The free service: an instant snapshot of where a firm stands, and a human-written AI policy mapped to NIST AI RMF and ISO 42001, delivered within 24 hours.
Updated July 2026
The AI Policy Blueprint is a free service for firms that need an AI policy, or want to know where they stand before writing one. It has two parts: an instant snapshot that runs on screen in about three minutes, and a concierge policy written for the firm by a person and delivered within 24 hours. Both are free for companies in the US and UK.
The snapshot asks a short set of questions across eight areas: the policy itself, the data that can enter AI tools, approved tools, visibility into AI use, human oversight, vendors and agentic AI, records and evidence, and training and response. The result is computed from the answers, not AI-generated, and it renders on screen with no account. An email is optional; it sends the full PDF report, and nothing is withheld without it.
What comes back:
The second door is for firms that want the policy itself. A compliance professional reads the intake and writes an AI governance policy for the firm, its sector, and where it operates, then sends it within 24 hours. It is human-built, not generated from a template, and it is free. The service is provided by Proxara cofounder Hemanth Tadepalli, a cybersecurity and compliance practitioner whose work spans Mandiant, Google, and May Mobility, with an M.S. in Cybersecurity from UC Berkeley.
The policy is aligned to NIST AI RMF and ISO 42001, with a regulatory cross-walk for the sector and a one-page quick-card a team can actually use. It runs from purpose, scope, and roles (with a named accountable owner) through approved and prohibited tools, data classification, human oversight, vendor and agentic AI, monitoring and records, incident handling, training, and enforcement. Appendices include an approved-tool register, a data-handling matrix, and an employee quick-card. The firm's counsel reviews and ratifies it before it becomes firm policy.
Open the AI Policy Blueprint and pick a door: run the snapshot, or request the written policy directly. No card, no account, no obligation. It is a planning tool, not a compliance audit, legal advice, or a certification.