Governance & Compliance
Governance that matches your actual risk, not a template.
Most AI governance programmes are built to check a box. They satisfy a policy requirement without reflecting how the organisation actually operates, what it actually deploys, or what it is actually liable for. Meninge builds governance that functions under scrutiny.
Most AI strategies are built for a single assumed future. We stress-test yours against multiple plausible scenarios, so your leadership team can defend their
decisions, not just explain them.
AIGP (IAPP) | NIST AI RMF | ISO 42001 | 25 Years Org Design
What Most Leaders Don't Know Yet
Governance requirements exist whether or not you've heard of them.
Governance requirements exist whether or not you've heard of them.
Who is accountable when your AI makes the wrong call? If the answer takes longer than ten seconds, that's a governance gap.
Most mid-market leadership teams know they're using AI. Far fewer know that regulatory obligations for how that AI is governed already apply to them, or will within 12 to 18 months. Hiring tools, automated decisions, vendor-supplied models, and customer-facing systems all carry accountability that sits with the deployer, not the vendor.
Strategy consulting firms hand you a deck. Meninge installs a living scenario portfolio your leadership team continues to use. The scenarios get refined as conditions change. The work stays
useful.
When something goes wrong, that liability does not transfer to the platform provider. It stays with your organisation. Governance is the structure that determines whether you are prepared when that happens.
Strategy consulting firms hand you a deck. Meninge installs a living scenario portfolio your leadership team continues to use. The scenarios get refined as conditions change. The work stays
useful.
Governance is not a compliance exercise. It is the structure your organisation relies on when something goes wrong.
How We Approach Governance
Governance is an organisational design problem.
Governance is an organisational design problem.
A policy document is not governance. Governance is who owns the decision, who reviews it, who escalates it when something goes wrong, and what happens next. It is the structure around the technology, not a document about it.
Scenarios are not forecasts. They do not tell you what will happen. They tell you what your organisation is prepared for, and where the gaps are. That shift — from prediction to preparedness
— is what separates this work from roadmap-and-hope consulting.
Scenarios are not forecasts. They do not tell you what will happen. They tell you what your organisation is prepared for, and where the gaps are. That shift — from prediction to preparedness — is what separates this work from roadmap-and-hope consulting.
Meninge builds governance to match the organisation's real risk profile, sized for mid-market reality, and grounded in AIGP-certified frameworks. The result is accountability that functions under scrutiny, not just on paper.
Every engagement uses a structured methodology grounded in Georgetown AI Scenarios training. The result is a set of tested strategic positions your leadership team can use, not a one-time
deliverable that gets filed away.
Every engagement uses a structured methodology grounded in Georgetown AI Scenarios training. The result is a set of tested strategic positions your leadership team can use, not a one-time deliverable that gets filed away.
We do not implement AI systems, select software, or manage change programmes. We design the governance architecture. Implementation partners operationalise it. That distinction keeps us upstream, where the consequential decisions are.
Every engagement uses a structured methodology grounded in Georgetown AI Scenarios training. The result is a set of tested strategic positions your leadership team can use, not a one-time
deliverable that gets filed away.
Every engagement uses a structured methodology grounded in Georgetown AI Scenarios training. The result is a set of tested strategic positions your leadership team can use, not a one-time deliverable that gets filed away.
01
Who Owns It
Identify the decision owner for every AI system in production. Governance begins with accountability — not policy, not tooling, not a committee name on a slide deck.
02
Who Reviews It
Build the review structure around real risk levels: what gets reviewed, how often, and by whom. Sized for mid-market reality — not a framework designed for a 10,000-person enterprise.
03
Who Escalates It
Define the escalation paths before something goes wrong. When an AI system produces a harmful outcome, the governance structure determines whether the organisation is prepared — or exposed.
Grounded In
AIGP (IAPP)
NIST AI RMF
ISO/IEC 42001
EU AI Act
Canadian AIDA
US State Regulations
Engagements
Named, scoped, with a deliverable
your board can evaluate.
