R Ready for AI

The 10-dimension framework

How we score AI readiness — defensible, standards-aligned, and the same every time.

Every Ready for AI engagement scores your organization across ten dimensions on a CMMI-style 0–5 maturity scale. The result is a single, defensible readiness picture aligned to NIST AI RMF and ISO/IEC 42001 — not another opinion deck.

The ten dimensions

  1. Strategy & Leadership. AI vision tied to business outcomes; exec sponsorship; budget; AI ownership; clear business alignment
    Anchors: NIST Govern · ISO 42001 §4-5 · McKinsey Strategy
  2. Use-Case Portfolio. Inventory + prioritization; opportunity matrix; ROI cases; AI-type fit
    Anchors: Liam Ottley matrix · PwC Business
  3. Data Foundations. Quality, accessibility, lineage, governance, integration, labeling
    Anchors: IBM Ladder · HIMSS AMAM · PwC Data
  4. Technology & Infrastructure. Cloud, APIs, integrations, security architecture, MLOps/LLMOps, model hosting
    Anchors: NIST Map · PwC Technology
  5. Security & Privacy. Information security, data protection, vendor/3rd-party risk, ePHI / FERPA / PII controls
    Anchors: NIST AI RMF + 800-53 · ISO 27001 · HIPAA Security Rule
  6. Talent & Culture. AI literacy, skills, training, change management, adoption appetite, resistance risk
    Anchors: McKinsey Capabilities · PwC Culture & Talent · BCG workforce transformation
  7. Process Maturity. Workflows documented; repetitive / high-friction / measurable tasks identifiable
    Anchors: Liam Ottley Ops Canvas · ISO 42001 §6-8
  8. Governance, Risk & Responsibility. Policies, AI inventory, risk tiering, human oversight, bias testing, explainability, audit trails
    Anchors: NIST Govern + Manage · ISO 42001 · CSA Agentic Profile · EU AI Act
  9. Vendor & Procurement Readiness. Build/buy/partner decisioning; vendor DD; contract templates; BAAs/DPAs; tool sprawl control
    Anchors: Ready for AI proprietary — differentiates vs single-vendor SaaS competitors
  10. Implementation Capacity & Operations. Can the org actually pilot, buy, build, deploy, train, monitor? Post-deploy monitoring; shadow-AI discovery
    Anchors: NIST Manage · Gartner TRiSM

The 0–5 maturity scale

Each dimension is scored independently; the aggregate maps to an overall readiness archetype from Laggard to Leader.

  • 0 — Absent. Not present.
  • 1 — Ad-hoc. Informal, scattered pilots, no governance.
  • 2 — Emerging. Some practices exist; first policies.
  • 3 — Defined. Repeatable processes; governance in place; scaled pilots.
  • 4 — Managed. Measured, monitored, ROI tracked, integrated into ops.
  • 5 — Optimized. AI-native; continuous improvement; agentic-capable; competitive advantage.