email: joseph@durrantrileyadvisory.co.uk

Ipswich 01473 598427

    AI Governance & Risk Advisory

    AI Governance & Risk Advisory

    Practical, proportionate support to help your organisation use AI with confidence, safely, ethically, and in line with emerging AI governance frameworks, regulatory expectations, and best-practice AI risk management.

    Artificial Intelligence is becoming part of everyday organisational activity. Used well, it can enhance limited resources, improve decision making, and free people to focus on the work that matters most. It is a real opportunity for organisations that have neither the budget nor the appetite for an in-house AI specialist. The challenge is rarely the technology itself. It is having the governance, accountability and judgement in place to adopt it well. Without that, AI can introduce risks around data protection, ethics, reliability and public trust.

    You do not need to build an AI function to use AI responsibly. Durrant Riley Advisory provides clear, judgement-led support across AI governance, AI policy development, AI assurance, and AI regulatory compliance, designed to enable adoption, not just contain it. As an independent AI governance consultant, we help you introduce and manage AI in a way that is responsible, defensible, and aligned to your existing governance, risk and compliance structures. Our approach is grounded in AI ethics, AI safety, and proportionate AI risk assessment, with specialist experience supporting charities, SMEs and public bodies.

    How We Help

    Strategic Service: AI Governance, Leadership & Oversight

    This service provides clarity and control before AI becomes embedded.

    We help Boards and senior leaders introduce AI with clear governance, defined accountability, and proportionate safeguards. The focus is on enabling innovation while maintaining oversight, defensibility and alignment with recognised AI governance frameworks.

    Why this is good for you

    • Leadership understands the risks and the opportunities
    • Roles, responsibilities, and decision making are clear
    • Trustees and directors can evidence the oversight their duties require
    • AI governance integrates with your existing risk and compliance structures
    • You can demonstrate responsible adoption to regulators, donors and stakeholders

    Best for: Organisations introducing AI tools or seeking Board-level assurance over existing use, including charities seeking confidence that trustee oversight duties are being met, alongside SMEs and public bodies wanting structured AI governance support.

    Foundations: AI Policies, Controls & Compliance

    This service builds the core safeguards needed for responsible AI use.

    We develop practical AI policies and guidance that allow staff to use AI confidently while protecting the organisation and the people whose data you hold. Controls are proportionate, workable, and aligned to UK GDPR, sector expectations, and wider AI regulatory compliance obligations.

    Why this is good for you

    • Staff know what is, and is not, acceptable AI use
    • Privacy, data protection, and ethical risks are properly assessed with particular care where sensitive beneficiary or service-user data is involved
    • Vendor tools are evaluated with appropriate scrutiny before sensitive data ever goes near them
    • Decisions are documented and defensible

    Best for: Organisations rolling out AI tools such as Copilot, Gemini, ChatGPT Enterprise, or sector-specific AI platforms, and those needing structured AI policy development, especially charities handling safeguarding, health or hardship data.

    Active Governance: Monitoring, Risk & Assurance

    This service focuses on ongoing oversight and prevention.

    AI risk does not remain static. We help embed proportionate monitoring, horizon scanning, and AI assurance so issues are identified early and addressed before they escalate. This includes integrating AI risk management into your enterprise risk processes.

    Why this is good for you

    • AI risks are regularly reviewed and updated
    • Bias, reliability, and control weaknesses are identified early, before they affect beneficiaries or decisions
    • Inaccurate or fabricated AI outputs are caught before they reach service users, advice or compliance content
    • AI-related risks are integrated into enterprise risk management
    • Leadership receives meaningful assurance reporting

    Best for: Organisations with growing or higher-risk AI use, or those subject to regulatory or public scrutiny, including charities and public bodies requiring ongoing AI governance oversight.

    Incidents, Investigations & Remediation

    This service supports you when concerns arise.

    Whether dealing with data misuse, biased outputs, decision challenges, or stakeholder concerns, we provide calm, independent support to assess what happened and what needs to change. Where an incident is serious, we help you handle regulatory notification, including to the ICO and Charity Commission, proportionately and on time. Our approach ensures measured handling of AI safety, compliance and ethical considerations.

    Why this is good for you

    • AI-related incidents are handled proportionately and fairly
    • Compliance and ethical implications are clearly assessed
    • Regulatory notification obligations are met where they apply
    • Remedial actions are structured and practical
    • Boards, regulators, donors and stakeholders receive clear, defensible reporting

    Best for: Organisations facing AI-related complaints, incidents, or heightened scrutiny, including charities navigating serious incident reporting, alongside SMEs and public bodies needing specialist AI risk support.

    Return to Services