Named, scoped, with a deliverable
your board can evaluate.
Each service has a fixed scope, a fixed timeline, and a clear output. Pricing is transparent. Work begins after a signed agreement and deposit.
01
Recruitment AI Governance Audit
2–4 weeks
Primary Entry Point
For: CHRO, VP People, VP Talent Acquisition, General Counsel
An independent audit of the AI tools your organisation uses across the recruitment lifecycle — sourcing, screening, assessment, scheduling, and decision support. This is Meninge's highest-credibility entry point. Martin brings 25 years of technical recruitment experience alongside AIGP certification. That combination is rare: the audit evaluates tools not only against governance frameworks but within the operational context of how hiring actually works.
What you walk away with
→
Complete inventory and risk classification of all AI-enabled recruitment tools
→
Regulatory compliance mapping across applicable jurisdictions (Canadian AIDA, US federal and state, EU AI Act for cross-border operations)
→
Bias and fairness analysis of AI-driven recruitment decisions
→
Transparency and explainability assessment across the full decision chain
→
Prioritised remediation roadmap: quick wins (0–30 days), medium-term (30–90 days), strategic (90–180 days)
→
Vendor governance review with contractual gap analysis
→
Process governance evaluation: who owns what, who escalates, and to whom
→
Board-ready compliance dashboard
01
Recruitment AI Governance Audit
2–4 weeks
Primary Entry Point
For: CHRO, VP People, VP Talent Acquisition, General Counsel
An independent audit of the AI tools your organisation uses across the recruitment lifecycle — sourcing, screening, assessment, scheduling, and decision support. This is Meninge's highest-credibility entry point. Martin brings 25 years of technical recruitment experience alongside AIGP certification. That combination is rare: the audit evaluates tools not only against governance frameworks but within the operational context of how hiring actually works.
What you walk away with
→
Complete inventory and risk classification of all AI-enabled recruitment tools
→
Regulatory compliance mapping across applicable jurisdictions (Canadian AIDA, US federal and state, EU AI Act for cross-border operations)
→
Bias and fairness analysis of AI-driven recruitment decisions
→
Transparency and explainability assessment across the full decision chain
→
Prioritised remediation roadmap: quick wins (0–30 days), medium-term (30–90 days), strategic (90–180 days)
→
Vendor governance review with contractual gap analysis
→
Process governance evaluation: who owns what, who escalates, and to whom
→
Board-ready compliance dashboard
02
Human-AI Workflow Design
4–6 weeks
For: VP of Operations, COO, CTO, VP of Technology
For organisations 6 to 18 months into an AI deployment that is underperforming. AI tools get added to workflows without the workflows being redesigned first. Nobody owns the output. Oversight exists on paper only. Role boundaries are unclear. A small error at step 2 of a 7-step process reaches the client at step 7 with no trace. This engagement maps every workflow where AI touches a decision, output, or communication, identifies where the handoffs are brokenor undefined, and redesigns those processes with clear oversight controls, role boundaries, and documented accountability. The output is a workflow architecture your operations team can act on —not a technology recommendation.
What you walk away with
→
AI touchpoint map: every workflow where AI currently touches a decision, output, or communication
→
Gap report with risk ranking: who owns the output, what the review mechanism is, what happens when AI is wrong, and where compliance exposure sits
→
Redesigned workflow documentation with decision rights matrix and oversight protocols
→
Role-level accountability written into the process, not just the org chart
→
Prioritised remediation roadmap: quick wins (0–30 days), medium-term (30–90 days), strategic (90–180 days)
→
Implementation brief and 90-day monitoring framework
→
For regulated industries: documentation suitable as evidence of due diligence in an audit
→
Board-ready compliance dashboard
02
Human-AI Workflow Design
4–6 weeks
For: VP of Operations, COO, CTO, VP of Technology
For organisations 6 to 18 months into an AI deployment that is underperforming. AI tools get added to workflows without the workflows being redesigned first. Nobody owns the output. Oversight exists on paper only. Role boundaries are unclear. A small error at step 2 of a 7-step process reaches the client at step 7 with no trace. This engagement maps every workflow where AI touches a decision, output, or communication, identifies where the handoffs are brokenor undefined, and redesigns those processes with clear oversight controls, role boundaries, and documented accountability. The output is a workflow architecture your operations team can act on —not a technology recommendation.
