EU AI Act · DORA · NIS2

AI Governance Exposure Radar

Three frameworks. One control view. Enter your EU AI Act, DORA and NIS2 scores to see where the same AI governance weaknesses create exposure across multiple regulatory regimes.

This radar does not replace a legal assessment. It helps executives see where AI creates overlapping exposure — and where a single control gap can create multiple regulatory consequences.

Overall AI Governance Score
Adjust sliders to calculate
Weakest Framework
Priority Control Exposure
AI Governance Control Radar
Control View

Control View shows where one AI governance weakness may create exposure across multiple regimes.

Scenario Mode Scores are manually entered. Use for board scenarios and directional planning.

Inferred — not an audit result Control-domain scores are inferred from your framework scores unless detailed assessment data is imported. Treat this as a directional executive view, not a control-by-control audit result.

What to fix first — three weakest control domains
Priority 1
Adjust sliders to generate
Priority 2
Priority 3
AI Governance Posture Analysis

Adjust the sliders to generate your posture analysis.

Control DomainEU AI ActDORANIS2Why

The overall score is a synthetic executive indicator based on framework readiness and inferred control exposure. It is designed for prioritisation, not audit certification. EU AI Act weighted at 45%, DORA 30%, NIS2 25% for framework average. Control-domain scores are inferred from the three framework scores using weighting logic — treat as directional unless future versions import detailed domain-level assessment results. Generated:

For orientation only — not legal advice. All three frameworks are now either in force, applying progressively, or implemented through national regimes. The EU AI Act applies progressively, with many high-risk AI system obligations applying from 2 August 2026. DORA has applied since 17 January 2025. NIS2 required Member States to transpose by October 2024; national implementation and supervisory practice vary by Member State.

EU AI Act
AI System Governance
Manual input
50%
0 = Critical gaps · 100 = Audit-ready
DORA
Operational Resilience & ICT Third-Party Risk
Manual input
50%
0 = Critical gaps · 100 = Audit-ready
NIS2
Cybersecurity & Supply Chain Exposure
Manual input
50%
0 = Critical gaps · 100 = Audit-ready
AI Governance Score
50% framework + 50% control average
Score Reference
0–29 Critical Exposure — material gaps, immediate action required
30–54 Partial Coverage — foundations exist, AI controls incomplete
55–74 Controlled but Incomplete — good baseline, evidence gaps remain
75–89 Evidence-Led Posture — strong posture, manageable residual gaps
90–100 Board-Ready — mature, evidenced, actively maintained
How to use
Complete each assessment then enter your score, or drag sliders to explore scenarios for board conversations. The Control View shows where one weakness spans multiple frameworks.
→ EU AI Act Assessment → DORA Assessment → NIS2 Assessment