Loading…
AI Policy Desk
Get your AI policy done in 30 minutes.
Ready-to-use templates, risk checklists, and implementation guides built for small teams navigating EU AI Act, GDPR, and US state AI laws — with no dedicated compliance function.
Used by 1,200+ teams. Updated for EU AI Act, GDPR, and 12 US state laws. No account, no paywall.
What applies to my team?
- Downloads this month
- 1,200+
- Free guides & templates
- 221
- No account, no paywall, no vendor sponsorship
- Updated
- June 6, 2026
Most downloaded
Start with these templates
Free tools
Interactive tools — get a clear answer in minutes, no consultant required.
Start here
4 questions · 2 min
Compliance Quiz
Which AI regulations apply to your team?
Take the quiz →
4 steps · 5 min
Policy Generator
Generate an AI acceptable use policy for your team.
Generate policy →
15 vendors · filterable
Vendor Scorecard
Compare AI vendors on privacy and compliance.
Compare vendors →
3 steps · 5 min
AI Risk Assessment
Rate your AI use cases Low / Medium / High / Critical.
Assess risk →
Explore
Regulations
28 coveredEU AI Act, GDPR, NIST AI RMF, Colorado AI Act, NY Local Law 144, and more — each explained for small teams.
Browse regulations →
Glossary
75 termsPlain-English definitions for AI governance terms: high-risk AI, GPAI models, conformity assessment, shadow AI, and more.
Browse glossary →
Start here
Pillar guides and templates — pick the one most relevant to your situation.
- AI Governance for Small Teams: The Complete Guide (2026) · Governance
- EU AI Act Compliance for Small Teams: The Complete Guide (2026) · Compliance
- TypeScript AI Agent Security: 4 Incident Response Playbook Files (2026) · Security
- CEO's AI Tool Approval Checklist: 10 Questions Before You Say Yes · Templates
- AI Data Privacy for Small Teams: 9-Tool DPA Table + GDPR/CCPA Checklist (2026) · Compliance
- Browse all posts →
Latest
Blog
Templates, checklists, tool comparisons, and implementation guides for small teams adopting AI safely.
Guide·10 min read·Guides
AI governance for legal teams and general counsel: privilege, confidentiality, and risk 2026
Legal departments face distinct AI risks: attorney-client privilege waiver, bar ethics rules on confidentiality, and liability for AI-assisted legal work. This guide covers what in-house counsel and law firms must do before using AI for legal work.
Latest posts
Guide·10 min read
Amazon KiroRank and Tokenmaxxing: How to Measure AI Adoption Without Creating Perverse Incentives
Amazon shut down its KiroRank AI leaderboard after employees gamed it by running fake tasks to inflate token counts. The right AI adoption metrics measure outcomes, not usage. A practical framework for small teams.
Guide·10 min read
BIPA and facial recognition AI: compliance guide for employers and developers 2026
Illinois BIPA is the most litigated biometric privacy law in the US, with class actions reaching $228M settlements. AI systems that collect or analyze facial geometry, fingerprints, or voiceprints trigger BIPA. This guide covers what compliance requires.
Guide·10 min read
Colorado AI Act Overhaul: What Employers Must Know About SB 26-189 Before January 1, 2027
Colorado replaced its original AI Act with SB 26-189, signed May 14, 2026. The new law drops bias audits and impact assessments in favor of a lighter notice-and-transparency framework. Effective January 1, 2027, it requires pre-use notice, post-adverse-action notice within 30 days, and 3-year recordkeeping for any employer using AI in hiring, promotions, or terminations.
Guide·10 min read
Miasma Worm and Phantom Gyp: The npm Supply Chain Attack That Bypasses Security Tools (June 2026)
A self-spreading worm compromised 57 npm packages in under 2 hours using binding.gyp instead of postinstall scripts, bypassing security scanners. What it means for teams that run npm install, and the 5 controls that limit your exposure.
Guide·10 min read
AI Support Chatbots with Account Actions Are a Security Risk: The Meta Instagram Incident and What Your Team Must Govern (2026)
Hackers social-engineered Meta AI into resetting passwords on high-profile Instagram accounts by simply asking. What the attack means for any team deploying an AI chatbot that can take account actions, and the 6 controls that prevent it.
Guide·9 min read
EU AI Act August 2026: What's Delayed and What Still Applies
The EU provisional agreement pushed high-risk AI obligations to late 2027. But Article 50 transparency rules still apply August 2, 2026, GPAI requirements have applied since August 2, 2025, and the prohibited-practices ban has been in force since February 2, 2025. Here is exactly what changed and what did not.
Newsletter
Stay current on AI compliance
Weekly digest of new templates, regulation updates, and deadline alerts. Free, unsubscribe anytime.
Subscribe free →No spam · No vendor ads · Unsubscribe anytime
Templates
Get the complete policy kit
Acceptable use policies, vendor evaluation checklists, risk assessments, and more — all in one place.
View template kits →