What you walk away with
→
AI touchpoint map: every workflow where AI currently touches a decision, output, or communication
→
Gap report with risk ranking: who owns the output, what the review mechanism is, what happens when AI is wrong, and where compliance exposure sits
→
Redesigned workflow documentation with decision rights matrix and oversight protocols
→
Role-level accountability written into the process, not just the org chart
→
Prioritised remediation roadmap: quick wins (0–30 days), medium-term (30–90 days), strategic (90–180 days)
→
Implementation brief and 90-day monitoring framework
→
For regulated industries: documentation suitable as evidence of due diligence in an audit
→
Board-ready compliance dashboard
03
AI Governance Readiness Assessment
4–8 weeks
For: General Counsel, Chief Compliance Officer, CTO, CEO
A comprehensive assessment of your organisation's AI governance posture across 10 dimensions. For mid-market companies that know they need governance but are unsure of their current position or where to start. Produces a structured maturity scorecard and a sequenced action plan, not a list of everything you're doing wrong.
What you walk away with
→
AI Governance Maturity Scorecard across 10 dimensions
→
Gap analysis per dimension against applicable regulatory requirements
→
Peer benchmarking where industry data is available
→
Prioritised governance action plan with sequenced implementation roadmap
→
Executive briefing presentation
→
Resource and capability requirements for each improvement phase
→
Board-ready governance posture summary
03
AI Governance Readiness Assessment
4–8 weeks
For: General Counsel, Chief Compliance Officer, CTO, CEO
A comprehensive assessment of your organisation's AI governance posture across 10 dimensions. For mid-market companies that know they need governance but are unsure of their current position or where to start. Produces a structured maturity scorecard and a sequenced action plan, not a list of everything you're doing wrong.
What you walk away with
→
AI Governance Maturity Scorecard across 10 dimensions
→
Gap analysis per dimension against applicable regulatory requirements
→
Peer benchmarking where industry data is available
→
Prioritised governance action plan with sequenced implementation roadmap
→
Executive briefing presentation
→
Resource and capability requirements for each improvement phase
→
Board-ready governance posture summary
04
Governance Org Design & Role Architecture
3–5 weeks
For: CEO, CHRO, CTO, General Counsel
Builds the organisational structure around your AI governance programme: who owns governance decisions, how they escalate, and how roles are defined and resourced. Grounded in 25 years of organisational design experience alongside AIGP certification. Governance structures are designed to hold across the organisation's scenario portfolio, not just the current operating environment.
What you walk away with
→
AI governance operating model design (centralised, federated, or hybrid)
→
Current compliance gap analysis with severity ratings
→
Governance committee structure and charter
→
RACI matrix for AI governance decisions and escalation
→
Portfolio installation session with your leadership team
→
Scenario-informed governance design: structures built to hold across plausible futures
→
Implementation roadmap with phased hiring and capability build plan
→
Executive briefing on governance operating model rationale
04
Governance Org Design & Role Architecture
3–5 weeks
For: CEO, CHRO, CTO, General Counsel
Builds the organisational structure around your AI governance programme: who owns governance decisions, how they escalate, and how roles are defined and resourced. Grounded in 25 years of organisational design experience alongside AIGP certification. Governance structures are designed to hold across the organisation's scenario portfolio, not just the current operating environment.
What you walk away with
→
AI governance operating model design (centralised, federated, or hybrid)
→
Current compliance gap analysis with severity ratings
→
Governance committee structure and charter
→
RACI matrix for AI governance decisions and escalation
→
Portfolio installation session with your leadership team
→
Scenario-informed governance design: structures built to hold across plausible futures
→
Implementation roadmap with phased hiring and capability build plan
→
Executive briefing on governance operating model rationale
05
Regulatory Compliance Mapping
2–4 weeks
For: General Counsel, Chief Compliance Officer, CTO
Maps your full AI regulatory exposure across jurisdictions and identifies the gaps between your current posture and what applies to you now and in the next 18 months. Built for organisations operating across multiple jurisdictions or in industries with active AI-specific regulatory development. Regulatory change is not theoretical for mid-market organisations operating in Canada and the United States.
