Assessment Tools
L1 — Align includes three diagnostic tools that map your current readiness and identify gaps. The results serve as input for decision-making on next steps.
Readiness Scan
Purpose: A quick overview of your organization’s readiness for AI governance.
| Parameter | Value |
|---|---|
| Number of questions | 20 |
| Maximum score | 100 points |
| Number of sections | 4 (Governance, Training & awareness, Data & security, Practical usage) |
| Time to complete | ~10 minutes |
What it measures
- Governance — Do formal rules for AI exist? Who is responsible?
- Training & awareness — Have employees been trained? Do they know what they can and cannot do?
- Data & security — How do you handle data when working with AI? Do you have classification?
- Practical usage — How do you actually use AI tools? Do you have an inventory?
How to interpret results
| Score | Level | Meaning |
|---|---|---|
| 80—100% | READY | Solid foundations. L1 will help formalize existing practice. |
| 50—79% | PARTIAL | Basics exist, but there are gaps. Gap Analysis will show details. |
| 0—49% | STARTING | Significant gaps. L1 is necessary; consider the Managed mode. |
Why you need it
The Readiness Scan is your first orientation point. In 10 minutes, you’ll find out whether you’re on track for compliance, or whether you need fundamental changes. The result also helps you decide between DIY and Managed modes.
Gap Analysis
Purpose: Detailed identification of specific gaps in AI governance.
| Parameter | Value |
|---|---|
| Number of items | 32 |
| Number of areas | 6 |
| Assessment type | Three-level (Met / Gap / To be addressed) |
| Time to complete | ~20 minutes |
6 assessment areas
- Documentation & policies — Do written rules exist?
- Governance & responsibilities — Who is responsible for what?
- Training & awareness — Are employees informed?
- Data & security — How is data protected?
- Incident management — Do you know what to do when a problem occurs?
- Tools & technology — Do you have an overview of the AI tools in use?
How to interpret results
For each item, you select one of three statuses:
- Met — Fully implemented, you have evidence
- Gap — Does not exist or entirely inadequate
- To be addressed — Partially exists, needs to be completed
Recommendations based on results:
- More gaps than met items -> consider L1-Managed for a systematic approach
- More met than gaps -> the L1-Self toolkit is sufficient to fill the remaining items
- Everything met -> congratulations, consider L2 for further development
Why you need it
The Readiness Scan shows the overall picture; the Gap Analysis shows the specific holes. Each item corresponds to a specific regulatory requirement or best practice. The results serve as the basis for the implementation plan (phase 9).
Sovereignty Quick Scan
Purpose: Quick mapping of technological sovereignty — how much you depend on foreign vendors.
| Parameter | Value |
|---|---|
| Number of questions | 5 |
| Maximum score | 15 points |
| Time to complete | ~3 minutes |
What it measures
- Data residency — Where is your data physically stored?
- Vendor concentration — Do you depend on a single vendor?
- Exit strategy — Can you switch to another vendor?
- Migration costs — How much would switching cost?
- Geopolitical monitoring — Do you track regulatory changes?
How to interpret results
| Score | Level | Recommendation |
|---|---|---|
| 12—15 | High sovereignty | Regular quarterly review |
| 7—11 | Medium risk | Detailed Sovereignty Assessment |
| 0—6 | High risk | Priority resolution + workshop |
Why you need it
The Data Act and geopolitical developments are increasing the importance of technological sovereignty. The Quick Scan identifies whether you need a more detailed Sovereignty Assessment as part of L1 or as a standalone project.