Solutions Aegis Industries Insights Pricing Company Request Assessment
Case Studies

Governance that has been deployed, not just designed.

Selected OneCompliant engagements across regulated enterprises — from a deployed AI governance programme at a Tier-1 European telecommunications operator to assessment, framework, and awareness work. Client identities are anonymised to respect confidentiality.

Flagship Engagement — Tier-1 European Telecom

Enterprise AI Governance Programme for a Tier-1 European Telecommunications Operator

An end-to-end AI governance programme deployed across a major European telecommunications operator — 7,000+ employees, multi-language workforce, operating under NIS2 and GDPR. Shadow AI was spreading across business units with no runtime control and no audit trail. OneCompliant delivered assessment, governance framework, and organisation-wide awareness, adopted as operational standard by the CISO.

What was delivered

1OASAT Assessment — AI risk posture evaluated across all business units; shadow AI mapped; regulatory gaps identified against NIS2 and GDPR.
2OASF Framework — AI governance and control architecture delivered and adopted as the operational standard by the CISO.
3OASAP Programme — AI security awareness deployed across the organisation in multiple languages.
4Executive AI security briefing — emerging-risk briefing (agentic AI) delivered directly to the CISO and adopted as an operational reference.

Outcomes

7,000+
Employees covered by the awareness deployment
5+
Languages — awareness delivered on the official LMS
4
Regulatory frameworks mapped
CISO
Adopted the governance architecture as standard

✓ AI governance architecture adopted as operational standard by the CISO
✓ 5 awareness videos produced and published on the official LMS
✓ EU AI Act, NIS2, GDPR, and NIST AI RMF mapped
✓ AI security briefing adopted as an operational reference

Engagements by capability

Each capability below has been delivered in the field. Details are anonymised; metrics reflect real programme outcomes.

AI Risk Assessment · OASAT

Mapping shadow AI and regulatory gaps

A structured assessment of AI usage across a regulated enterprise — identifying where AI was being used, what data was at risk, and where the organisation was exposed under the EU AI Act, NIS2, and GDPR.

Result: shadow AI mapped across business units; prioritised governance roadmap delivered.
AI Governance Framework · OASF

A control architecture adopted as standard

An AI governance and control framework defining policy domains, authorisation boundaries, and accountability — aligned to the EU AI Act and NIST AI RMF.

Result: adopted as the operational standard by the CISO of a Tier-1 operator.
AI Awareness Programme · OASAP

Awareness across a multinational workforce

An AI security awareness programme deployed across a large, multi-language workforce — delivered on the organisation's official learning platform.

Result: 7,000+ employees covered; 5+ languages; published on the official LMS.
AI Insurance Readiness · OCiF

From governance maturity to an insurability score Illustrative

Translating AI governance maturity and AI attack surface into an underwriting-grade risk score that insurers and boards can act on. An emerging OneCompliant capability shown here as a representative scenario.

Outcome model: structured AI risk scoring to support cyber-insurance underwriting.

Engagement details are anonymised to respect client confidentiality. Items marked Illustrative represent an emerging capability rather than a completed named engagement. References can be discussed under NDA.

Work With Us

Ready to see what this looks like for your organisation?

Start with an OASAT assessment — a structured evaluation of your AI risk posture, regulatory gaps, and governance readiness. References available under NDA.

Request Assessment Explore Our Solutions