What you walk away with
→
Jurisdiction, regulation, and requirement mapping matrix
→
Portfolio risk map with individual and aggregate risk scores
→
Regulatory change radar: upcoming obligations and anticipated impact timelines
→
Compliance priority matrix with sequenced action plan
→
Board-ready compliance posture summary
05
Regulatory Compliance Mapping
2–4 weeks
For: General Counsel, Chief Compliance Officer, CTO
Maps your full AI regulatory exposure across jurisdictions and identifies the gaps between your current posture and what applies to you now and in the next 18 months. Built for organisations operating across multiple jurisdictions or in industries with active AI-specific regulatory development. Regulatory change is not theoretical for mid-market organisations operating in Canada and the United States.
What you walk away with
→
Jurisdiction, regulation, and requirement mapping matrix
→
Portfolio risk map with individual and aggregate risk scores
→
Regulatory change radar: upcoming obligations and anticipated impact timelines
→
Compliance priority matrix with sequenced action plan
→
Board-ready compliance posture summary
06
AI Deployment Diagnostic
2–3 weeks
For: CEO, CTO, General Counsel
For organisations whose AI systems have underperformed, drifted, or failed. Many organisations discover the problem the hard way: outputs shift after a vendor model update, a workflow produces confident-sounding errors, or a decision gets made on fabricated information. This engagement maps what broke, why it broke, and what governance infrastructure was absent when it did. The diagnostic covers every AI system in production, whether model updates were tracked, how outputs are monitored, and where accountability sits when the system produces a wrong output. A 30-minute intake call confirms fit before any agreement is signed.
What you walk away with
→
Deployment inventory: every AI system in production, its function, and its decision exposure
→
Failure point analysis: where the breakdown occurred and the contributing conditions
→
Accountability gap map: who was responsible for what, and where the gaps are
→
Written diagnostic report (10–15 pages) delivered within 2 weeks of kickoff
→
Prioritised remediation recommendations with a sequenced action list
→
Clear path to deeper governance or strategy work where indicated
06
AI Deployment Diagnostic
2–3 weeks
For: CEO, CTO, General Counsel
For organisations whose AI systems have underperformed, drifted, or failed. Many organisations discover the problem the hard way: outputs shift after a vendor model update, a workflow produces confident-sounding errors, or a decision gets made on fabricated information. This engagement maps what broke, why it broke, and what governance infrastructure was absent when it did. The diagnostic covers every AI system in production, whether model updates were tracked, how outputs are monitored, and where accountability sits when the system produces a wrong output. A 30-minute intake call confirms fit before any agreement is signed.
What you walk away with
→
Deployment inventory: every AI system in production, its function, and its decision exposure
→
Failure point analysis: where the breakdown occurred and the contributing conditions
→
Accountability gap map: who was responsible for what, and where the gaps are
→
Written diagnostic report (10–15 pages) delivered within 2 weeks of kickoff
→
Prioritised remediation recommendations with a sequenced action list
→
Clear path to deeper governance or strategy work where indicated
07
Fractional Chief AI Governance Officer (CAIGO)
6-month minimum
Retainer
For: CEO, Board — companies needing senior AI governance leadership without a full-time hire
Ongoing senior AI governance leadership for mid-market organisations that cannot justify a full-time CAIGO. Martin serves as your organisation's AI governance lead: designing the programme, overseeing implementation, leading cross-functional governance groups, and reporting to the board. The fractional model is sized for mid-market reality, not scaled down from an enterprise template.
