Core Pillar 2A · Proprietary Framework & Platform

NS-AIGF v1.0

An integrated framework that simultaneously satisfies EU AI Act, ISO/IEC 42001, and NIST AI RMF obligations — consolidating fragmented compliance into a unified, evidence-based, board-ready model for continuous AI accountability.

60Governance Controls

7Governance Domains

43Global AI Frameworks

300Maturity Interpretations

L1→L5Maturity Scale

Framework NS-AIGF v1.0 · 60 AI Governance Controls Domains 7 Weighted Domains · Risk Classification · Transparency · Oversight Aligned EU AI Act · ISO 42001 · NIST AI RMF · OECD AI Principles Coverage High-Risk AI · GenAI · Foundation Models · Agentic Systems Output Board-Level AI Trust Reports · Governance Dashboards · Audit Trails Unified 3 Major AI Governance Frameworks Consolidated into One Assessment Platform Paxley · Continuous NS-AIGF Monitoring Framework NS-AIGF v1.0 · 60 AI Governance Controls Domains 7 Weighted Domains · Risk Classification · Transparency · Oversight Aligned EU AI Act · ISO 42001 · NIST AI RMF · OECD AI Principles Coverage High-Risk AI · GenAI · Foundation Models · Agentic Systems Output Board-Level AI Trust Reports · Governance Dashboards · Audit Trails Unified 3 Major AI Governance Frameworks Consolidated into One Assessment Platform Paxley · Continuous NS-AIGF Monitoring

What Is NS-AIGF v1.0 and Why Was It Built?

The Nucleus Systems AI Governance Framework and Maturity Measurement Model (NS-AIGF v1.0) was purpose-built to address the single most critical governance gap of our era: organisations are deploying AI at speed while governing it at near-zero velocity.

The EU AI Act carries penalties of up to 7% of global annual turnover. ISO 42001 certification is becoming part of enterprise procurement requirements. NIST AI RMF is board-level currency across 40+ jurisdictions.

NS-AIGF converts AI governance from regulatory anxiety into a managed, auditable, board-reportable programme with measurable progress.

EU AI Act

Up to 7% global turnover

Penalties for non-compliance with high-risk AI obligations

ISO/IEC 42001 · NIST AI RMF

40+ jurisdictions

NIST AI RMF is board-level currency; ISO 42001 entering procurement criteria

NS-AIGF Outcome

Regulatory anxiety → managed programme

Auditable, board-reportable AI governance with measurable maturity progress

Framework Architecture

Framework Domains & Coverage

7 integrated governance domains, 60 controls, one unified maturity score. Each domain carries a weighted allocation reflecting EU AI Act enforcement priorities — together they sum to 100%.

D1 18%

D2 22%

D3 15%

D4 12%

D5 12%

D6 13%

D7 8%

D1 — Governance AI Governance & Organisational Oversight 8 controls covering governance structure, executive accountability, AI policy frameworks, ethics committee, internal audit of AI systems, and board-level AI oversight

18% 8 CONTROLS

D2 — Risk & Compliance AI Risk Classification & EU AI Act Controls 8 controls covering AI system risk classification, EU AI Act Annex III obligations, high-risk AI documentation (Art. 11), human oversight mechanisms (Art. 14), conformity assessment (Art. 43), and incident reporting (Art. 73)

22% 8 CONTROLS — HIGHEST

D3 — Lifecycle AI Lifecycle & Model Governance 10 controls covering model registries, version control, testing gates, release management, shadow AI detection, model retirement, and lifecycle documentation

15% 10 CONTROLS

D4 — Data Data Governance for AI 8 controls covering training data quality, dataset bias assessment, privacy compliance for AI data, data minimisation, labelling governance, and data drift monitoring

12% 8 CONTROLS

D5 — Responsible AI Fairness, Explainability & Responsible AI 8 controls covering fairness testing across protected characteristics, explainability mechanisms, human override capability, ethical review processes, and fundamental rights impact assessment

12% 8 CONTROLS

D6 — AI Security AI Security & Operational Monitoring 10 controls covering AI endpoint access controls, prompt-injection prevention, adversarial testing, model-extraction protection, output monitoring, and AI supply-chain security

13% 10 CONTROLS

D7 — Audit Incident, Compliance & Auditability 8 controls covering AI incident management, regulatory reporting, audit trail maintenance, continuous compliance monitoring, and third-party AI vendor risk management

8% 8 CONTROLS

Framework Specification

NS-AIGF provides a structured, measurable, and regulatory-aligned framework for operationalising AI governance, safety, security, and continuous assurance across enterprise AI ecosystems.

Controls	60 fully defined governance controls with core requirements, implementation guidance, and regulatory alignment citations for EU AI Act, ISO 42001, and NIST AI RMF.
Scoring Model	5-axis maturity assessment with domain weights reflecting EU AI Act enforcement priorities: D2 Risk & Compliance at 22% (highest weight, reflecting enforcement severity) through D7 Audit at 8%.
Maturity Scale	L1 Initial → L2 Managed → L3 Defined → L4 Quantitative → L5 Optimising — with 300 control-specific level interpretations (5 levels × 60 controls). L1 Initial L2 Managed L3 Defined L4 Quantitative L5 Optimising
Regulatory Alignment	Simultaneous alignment to: EU AI Act (Reg. EU 2024/1689) · ISO/IEC 42001:2023 · NIST AI RMF v1.0 · GDPR · POPIA · OWASP LLM Top 10 · OECD AI Principles
Scoping Mechanism	20-question organisational profiler automatically tailors control applicability to each client's context, AI footprint, sector, and regulatory jurisdiction.
Assessment Tool	8-module AI Governance Maturity Management Excel-Native Tool producing board-ready governance reports, prioritised improvement roadmaps, ISO 42001 readiness indicators, and longitudinal maturity tracking automatically.
Delivery Model	5-phase programme: Baseline Assessment → Gap Analysis → Remediation Programme → Assurance Review → Continuous Reassessment (quarterly or annual)
ISO 42001 Pathway	Integrated 5-phase certification pathway with Nucleus Systems as advisory partner from baseline through certification readiness.

AI Governance Framework & Maturity Measurement Platform

Paxley AI Governance & Maturity Management Platform

The technology delivery engine for NS-AIGF assessments and ongoing AI governance programmes. Provides a structured AI Trust Framework assessment engine, five-level maturity scoring with domain heatmaps, a policy library aligned to the EU AI Act and NIST AI RMF, regulatory alignment modules, AI risk register management, ISO 42001 readiness tracking, and board-ready reporting. Organisations can conduct self-assessments or run Nucleus Systems-facilitated governance programmes at scale.

See Paxley →

Services Delivered Under This Pillar

All services anchored to NS-AIGF v1.0 and delivered through the Paxley AI Governance Platform.

AI Governance Assessment & Maturity Programme

NS-AIGF assessment covering risk classification, governance gaps, and compliance posture — with board-ready AI Risk Report and 12-month roadmap.

EU AI Act Compliance Programme

End-to-end programme from Article 11 technical documentation through Article 43 conformity assessment for high-risk AI systems, with Nucleus as named advisory partner.

ISO 42001 Certification Management

Structured 5-phase certification pathway using NS-AIGF as the assessment instrument — gap analysis, remediation, and certification readiness reporting.

Board AI Risk Advisory

Translating AI risk into business and regulatory language for boards, audit committees, and investment committees — supporting AI disclosures in annual reports and regulatory filings.

Build an AI governance programme your board can stand behind

We scope NS-AIGF assessments to your current AI footprint and regulatory obligations, delivering a prioritised roadmap your board can act on.

Request a briefing →