← All services
🔍 Audit & Compliance

Find Out Where You’re Exposed — Before a Regulator Does

The EU AI Act enters full enforcement in August 2026. Fines reach €35M. Do you know if your AI systems are compliant? We’ll tell you in 10 days — with a clear action plan.

Starting from €1,600 One-time audit: 1 to 2 weeks | Monthly audit: from €590/month

What you walk away with

📋

Complete audit report

A 15–30 page document that shows you exactly where you stand: every process mapped, every pain point identified, every automation opportunity ranked by ROI.

Know your compliance gaps before an inspector does

We evaluate your compliance against ISO 42001, 27001, 9001, the EU AI Act, GDPR, and NIS2. You get a gap matrix and a remediation plan — not a vague recommendation.

🛡

Identify risks before they become incidents

A complete risk register: algorithmic bias, data leaks, hallucinations, model drift, vendor dependencies. Each risk comes with a treatment plan.

🎯

A roadmap ranked by ROI — not by complexity

You don’t get a wish list. You get a prioritized roadmap: which automations to launch first, what they cost, and what they return.

📧

Daily follow-up & 4 PM recap

Throughout the audit, daily email at 4 PM: analysis progress, findings of the day, points of attention. You follow every step in real time.

🎥

Video check-in every 72 hours

Short video call (15-30 min) every 3 days during the audit. Presentation of interim results, questions, scope adjustments if needed.

💬

Presentation to your teams

1-hour oral presentation to your decision-makers. Q&A, adjustments, priority validation.

The standards and regulations we audit against

ISO

Quality Management

ISO 9000:2015 — Quality principles and vocabulary
ISO 9001:2015 — Quality management system (certifiable). Operational control of your AI processes
ISO 9004:2018 — Sustainable performance, continuous improvement

ISO

Artificial Intelligence

ISO/IEC 42001:2023 — AI management system (certifiable). THE reference for AI governance
ISO/IEC 42005:2025 — AI system impact assessment
ISO/IEC 23894:2023 — AI-specific risk management
ISO/IEC 5338:2023 — AI system lifecycle
ISO/IEC 25059:2024 — Quality model for AI systems
ISO/IEC 38507:2022 — AI governance by organizations

ISO

Information Security

ISO/IEC 27001:2022 — ISMS, information security (certifiable)
ISO/IEC 27002:2022 — Security controls (secure development, coding, suppliers)
ISO/IEC 27005:2022 — Security-related risk management
ISO/IEC 27017:2015 — Cloud service security
ISO/IEC 27018:2019 — Personal data protection in the cloud
ISO/IEC 27701:2019 — Privacy management (GDPR bridge)

ISO

Risk & Continuity

ISO 31000:2018 — Risk management (general framework)
ISO 31010:2019 — Risk assessment techniques (FMEA, fault trees)
ISO 22301:2019 — Business continuity (BCP for AI-critical processes)

🇪🇺

European Regulations

EU AI Act (2024/1689) — Risk classification, AI governance obligations. Full enforcement August 2026. Fines up to €35M or 7% of turnover
GDPR (2016/679) — Personal data protection. Articles 22 (automated decisions), 25 (privacy by design), 35 (DPIA)
NIS2 (2022/2555) — Cybersecurity for essential entities. Incident reporting within 24h
Data Act (2023/2854) — Data access and sharing (IoT, industrial data)

🌍

Complementary Frameworks

NIST AI RMF 1.0 — AI risk management framework (internationally recognized)
SOC 2 Type II — Security, availability, integrity controls (required by B2B clients)
CIS Controls v8 — 18 prioritized cybersecurity control groups
ENISA Guidelines — EU recommendations for AI system security

How we deliver your audit in 10 days

D1-D2

Discovery & scoping

Interviews with your key teams. Understanding your business, tools, AI stack. Identification of the applicable regulatory scope.

D3-D5

Technical & regulatory analysis

Infrastructure audit, data flows, AI processes. ISO 42001, 27001, 9001 compliance verification. EU AI Act and GDPR assessment.

D6-D8

Modeling & risks

AI risk register (ISO 23894). Regulatory gap matrix. Automation scenarios. Cost/benefit analysis.

D9-D10

Delivery

Complete report + compliance assessment. Presentation to your teams. Action plan validated together.

Stay compliant year-round — without hiring a compliance officer

Regulations evolve. Models drift. New risks emerge. A monthly audit keeps you ahead of all three — for less than the cost of a junior hire.

Essential Audit

€590/month
  • GDPR compliance verification
  • Security check (ISO 27001)
  • AI log & anomaly review
  • Monthly compliance report
  • 1 framework of your choice
Recommended

Business Audit

€1,200/month
  • ISO 42001 + 27001 + 9001 compliance
  • EU AI Act + GDPR verification
  • AI risk register (ISO 23894)
  • Gap matrix + remediation
  • Detailed monthly report
  • Management review

Premium Audit

€2,400/month
  • Complete framework (all standards)
  • ISO certification preparation
  • Continuity audit (ISO 22301)
  • AI resilience testing
  • Continuous regulatory monitoring
  • Weekly report
  • CNIL/ANSSI guidance support

What we check every single month

⚖ Regulatory Compliance

EU AI Act: risk classification, transparency obligations, governance. GDPR: legal basis, DPIA, privacy by design, data subject rights.

🔒 Information Security

ISO 27001: access controls, encryption, vulnerability management, cloud security, third-party AI providers.

🤖 AI Governance

ISO 42001: AI policy, impact assessment, model lifecycle, transparency, algorithmic bias, performance drift.

📊 Quality & Performance

ISO 9001: operational control, continuous improvement. ISO 25059: accuracy, robustness, fairness, explainability of AI systems.

🚨 Risks & Resilience

ISO 23894 + 31000: AI risk register, hallucinations, data leaks, poisoning. ISO 22301: continuity for AI-critical processes.

📝 Traceability & Audit Trail

Agent action logs, decision history, complete audit trail. Preparation for regulatory inspections and certifications.

Who is it for?

  • SMBs deploying AI agents who want to stay compliant
  • Companies preparing for ISO 42001 or 27001 certification
  • Executives who want to anticipate the EU AI Act (full enforcement August 2026)
  • CIOs who need an external, impartial perspective
  • Regulated companies: healthcare, finance, insurance, legal
  • Organizations processing personal data through AI

Summary

  • One-time audit: from €1,600 excl. VAT
  • Monthly audit: €590 to €2,400 excl. VAT/month
  • Duration: 1-2 weeks (one-time)
  • Format: On-site or remote
  • Deliverable: Report + compliance assessment
  • Monthly commitment: 3 months minimum
Request an audit

Standards covered

  • ISO/IEC 42001 — AI Management
  • ISO/IEC 27001 — Info Security
  • ISO 9001 — Quality
  • ISO 31000 — Risk
  • ISO 22301 — Continuity
  • EU AI Act — AI Regulation
  • GDPR — Personal Data
  • NIS2 — Cybersecurity

Related services

Custom AI Agent → Multi-Agent System → Maintenance & Evolution →

The cost of non-compliance dwarfs the cost of an audit

One audit now could save you from a seven-figure fine later. Free initial consultation — 30 minutes to know where you stand.

Get in touch