Current status: Commons Report Stage. The Cyber Security and Resilience (Network and Information Systems) Bill was reintroduced on 14 May 2026. Report Stage and Third Reading are currently scheduled for 16 June 2026. Future Parliamentary dates may be provisional. Royal Assent is not the same as commencement or enforcement.
AISEC-PRO

AI governance addresses emerging CSRB readiness obligations. Most MSPs have no framework, no policy, and no evidence trail. This fixes all three.

AISEC-PRO is a complete AI governance documentation toolkit, designed to support AI governance alongside CSRB readiness and NCSC CAF v4.0. It gives your MSP — and your clients — documentation to help build a formal AI governance posture: policy, asset register, risk assessments, board reporting, and incident runbooks. Instant download. Deploy on the day of purchase.

6
CSRB AI Governance — Areas Addressed

AISEC-PRO covers six practical AI governance areas MSPs should address: Acceptable Use Policy, AI asset inventory, risk assessment framework, board-level reporting, incident classification for AI-related events, and staff awareness evidence. AISEC-PRO provides a document for each one — pre-written and ready to support regulator-facing governance documentation.

6 AI governance
areas covered
£17m Max fine for
non-compliance
<1 day To deploy your
full AI framework
Complete AI Governance Toolkit — What You Receive
  • 1
    AI Acceptable Use Policy CSRB-Aligned · CAF v4.0 Mapped · Board-Ready · Editable A complete, formally structured Acceptable Use Policy covering all AI tools in scope for CSRB. Defines permitted use, prohibited activities, data handling requirements, disclosure obligations, and enforcement process. Pre-mapped to NCSC CAF v4.0 governance objectives. Replace your details and it is ready to adopt.
    AI governance area 1 CAF v4.0 mapped Board-ready Editable .docx
  • 2
    AI Asset Register Pre-Populated · MSP Tool Categories · Evidence-Ready · Regulator-Facing A structured register for documenting every AI tool in use across the organisation. Pre-populated with the most common MSP AI tools — Microsoft Copilot, AI-enhanced RMM features, scheduling assistants, LLM-based support tools. Completing this register supports CSRB AI governance area 2. The completed document helps create an evidence trail.
    AI governance area 2 Pre-populated Regulator evidence Excel .xlsx
  • 3
    AI Risk Assessment Framework Per-Tool Assessment · Risk-Rated · Mitigation Mapped · Audit Trail A structured risk assessment template for each AI tool in scope. Covers data classification risk, third-party processing exposure, output reliability risk, and regulatory non-compliance risk. Pre-populated with assessments for five common MSP AI tools. Each completed assessment is a dated, signed evidence document for the regulator.
    AI governance area 3 5 pre-populated tools Risk-rated Evidence trail
  • 4
    Board AI Governance Report Template Quarterly Reporting · Risk Summary · Policy Status · Incident Summary A structured quarterly report template for presenting AI governance status to senior leadership. Covers AI policy adoption status, asset register summary, risk position, incidents in the period, and recommended actions. Supports the CSRB board accountability requirement. Ready to complete and present without further preparation.
    AI governance area 4 Quarterly cadence Board-ready
  • 5
    AI Incident Classification & Runbook 4 Incident Types · Escalation Paths · Notification Triggers · Evidence Templates A structured runbook for classifying and responding to AI-related incidents — data leakage via LLM, shadow AI discovery, AI-generated misinformation in client deliverables, and model compromise. Each type has a defined escalation path and triggers for whether a CSRB 24-hour notification applies.
    AI governance area 5 4 incident types Notification triggers Escalation paths
  • +
    Bonus: Client-Facing AI Governance Statement White-Label · One Page · Procurement-Ready · Trust Signal A one-page AI governance statement for use in client proposals, tender responses, and procurement questionnaires. Confirms your MSP has an adopted AI policy, asset register, risk assessment programme, and board oversight. Pre-written and white-label — add your logo and send.
    White-label Procurement-ready Trust signal
Own MSP Use

Adopt the AUP. Complete the asset register. Run one risk assessment per active AI tool. Present the board report at your next governance meeting.

Client Delivery

Use the governance statement in proposals. Offer the full framework as a paid engagement. The asset register and AUP are natural paid deliverables from a client-facing AI audit.

Upsell Path

Clients who adopt AISEC-PRO need their staff trained on the AUP. AISEC-101 is the natural next step — a training session that makes the policy real for the people using it.

Common Questions
We already have a data protection policy — does that cover AI governance?
No. Data protection policies cover how personal data is processed. AI governance under the CSRB is a separate obligation covering how AI tools are selected, inventoried, risk-assessed, and overseen at board level. A GDPR-compliant data protection policy does not address any of the six practical AI governance areas — they require distinct, AI-specific documentation.
What format are the files?
The AI Acceptable Use Policy and Board Report Template are Word documents (.docx). The AI Asset Register and Risk Assessment Framework are Microsoft Excel workbooks (.xlsx). The AI Incident Runbook is a Word document. The Client-Facing Governance Statement is a Word document. All files are editable and ready to use on the day of purchase without additional software.
Can I use these documents with my clients?
Yes. Single organisation licence covers your own use and delivery to clients as part of paid engagements. The client-facing governance statement and asset register are designed specifically for this purpose. You cannot resell the toolkit itself as a standalone product to other MSPs.
How does AISEC-PRO relate to AISEC-101?
AISEC-PRO covers governance documentation — the formal framework, policies, and evidence trail. AISEC-101 covers staff awareness — making the AUP and acceptable use rules real for the people using AI tools day to day. Both address key areas of CSRB readiness. AISEC-PRO is the governance layer; AISEC-101 is the training layer that sits on top of it.
Is this a one-time purchase?
Yes. One-time purchase, single organisation licence, no ongoing fees. For ongoing intelligence on how AI governance obligations evolve as the Bill progresses and secondary legislation is published, CSRB-WATCH at £97/month keeps your framework current without repurchasing the toolkit.
AISEC-PRO AI Governance Toolkit cover

Six-document AI governance toolkit. Maps practical controls to likely governance expectations. Instant download.

What Happens After Purchase
  1. 1 Payment completes securely at checkout.
  2. 2 Download link delivered to your email automatically after checkout.
  3. 3 Start with the AUP — add your details and present for sign-off.
  4. 4 Complete the asset register, run your first risk assessment, schedule the board report.
Instant access

Instant download — yours to keep. Deploy it at your own pace.

Instant download · single organisation licence · six documents included
£497

Download link delivered automatically after checkout.
Full AI governance framework live the same day.

Need staff trained on the AUP too? See AISEC-101 →

Stay Current — Add CSRB-WATCH

AI governance obligations will evolve as secondary legislation is published post-Royal Assent. CSRB-WATCH delivers monthly intelligence updates and revised templates as the framework develops.
£97/month — cancel anytime.

Available as a post-purchase add-on — or view now.