AI Security Assessment Platform
Know Your Score Before the Auditor Does
The delivery platform behind every Ayliea engagement — and yours to access between refreshes. Assess against 11 frameworks, get AI-powered remediation guidance, and keep audit-ready evidence organized between reviews.
Fixed-scope engagement · Signed deliverable package · Reproducible AISS scoring your auditor can verify
Category Scores
Top Recommendations
- Implement AI acceptable use policy
- Enable DLP for AI tool endpoints
- Audit shadow AI tool inventory
Assess against 11 frameworks — compliance, AI risk, and security
From Scoping Call to Signed Report in Four Steps
Book a scoping call
A 30-minute call to map the engagement to your AI surface and the requirements that gate you. We agree on scope and a fixed price before any work begins.
Answer Framework Questions
Work through questions mapped to official compliance controls. Save progress anytime — complete one category per sitting or power through in one session.
Get Your Score + Recommendations
Receive a weighted security score with category breakdown, AI-powered remediation recommendations validated against real playbooks, and a downloadable PDF report.
Prepare for Your Audit
Track remediation progress, attach evidence to every finding, and export a controls matrix. When the auditor arrives, your documentation is already organized.
See where your AI posture stands — free
Take the free AI Readiness Quiz — instant score, no account required.
Know exactly where you stand before your next audit. An Ayliea engagement identifies your gaps, builds your evidence base, and leaves you walking into that audit prepared — not scrambling. Your results live in the client portal we provision when the engagement begins, so your posture stays current between reviews.
WHO IT'S FOR
Healthcare, both sides of the transaction
The organizations adopting AI and the vendors who have to prove their AI is safe to sell into hospitals. We assess both — and other regulated industries on request.
Covered entities adopting AI
Clinics, practices, and provider groups bringing AI into clinical and administrative workflows. Your HIPAA risk analysis now has to cover where those tools send patient data — we assess it and document it.
Business associates & health-tech vendors
If you sell software or services into hospitals, you have to prove your AI safeguards before procurement clears you. A signed, independent assessment is the artifact that moves the deal forward.
Hospital security & vendor-risk teams
You're vetting the AI your vendors ship and the AI your staff quietly adopt. We map that surface and score it against the same standards your auditors and partners use — so third-party AI risk is documented, not assumed.
Compliance & risk leads
Cyber-insurance AI riders and customer security reviews are asking for an AI inventory and documented controls. We produce the inventory, the evidence, and a report you can hand over without a caveat.
Enterprise Security Posture — Without Enterprise Pricing
Ayliea gives growing teams the posture visibility that used to require six-figure platforms and a dedicated compliance team.
| Attribute | Enterprise GRC Platforms | Compliance Automation | Ayliea |
|---|---|---|---|
| Pricing | $10,000 – $100,000/yr | $4,000 – $15,000/yr | Free AISS self-assessment (no account); expert engagements from $6,500 |
| Setup Time | 6–12 month implementation | 2–3 month onboarding | Results in one session |
| Team Required | Dedicated compliance team | Security engineer | Expert-led — a named assessor does the work. |
| Frameworks Included | Per-framework pricing | 1–3 included, extras cost more | All 11 included |
Transparent, fixed-scope engagements
No hidden quotes and no surprise overages. We scope the assessment to your AI surface and the requirements that gate you, and map a fixed price to it on a short call.
Glass-Box scoring
Every category score is fully derivable from your answers and the published AISS methodology. Your auditor can reproduce the math from the public spec alone.
Open standard
AISS is published under CC-BY-4.0 at github.com/Ayliea/aiss. Fork it, audit it, or propose changes via the public RFC process — the standard belongs to the practitioner community.
Expert-led, not black-box
Every assessment is delivered by a named assessor who signs the output. You know who ran the engagement, what they assessed, and why the score is what it is.
Fixed-scope engagements. We map a price to your AI surface on the call.
About the AI Readiness Quiz: The self-service quiz above is a diagnostic tool to help you understand your AI security posture at a high level. Quiz scores reflect self-reported answers and are not independently verified. They are not a substitute for a professional assessment engagement. Book a scoping call to receive a signed, evidence-backed report from a named assessor.
FAQ
Common Questions
Every engagement is a fixed-scope assessment delivered by a named assessor. We scope the work to your AI surface on a 30-minute call, then run the assessment against the frameworks that gate you. You receive a signed 6-document package — scored posture, prioritized remediation plan, evidence index, compliance gap matrix, AI asset inventory, and an auditor-verifiable AISS report. No open-ended retainer; no generic outputs.
Book a 30-minute scoping call at ayliea.com/contact. We map the engagement to your AI surface and the requirements that apply, agree on a fixed price, and schedule the assessment. Engagement floors are published at /pricing — Focused from $6,500, Comprehensive from $15,000, Enterprise from $40,000; optional monitoring retainer from $9,000/yr.
Every engagement gives you a secure portal with 11 compliance frameworks (1000+ mapped questions), AI-powered remediation guidance generated from your assessment data, score history and trend tracking, branded PDF reports with compliance mapping, the AI System Registry, EU AI Act + NIST AI RMF risk classification, AI vendor risk questionnaires, and Trust Gap scoring (verified vs. self-reported posture). Your signed deliverables are owned by your organization, not licensed, and are exportable; portal access is included with the engagement and continues with the optional Monitoring Retainer. Published floors at /pricing — Focused from $6,500, Comprehensive from $15,000, Enterprise from $40,000; optional monitoring retainer from $9,000/yr.
Yes. vCISOs, MSPs, and consultants run Ayliea engagements on behalf of their clients. The client portal supports multi-seat collaboration and custom branded reports so your whole team works from the same assessment. We provision portal access for each engagement when it begins.
Our scoring engine uses weighted category averages mapped directly to official framework controls. AI recommendations are generated using an analysis engine validated against real compliance controls and remediation best practices, and every recommendation is verified against its source before presenting it to you. The system tracks feedback to continuously improve recommendation quality.
All data is encrypted in transit and at rest. Evidence file uploads are scanned for malware before being stored. Strict access controls ensure you can only access your own data. We follow NIST SP 800-63B password guidelines and never log sensitive user information.
Ready to Know Where You Stand?
We assess your AI surface against 10 control domains and the open AISS standard, then deliver a signed report your auditors, insurers, and partners accept as proof.
