Synthetic sample — illustrative only. This excerpt does not represent a real client, a real engagement, real client data, or any real person. The firm, the people, and every finding are fabricated to show the shape of a GuardXID AI Readiness Audit deliverable.

AI Readiness Audit · sample excerpt

What the report actually looks like

Built around Prairie Oak Law Group, a fictional 18-person estate-planning and small-business law firm (5 attorneys, 4 paralegals, 6 intake/admin, 2 billing, 1 office manager). Invented end to end. Every finding below is an access and exposure observation about the firm's tools and identity. None of it required reading a single client file or matter.

Executive summary

AI is already in use at Prairie Oak Law Group, but no one approved it, inventoried it, or set rules for it. Three of the AI tools we found arrived through software the firm already pays for, and two are personal-tier accounts staff adopted on their own. The more pressing finding sits underneath the AI question: identity. MFA is enforced for attorneys but not for intake or administrative staff, one shared front-desk login reaches both email and the document system, and two staff email addresses appear in known breach data. Because every AI tool is reached through a login, these gaps define the real boundary of what the firm's AI can touch, and today that boundary is wider than leadership believes. The opportunity is real, but the firm should close the access gaps before it scales AI, not after. We assessed the shape of the firm's workflows and identity. The container, never the contents.

Current-state assessment

Current tools

Six AI touchpoints in use, only one of which leadership could name unprompted. Embedded/vendor-enabled: Microsoft 365 Copilot in Outlook and Word, an AI summarization feature in the practice-management suite, and AI meeting-notes auto-enabled in the firm's video tool. Staff-adopted (personal-tier, never approved): a free consumer chatbot two paralegals use for drafting, and a free transcription app one attorney uses for client-meeting notes. No tool inventory exists, and no one owns which AI features may touch client information.

Access & exposure

The lens most AI consultants skip, and the one that matters most here. MFA is enforced for the 5 attorneys but only available, not required, for the 6 intake/admin and 2 billing staff, so 8 of 18 people can sign in with a password alone. A shared 'frontdesk@' login reaches both the inbox and the document system. Two staff email addresses appear in known breach data. Offboarding is informal: a paralegal who left ~4 months ago still had an active login at the time of our interviews.

Risk

Prairie Oak carries attorney-client confidentiality, privilege, and state bar professional-conduct duties over the data its tools can reach. The free-tier chatbot's train-on-input terms are incompatible with confidential content, and staff are currently free to paste anything into it. The unenforced MFA, shared login, breached credentials, and lingering access each widen the path into systems that hold privileged information. The firm's IT support watches the network and devices, but not the AI surface.

Opportunity

Real, and worth pursuing once the access gaps are closed. Intake summarization, first-draft document generation, and meeting-note capture are the highest-value, lowest-friction candidates. Paralegals are already doing this work by hand, which is a signal of demand rather than a forecast we invented. Governed onto a business-grade tool with proper data terms, this is a credible weekly time saving; ungoverned, the same activity is the firm's largest confidentiality exposure.

Access & exposure map

Who can reach what, and where it is exposed. Access findings only.

MFA enforced for attorneys, not for intake/admin/billing

8 of 18 staff can sign in to email and the document system with a password alone. MFA exists in the tenant but is not required for these roles.

Shared 'frontdesk@' login reaches email + document system

No individual attribution; password unchanged ~2 years. One credential opens two systems holding privileged information, and there is no way to tell who acted under it.

Two staff credentials in known breach data

Two firm email addresses appear in third-party breach lists. Anyone holding a reused or still-valid password can reach every AI tool and system that login opens. No policy closes a door a working password leaves open.

Free-tier chatbot with train-on-input terms

Used by 2 paralegals for drafting. The free tier's terms permit using submitted content to improve the vendor's models, which is incompatible with confidential client content.

Embedded AI features auto-enabled across owned software

Copilot (Outlook/Word), practice-suite summarization, and video meeting-notes were switched on by vendors. All are active and reaching firm data with no review of what they touch or retain.

Starter risk list

Each risk, who owns it, the action, and the framework it maps to.

Confidential client content entered into a free-tier chatbot whose terms allow training on input

Owner
Managing Partner (policy) + Office Manager (enforcement)
Action
Direct staff immediately to stop entering client information into personal or free AI accounts; stand up an approved business-grade tool with no-training data terms; issue a one-page interim acceptable-use rule pending the full policy.
Maps to
NIST AI RMF (GOVERN / MAP); ISO/IEC 42001; ISO/IEC 27001 A.5.10

MFA not enforced for intake, admin, and billing staff (8 of 18 accounts)

Owner
Office Manager (with IT provider)
Action
Enforce MFA tenant-wide for all roles, not just attorneys. Confirm enforcement rather than mere availability, and document any exception process.
Maps to
NIST CSF 2.0 PR.AA; ISO/IEC 27001 A.5.17 / A.8.5

Shared 'frontdesk@' credential reaching email and the document system with no attribution

Owner
Office Manager
Action
Replace the shared login with individual accounts and role-based access; where a shared mailbox is genuinely needed, use delegated access tied to named identities. Rotate the existing password immediately.
Maps to
NIST CSF 2.0 PR.AA-01; ISO/IEC 27001 A.5.16 / A.5.15

Two staff credentials present in known breach data; no breach monitoring in place

Owner
Office Manager (with IT provider)
Action
Force password resets on the two flagged accounts now; confirm MFA is active on them; stand up ongoing monitoring for credentials surfacing in future breaches, since exposure changes continually.
Maps to
NIST CSF 2.0 PR.AA / ID.RA; ISO/IEC 27001 A.5.7 / A.5.17

Prioritized roadmap

Now

days, mostly internal

Close the open doors first. Enforce MFA for all 18 staff; force-reset and re-secure the two breached credentials; retire the shared 'frontdesk@' login; issue a one-page interim AI rule telling staff to stop entering client information into personal or free AI accounts; adopt a same-day offboarding checklist and review for other stale logins. Removes the highest exposures without buying anything new.

Next

a few weeks

Govern the AI that is already here. Build the AI tool inventory and approved-use registry; write the acceptable-use policy and a plain-language data-classification quick reference; review the auto-enabled embedded features and decide deliberately what stays on; move the paralegals' drafting onto a vetted business-grade tool with no-training data terms. This is the AI Governance Foundation scope.

Ongoing

continuous

Make governance continuous and measured. Stand up recurring identity and exposure monitoring so newly breached credentials surface as they appear; add a measurement framework that tracks whether the approved tools actually save time; set a quarterly review of tools, access, and the risk list. The difference between a one-time snapshot and a program that stays true as staff, tools, and breaches change.

Yours is built on your real environment.

This is the shape of what the AI Readiness Audit produces: where AI actually stands in your business, what it can reach, and what to do first. Prairie Oak is invented; your report would be built on your real tools, access, and risks.

And as the sample shows, the findings are about access and configuration, never the contents of your work. How we handle your data.