An AI governance maturity assessment for a telecommunications industry client

As a technology and data driven organisation, our client recognised a requirement to review their AI governance framework against rapidly evolving technological and regulatory landscapes. To mitigate new risks emerging from AI adoption, they aimed follow best market standards to strengthen internal practices and to prepare for upcoming compliance requirements. Our client also sought to enhance the capabilities of its internal audit team through hands-on involvement in the assessment process.

We conducted a comprehensive AI governance maturity assessment, leveraging best practice frameworks, such as the NIST AI RMF and ISO-42001, and referring to the upcoming regulatory requirements ─ primarily the EU AI Act. Our approach was tailored to our client’s specific needs and included:

• A review of existing AI governance practices covering the whole AI life cycle—from strategy to monitoring and operational reporting of AI use cases. We completed the review through documentation inspection and interviews with key stakeholders.

• Identification of gaps in key organisational-level governance areas.

• Development of recommendations to enhance AI governance maturity with reference to the best market standards and the EU AI Act. 

• Preparation and delivery of training for the internal audit team on AI, AI risks and the EU AI Act topics.

• Engagement of the internal AI team in the execution of the maturity assessment to support learning and development.

The assessment provided our client with strategic recommendations for organisational growth and maturity. Our collaboration also strengthened awareness of AI-related risks, challenges and regulatory requirements across the organisation.

Looking forward, this foundation enables our client to make informed decisions, improve internal capabilities and prepare for future regulatory developments.