Selected OneCompliant engagements across regulated enterprises — from a deployed AI governance programme at a Tier-1 European telecommunications operator to assessment, framework, and awareness work. Client identities are anonymised to respect confidentiality.
An end-to-end AI governance programme deployed across a major European telecommunications operator — 7,000+ employees, multi-language workforce, operating under NIS2 and GDPR. Shadow AI was spreading across business units with no runtime control and no audit trail. OneCompliant delivered assessment, governance framework, and organisation-wide awareness, adopted as operational standard by the CISO.
✓ AI governance architecture adopted as operational standard by the CISO
✓ 5 awareness videos produced and published on the official LMS
✓ EU AI Act, NIS2, GDPR, and NIST AI RMF mapped
✓ AI security briefing adopted as an operational reference
Each capability below has been delivered in the field. Details are anonymised; metrics reflect real programme outcomes.
A structured assessment of AI usage across a regulated enterprise — identifying where AI was being used, what data was at risk, and where the organisation was exposed under the EU AI Act, NIS2, and GDPR.
Result: shadow AI mapped across business units; prioritised governance roadmap delivered.An AI governance and control framework defining policy domains, authorisation boundaries, and accountability — aligned to the EU AI Act and NIST AI RMF.
Result: adopted as the operational standard by the CISO of a Tier-1 operator.An AI security awareness programme deployed across a large, multi-language workforce — delivered on the organisation's official learning platform.
Result: 7,000+ employees covered; 5+ languages; published on the official LMS.Translating AI governance maturity and AI attack surface into an underwriting-grade risk score that insurers and boards can act on. An emerging OneCompliant capability shown here as a representative scenario.
Outcome model: structured AI risk scoring to support cyber-insurance underwriting.Engagement details are anonymised to respect client confidentiality. Items marked Illustrative represent an emerging capability rather than a completed named engagement. References can be discussed under NDA.
Start with an OASAT assessment — a structured evaluation of your AI risk posture, regulatory gaps, and governance readiness. References available under NDA.