What you walk away with
→
AI governance operating model design and oversight
→
Regulatory compliance monitoring and proactive preparation
→
Vendor AI governance oversight and contractual requirements
→
AI risk monitoring, assessment, and escalation management
→
Cross-functional governance group leadership
→
Incident response leadership for AI-related incidents
→
Board reporting on governance posture, risk profile, and programme progress
→
Policy development, review, and maintenance
→
Continuity planning: assists with full-time hire transition when the time comes
07
Fractional Chief AI Governance Officer (CAIGO)
6-month minimum
Retainer
For: CEO, Board — companies needing senior AI governance leadership without a full-time hire
Ongoing senior AI governance leadership for mid-market organisations that cannot justify a full-time CAIGO. Martin serves as your organisation's AI governance lead: designing the programme, overseeing implementation, leading cross-functional governance groups, and reporting to the board. The fractional model is sized for mid-market reality, not scaled down from an enterprise template.
What you walk away with
→
AI governance operating model design and oversight
→
Regulatory compliance monitoring and proactive preparation
→
Vendor AI governance oversight and contractual requirements
→
AI risk monitoring, assessment, and escalation management
→
Cross-functional governance group leadership
→
Incident response leadership for AI-related incidents
→
Board reporting on governance posture, risk profile, and programme progress
→
Policy development, review, and maintenance
→
Continuity planning: assists with full-time hire transition when the time comes
Governance and Strategy Together
Governance tells you what to protect. Strategy tells you what to build.
Governance tells you what to protect. Strategy tells you what to build.
Every governance engagement surfaces strategic questions. When you map your regulatory exposure, you discover which AI investments carry more risk than your leadership understood. When you audit your recruitment AI, you find strategic blind spots about the tools themselves, not just the compliance gaps.
The Pressure Test is a half-day diagnostic session. Martin walks your leadership team through 2–3 industry-relevant scenarios to surface strategic blind spots.
No preparation required. You receive a written diagnostic summary within 48 hours.
When an AI deployment fails, the diagnostic question is rarely technical. It is structural: who owned the decision to deploy, who was monitoring outputs, and what accountability existed when something went wrong. Those answers connect directly to strategy.
The Pressure Test is a half-day diagnostic session. Martin walks your leadership team through 2–3 industry-relevant scenarios to surface strategic blind spots.
No preparation required. You receive a written diagnostic summary within 48 hours.
Those findings feed directly into Pillar One. Meninge's two-pillar structure is designed so that governance work and strategy work inform each other, not run in parallel on separate tracks.
It shows you where your AI strategy breaks under pressure, whether you have a strategy gap, a governance gap, or both, and which engagement makes sense next. Most clients move from the Pressure Test to a full strategy engagement. Some move to governance. The diagnostic tells you which.
Credentials
Every capability traces to a specific
credential.
Every capability traces to a specific
credential.
Not claimed experience. Verified training. Each pillar of Meninge's work
is anchored in a formal qualification.
Not claimed experience. Verified training. Each pillar of Meninge's work is anchored in a formal qualification.
01 — STRATEGY
Georgetown AI Scenarios
Georgetown University · April 2026
Scenario design, stress-testing, andstrategic preparedness methodology. The foundational credential for Meninge's scenario advisory practice.
02 — GOVERNANCE
AIGP (IAPP)
IAPP · AI Governance Professional
AI Governance Professional certification covering NIST AI RMF, ISO 42001, and cross-jurisdictional regulatory frameworks.
03 — ORGANISATIONAL
25 years of Human Resources and Organizational Design
Canada · United States · Europe · Asia
Human Resources and Technical and executive recruitment across organisations in Canada, the United States, Europe, and Asia — building the organisational intuition behind every engagement.
Most firms give you a report. Meninge gives you a position you can defend.
30 minutes, on the record, no obligation. We'll tell you whether we're the right fit before you spend a dollar.
meninge
AI strategy and governance for mid-market organisations.
Ottawa — serving Canada and the United States.
© 2026 Meninge
meninge
AI strategy and governance for mid-market organisations.
Ottawa — serving Canada and the United States.
© 2026 Meninge