AI Governance Workspace
A free, browser-based workspace to govern AI across a regulated financial firm. Inventory every AI use case, classify it under the EU AI Act, run risk assessments and FRIAs, track third parties, incidents, controls, literacy and KRIs, and self-assess governance maturity — all over a single Excel workbook, with no data leaving your device.
The AI Governance Workspace is a free, browser-based suite of registers and assessments that lets a risk or compliance team govern AI use across a regulated financial firm. Designed for Luxembourg PSF and fund administration contexts, it brings AI inventory, risk classification, assessment, third-party due diligence, incident logging, controls, training and governance maturity into one connected system — instead of a folder of disconnected spreadsheets. Everything runs over a single shared Excel workbook. There is no backend and no network calls for your data: state is held in the browser, autosaved to local storage, and imported or exported as an .xlsx file you control. A central AI use-case inventory acts as the spine, with every classification, assessment, FRIA, incident and control linking back to it — so the firm always has one coherent picture of its AI estate. The workspace is anchored in the EU AI Act, DORA, GDPR and CSSF expectations, with regulatory dates affected by the Digital Omnibus shown as provisional. It is built for risk managers, compliance officers and internal audit who need a structured, defensible governance record without standing up new infrastructure.
- Central AI use-case inventory — the single spine every other module links back to
- EU AI Act risk classification — provider/deployer role and risk tier (prohibited, high, limited, minimal) with rationale
- Risk assessments and Fundamental Rights Impact Assessments (FRIA) tied to each use case
- Third-party AI, incident and controls registers aligned to DORA and CSSF outsourcing expectations
- AI literacy training tracker and key risk indicators (KRIs) with RAG status
- Governance maturity self-assessment across ten pillars with a visual radar and prioritised gaps
- Single Excel workbook — autosaved locally, import/export as .xlsx, one-click wipe; no data leaves your device
AI governance in a regulated financial firm pulls obligations from the EU AI Act, DORA, GDPR and CSSF circulars at once — yet most teams manage it in a scatter of spreadsheets that don't share a methodology or a common register. Use cases live in one file, vendor due diligence in another, incidents in email, and there is no reliable way to show how a given AI system was classified, assessed, controlled and monitored. This workspace solves that by encoding the full governance lifecycle into one connected, browser-based system built around a single AI use-case inventory. Classification, risk assessment, FRIA, third-party, incident, control, training and maturity records all link back to that inventory and live in one Excel workbook you own — giving compliance and risk teams a consistent, defensible governance record without any backend, subscription or data leaving the device.
Status
LiveCategory
Step-by-step guide to get started with this project.
All IddiLabs projects are open-source and free to use. You can review the code, modify it for your needs, and deploy it on your own infrastructure.
IddiLabs on GitHubBuilt with ❤️ for SMEs, compliance teams, and professionals who value privacy and control.