Architecting Trust, Module 07: Your AI Readiness Self-Assessment

Banner, Your AI Readiness Self-Assessment: a consolidated resilience scorecard showing a readiness score, action and isolation metrics, an accountable owner, history, and a priority next action.
Score one AI system: weigh its exposure against your containment, and get a prioritized next step.
AraGrow
← Guide overview
Executive Guide · Part 7 of 7
Readiness Self-Assessment

Module 07 · The Finale

Your AI Readiness Self-Assessment

Everything you've learned, turned into a score for one real AI system, and a clear next step.

How to use this

  • Pick one AI system you use, are piloting, or are being pitched. Answer for that specific system.
  • It takes about ten minutes. There are no trick questions and no pass/fail; it's a map, not an exam.
  • You'll get a readiness band, a containment score, and a short, prioritized list of what to fix first.

Before you start

What this measures

This assessment scores two things and weighs one against the other. First, exposure: how much is genuinely at risk, based on the lethal trifecta from Module 02. Second, containment: how many of the defense layers from Module 06 you actually have in place. High exposure with low containment is the danger zone; the same controls that are overkill for a toy are essential for a system wired into your business.

It's built directly on the four questions you've carried since the introduction:

1 · What can it see?Private data in reach.
2 · Whose instructions reach it?Untrusted content it reads.
3 · What can it do?Actions it can take.
4 · Where must a human approve?The irreversible gate.
How to read your two scores

Two things to keep in mind as you score. Exposure and containment aren't fully independent; some moves lower both at once. Narrowing which data the AI can reach, for instance, shrinks what's at risk and counts as a containment layer, so don't be surprised when one good decision improves both columns. And these four questions are the backbone of the assessment, not the whole of it: the layers you'll score below also fold in measurement, logging, and governance, and a regulated or sector-specific use will carry its own requirements on top. The four axes are the structure everything else hangs from.

The assessment

Score one AI system

Part 1 · Exposure: the lethal trifecta

E1Can this AI access private or sensitive data: emails, customer records, files, contracts, a database?
E2Does it read content from outside your control: customer messages, web pages, uploaded documents, inbound email?
E3Can it take actions that send or change things: send messages, post, pay, refund, or update or delete records?

Part 2 · Containment: your defense layers

C1Least data: it can reach only the data its job actually needs, not everything.
C2Least privilege: its actions are scoped, read-only where possible, no powers it doesn't use.
C3Isolated input: untrusted outside content is kept from directly driving privileged actions (the vendor can explain how).
C4Human-in-the-loop: a person confirms the high-stakes, irreversible actions before they happen.
C5Guardrails: input/output filters exist, and are understood as one layer, not the whole defense.
C6Monitoring: you can review later what the AI saw and did; there's a log.
C7Measurement: quality and groundedness are tracked over time, not just judged at launch.

Part 3 · Governance: who owns it

G1Is there a named owner for AI risk: one person with authority to pause a launch?
G2Is there a written policy for what data and actions AI may touch, plus a basic incident plan?
G3If a vendor is involved: do your contracts cover the right to see evaluations and address liability?

Please answer the highlighted questions to get an accurate read.

Containment

Lowest-scoring areas

    This is a score, not advice. This self-assessment is an educational estimate, not a recommendation, an audit, or any guarantee of safety. A number can't see your full context or tell you whether a given risk is acceptable for your business. Understanding your real exposure, and deciding what to do about it, takes a qualified security and, where relevant, legal professional. Use this only as a starting point for that conversation.

    You've finished the guide

    The whole thing, in one breath

    An AI can't tell instructions from data, so everything it reads is a potential command. The dangerous attacks aren't typed by your users; they're read by your AI, and you can't reliably filter them out. So you contain: limit what it sees and does, keep a human in front of anything irreversible, measure quality continuously, stack independent layers, and name an owner for the day something goes wrong. There's no perfect fix, its makers say so, and you don't need one. You need a system whose failures are small and recoverable.

    Revisit any part:

    Where this can lead

    If you'd like a second set of eyes

    You can act on everything in this guide on your own; that was the point. But if your self-assessment turned up gaps you'd rather not navigate alone, that's the kind of work AraGrow does: senior technology leadership without the full-time executive cost, focused on practical outcomes rather than hype. And hold any partner, including us, to the standard this guide taught: a clear scope, the risk assumptions written down, and evaluations you can actually see. The goal isn't to trust that the containment is there; it's to be shown it.

    Fractional CTO

    Ongoing senior guidance to align AI and technology decisions with how the business actually needs to grow.

    AI risk audit

    A focused review of a real or planned deployment against the layers in this guide, and a plan to close the gaps.

    Roadmap session

    A working session to scope an AI use case sensibly and in phases, without overbuilding too early.

    Practical AI integration

    Implementation that reduces manual work and improves customer experience, with the containment built in from the start.

    A reasonable next step is a short discovery call, no preparation needed beyond the system you just scored. AraGrow works bilingually in English and Spanish.

    One honest closing note

    The specific attacks and tools in this guide will keep changing; that's the nature of the field. The principles won't: instructions and data are blurred, reach plus capability equals risk, filters are layers not walls, and accountability is human. As new modalities arrive, voice, video, code agents, they tend to add wrinkles, not new principles; they still map back to the same questions of who can influence the system, what it can reach, and who answers for it. This guide is educational, not legal or security advice for your particular system. Applying its principles will already put you ahead of common practice for everyday tools, but when a deployment touches personal data, money, safety, or a regulated sector, a qualified legal and security review stops being optional. You now have the judgment to know which situation you're in, and that was the whole goal. Treat it as a starting point to keep building on as the field moves, not a finish line.

    The one line to remember

    You don't need AI to be perfectly safe. You need it to fail small, and to know, before you launch, exactly how it's contained and who owns it.

    AraGrow
    Architecting Trust: An Executive's Guide to AI Risk & Readiness · Module 07 of 7 · Guide complete
    Prepared by AraGrow LLC · David Aragó, Fractional CTO · Minneapolis · Bilingual EN / ES
    ← Back to Blog Work With Me