Completion Summary
Checklist Completion Tracker
Use this summary to track your organization's overall compliance posture across all 40 controls. Present this page to your board, compliance committee, or insurer as evidence of governance due diligence.
Control Coverage by Framework
NIST AI RMF — Govern (6 controls)
_____ / 6 completed
NIST AI RMF — Map (4 controls)
_____ / 4 completed
NIST AI RMF — Measure (5 controls)
_____ / 5 completed
NIST AI RMF — Manage (3 controls)
_____ / 3 completed
EU AI Act Controls (5 controls)
_____ / 5 completed
HIPAA 2026 Controls (4 controls)
_____ / 4 completed
Legal — ABA Ethics Controls (3 controls)
_____ / 3 completed
Financial Services Controls (2 controls)
_____ / 2 completed
GovCon — OMB / CMMC Controls (2 controls)
_____ / 2 completed
Total Controls Completed
_____ / 34 applicable
Critical Controls Incomplete
_____ items
Immediate remediation required
Important Controls Incomplete
_____ items
Complete within 90 days
Recommended Next Steps
01Address all Critical controls within 30 days. Prioritize BAA execution and AI inventory completion as immediate actions requiring no budget.
02Commission a full AI Risk Assessment to produce a Signed Defensibility Report covering all applicable frameworks for your specific environment.
03Establish quarterly governance reviews to maintain compliance as regulations evolve. The EU AI Act and HIPAA guidance are actively updated.
Founder, Navard LLC
M.S. Cybersecurity · AIGP (IAPP) · CISM (ISACA)
navard.ai
contact@navard.ai
May 2026
This checklist constitutes AI governance information only and does not constitute legal advice. Navard LLC is not a law firm. Organizations should consult qualified legal counsel regarding the applicability of any regulation to their specific circumstances. Completion of this checklist does not constitute regulatory certification or guarantee of compliance.