Certified AI Governance Assessment (CAGA) — for businesses using AI
We evaluate your business across five categories — AI Governance, Data Security, Operational Safety, Compliance, and Risk Management. Each scored out of 100. You get a detailed findings report for each category, a platinum, gold, or silver verification status, a report ID, and an official certificate.
Back
Next
Section 1
Business Information
About Your Business
Business Name
Required
Business Email
Required
What Industry are you in?
Marketing/Advertising Agency
Consulting/Coaching
Legal/Compliance
Finance/Accounting
Healthcare/Wellness
Technology/SaaS
Real Estate
E-Commerce/Retail
Education/Training
Other
Where does your business currently use AI? (Select all that apply)
Client deliverables / work product
Marketing and content creation
Internal operations and admin
Sales and lead generation
Customer service / communication
Data analysis and reporting
Automation and workflows
HR or hiring processes
Financial processes
Other
Which AI tools does your business currently use (Select all that apply)
Chat GPT/Open AI
Claude (Anthropic)
Google Gemini
Microsoft Copilot
Jasper/Copy.ai
Midjourney/image generation tools
Automation tools (Zapier, Make, etc.)
CRM or sales AI tools
Custom or proprietary AI
Other
How many people are in your business?
Just me (solo)
2-5 people
6-20 people
50+ people
Section 2
Data Responsiblity
This section evaluates how your business handles client and business data when using AI tools.
Do you send real client data (names, emails, financials, personal information) into AI tools?
Never — we do not input real client data into AI
Sometimes — only non-sensitive information
Regularly — we input client data into AI tools
We are unsure what data our AI tools access
Do you anonymize or remove identifying information before entering data into AI tools?
Yes — always
Yes — most of the time
Rarely
No
Not applicable — we don’t input client data
Do you review AI-generated outputs before using them in client work or business decisions?
Yes — always reviewed by a human before use
Yes — most of the time
Sometime
Rarely or Never
Do you have an understanding of how the AI tools you use store or process data?
Yes — we have reviewed their data and privacy policies
Somewhat — we have a general idea
No — we have not reviewed this
We are unsure
Section 3
Transparency
This section evaluates how open your business is about its use of AI with clients and stakeholders.
Do you disclose to clients that AI tools are used in your business or on their work?
Yes — we always inform clients
Yes — when asked or when relevant
No — we do not disclose AI use
We are considering implementing this
Is your AI usage documented anywhere internally (policy, process doc, employee guidelines)?
Yes — we have a formal written policy
Yes — informally documented
No — not documented
In progress
Do your clients or customers have the ability to opt out of AI being used on their work or data?
Yes — we offer this option
No — but we plan to
No — this is not something we offer
Not applicable to our business
Do you represent AI-generated content or outputs as entirely your own original work without disclosure?
Never — we are transparent about AI involvement
Occasionally — in low-stakes situations
Sometimes
This is our standard practice
Section 4
Human Oversight
This section evaluates the level of human involvement and control in your AI-assisted processes.
Is a human always involved in reviewing final outputs before they are delivered to clients or published?
Yes — always
Yes — in most cases
Sometimes — depends on the task
No — outputs are often used directly
Does your business use AI to make final decisions that directly affect clients (pricing, recommendations, reports)?
No — humans make all final decisions
AI informs decisions but humans decide
AI makes some final decisions automatically
AI makes most final decisions
Do you have a process to catch and correct AI errors or hallucinations before they cause a problem?
Yes — we have a defined review process
Informally yes — team members check outputs
No — we rely on AI accuracy
We are developing this
How would you describe the role of AI in your business?
AI is a tool — humans lead all work
AI assists humans who remain in control
AI and humans share responsibility equally
AI leads most processes with minimal human review
Section 5
Risk Awareness
This section evaluates your business's awareness of AI-related risks and how you manage them.
Does your business have any internal guidelines or rules around how AI should and should not be used?
Yes — formal written guidelines exist
Yes — informal rules are understood by the team
No — we use AI without specific guidelines
We are working on this
Do you monitor for bias, inaccuracy, or ethical issues in the AI outputs your business produces?
Yes — we actively monitor for this
Sometimes — on sensitive topics
Rarely
No — we have not considered this
Are you aware of any laws or regulations in your industry related to AI use (such as data privacy, copyright, or disclosure requirements)?
Yes — we are aware and actively compliant
Somewhat — we have general awareness
No — we are not aware of specific regulations
We are researching this now
Has your business experienced any negative outcomes from AI use (errors delivered to clients, misinformation, data concerns)?
No — no issues to date
Minor issues that were quickly resolved
Yes — we have had notable issues
Yes — and it significantly impacted our business
Section 6
Final Questions
Is there anything else you would like us to know about how your business uses AI responsibly? (Optional)
Share any additional context, policies, or practices that reflect your commitment to responsible AI use.
Your Assessment Is Complete
Your responses will be analyzed to determine your organization’s AI Governance Score and eligibility for verification. If your organization meets the qualification threshold, you may unlock the Certified AI Governance Assessment (CAGA) and receive official verification materials. Verified organizations receive an official AI Governance Certification, a Responsibility Score with certification level, a Verification ID with QR authentication, a governance findings summary, and a shareable client-facing certificate.
Back
Next
Submit my answers
Should be Empty: