R Ready for AI
Snapshot · General

Rate where your organization is today

For each statement, pick the level that best describes your organization. 0 means not present; 5 means optimized and a competitive advantage. First instinct is usually right.

Strategy & Leadership

2 questions

AI vision tied to business outcomes; exec sponsorship; budget; AI ownership; clear business alignment

Our organization has a written AI strategy approved by leadership.
AI initiatives have a named executive sponsor and a dedicated budget.

Use-Case Portfolio

2 questions

Inventory + prioritization; opportunity matrix; ROI cases; AI-type fit

We maintain an inventory of candidate AI use cases prioritized by value and risk.
Each candidate use case has a documented business owner and ROI hypothesis.

Data Foundations

2 questions

Quality, accessibility, lineage, governance, integration, labeling

Data needed for AI is accessible, governed, and of known quality.
We have a data catalog or lineage tooling that AI teams use.

Technology & Infrastructure

2 questions

Cloud, APIs, integrations, security architecture, MLOps/LLMOps, model hosting

We have a defined platform/architecture for hosting and integrating AI workloads.
APIs and integration patterns exist for AI to read from / write to our core systems.

Security & Privacy

2 questions

Information security, data protection, vendor/3rd-party risk, ePHI / FERPA / PII controls

AI systems are covered by our security review and access control processes.
We have documented controls for sensitive data (PII / PHI / FERPA / IP) in AI workflows.

Talent & Culture

2 questions

AI literacy, skills, training, change management, adoption appetite, resistance risk

Our workforce has accessible AI literacy training and clear acceptable-use guidance.
We have or can recruit the technical talent needed to build and operate AI.

Process Maturity

2 questions

Workflows documented; repetitive / high-friction / measurable tasks identifiable

Our core operational workflows are documented well enough to identify AI opportunities.
We routinely measure cycle time and quality for the workflows we'd target with AI.

Governance, Risk & Responsibility

2 questions

Policies, AI inventory, risk tiering, human oversight, bias testing, explainability, audit trails

We maintain an AI inventory with risk tier, owner, and last-reviewed date.
We have a documented human-in-the-loop policy for higher-risk AI decisions.

Vendor & Procurement Readiness

2 questions

Build/buy/partner decisioning; vendor DD; contract templates; BAAs/DPAs; tool sprawl control

AI tools go through a defined vendor due-diligence process before adoption.
Contracts with AI vendors include DPAs/BAAs, data-use terms, and exit clauses.

Implementation Capacity & Operations

2 questions

Can the org actually pilot, buy, build, deploy, train, monitor? Post-deploy monitoring; shadow-AI discovery

We have a track record of taking AI pilots from prototype into production.
Production AI is monitored post-deployment for drift, bias, and shadow-AI usage.