scoring engine
β βββ compliance_checker.py # Checklist generator
β βββ model_card_generator.py # Model card creator
β βββ audit_logger.py # Audit trail system
βββ templates/
β βββ policies/ # AI governance policy templates
β βββ checklists/ # Compliance checklists
β βββ model_cards/ # Model card templates
βββ tests/
β βββ test_risk_assessor.py
β βββ test_compliance_checker.py
β βββ test_audit_logger.py
βββ docs/
β βββ architecture.md
βββ assets/
βββ .github/
βββ workflows/
βββ ci.yml
This project is licensed under the MIT License β see the LICENSE file for details.
Built with a governance-first mindset by Onurcan DΓΆnmezer