Blue River Responsible AI Scorecard

Executive-ready AI governance lens

Understand your Responsible AI posture in one structured scorecard.

Describe how your organisation uses AI today. The scorecard benchmarks your Responsible AI governance and overall AI maturity, then proposes a 90-day and 12-month roadmap.

Scores for Responsible AI governance across 9 domains
Scores for AI programme maturity across 7 dimensions
Executive summary, risks, and phased improvement plan
Government framework gap analysis (MAS FEAT, EU AI Act, EO 14110)

Start the assessment View user manual & methodology No production data required — you only provide a narrative description of how AI is used and governed today.

USER MANUAL · BLUE RIVER RESPONSIBLE AI SCORECARD

Designed for Chief Data/AI Officers, Risk, Compliance and Transformation leaders in enterprise and government.

1
Sign in with your Google workspace account. Enterprise authentication with audit logging. All assessments are tied to your identity and organization.
2
Go to "1 · Org Snapshot & Inputs". Capture organisation basics (industry, region, size), AI ambition, risk appetite, and a concise but honest description of how AI is currently used and governed.
3
Click "Run AI Governance & Maturity Assessment". The Worker sends your narrative through our AI and asks for a structured scorecard and advisory, based on reference governance domains including MAS FEAT, EU AI Act, and NIST RMF.
4
Review "RAI Governance Scorecard". You will see an overall governance score plus domain-level scoring and prioritised strengths/gaps/actions.
5
Review "AI Maturity Scorecard". This tab focuses on AI as a holistic programme: vision, use cases, data/tech, operating model, talent, RAI controls, and ecosystem.
6
Use "Advisory & Roadmap" for your board paper. Copy the executive summary, regulatory gap analysis, 90-day actions and 12-month roadmap into your decks.

Important: this tool provides AI-generated benchmarking and advisory for discussion. It is not legal advice, compliance approval, or a substitute for formal risk assessments.

Scope & Inputs

What do I need prepared?

Before running the assessment, it helps to have:

A clear list of key AI use cases (internal + customer-facing).
How decisions are currently made about AI (who approves, who owns models).
Existing policies, committees, or risk processes touching AI.
A view on your AI ambition for the next 12–24 months.

Methodology

How are the scores produced?

The prompts ask the model to:

Map your narrative onto 9 Responsible AI governance domains.
Map your narrative onto 7 AI maturity dimensions.
Score each 0–100 and assign a maturity level descriptor.
Highlight 3–7 strengths, 3–7 gaps, and 3–7 recommended actions.
Identify regulatory gaps against MAS FEAT, EU AI Act, EO 14110, PDPA.

Scores are directional, not absolute. The goal is structured discussion and prioritisation, not a "pass/fail" judgement.

Usage & Privacy

Data handling

This Worker:

Stores completed assessments in D1 database for your retrieval and comparison.
Maintains an audit log of all assessment runs and exports.
Stores your session in an HttpOnly cookie.
Sends your prompts to Cloudflare Workers AI for processing.

Avoid pasting highly sensitive details (named individuals, full confidential documents). Use anonymised, summarised descriptions where possible.

1 · Org Snapshot & Inputs

Describe how AI is used and governed in your organisation today. The richer the narrative, the better the insights.

🔒 Data Processing Notice: Your assessment inputs are sent to Cloudflare Workers AI for analysis and stored in our D1 database for your retrieval. Do not include named individuals, full confidential documents, or classified information. Use anonymised, summarised descriptions.

Organisation name

You can use an alias if you prefer (e.g. "Tier-1 bank in ASEAN").

Industry / sector

Primary geography / regulatory context

Organisation size

AI ambition (next 12–24 months)

Risk appetite for AI

1) Current AI footprint

Example: customer chatbots, credit scoring models, marketing personalisation, operations optimisation, document summarisation, software engineering copilots, etc.

2) Current governance, controls & processes 3) Pain points, incidents & external pressures 4) Aspirations / target state

💾 Auto-saving...

2 · Responsible AI Governance Scorecard

Strengths, gaps, and actions across the core governance domains.

— / 100

Overall governance level

Awaiting assessment

Domain scores

Top strengths

Top gaps / risks

Prioritised actions (next 6–12 months)

3 · AI Maturity Scorecard

How advanced your overall AI programme is across key dimensions.

— / 100

Overall AI maturity level

Awaiting assessment

Dimension scores

Top strengths

Top gaps / constraints

Prioritised actions

4 · Advisory & Roadmap

Use this as a starting point for your board paper or transformation roadmap.

Executive summary

Run an assessment to generate an executive summary of your Responsible AI and AI maturity posture.

Risks & watchpoints

Regulatory Gap Analysis

Run an assessment to see regulatory gaps against MAS FEAT, EU AI Act, PDPA, EO 14110, and other frameworks.

Roadmap

Next 90 days

Next 12 months

5 · Real-Time Compliance Alerts & Monitoring

Monitor compliance status and receive alerts for governance deviations.

Active Alerts

Real-time monitoring

Resolved Today

Last 24 hours

Warnings

Requires attention

Critical

Immediate action needed

Recent Alerts

⚠️

Governance Score Below Threshold

Overall governance score dropped below 70%. Review recommended actions.

2 hours ago

ℹ️

New Model Registered

GPT-4 Turbo has been added to the model registry. Compliance review pending.

5 hours ago

✅

GDPR Compliance Verified

Data protection assessment completed successfully for all active models.

1 day ago

6 · AI Model Registry & Risk Scoring

Track all AI models in use, their risk profiles, and compliance status.

Active Models

Fully Compliant

Pending Review

High Risk

Registered Models

GPT-4 Turbo

OpenAI

Low Risk

128K

Context

92%

Accuracy

2.1%

Hallucination

GDPR ✓ EU AI Act ✓ NIST RMF ✓

Claude 3.5 Sonnet

Anthropic

Low Risk

200K

Context

94%

Accuracy

1.8%

Hallucination

GDPR ✓ EU AI Act ✓ ISO 42001 Pending

Gemini 2.0 Flash

Google

Medium Risk

Context

89%

Accuracy

3.2%

Hallucination

GDPR ✓ EU AI Act Review NIST RMF Pending

Llama 3.2 70B

Meta (Open Source)

Medium Risk

128K

Context

87%

Accuracy

4.1%

Hallucination

Apache 2.0 ✓ GDPR Review EU AI Act Gap

Mistral Large 2

Mistral AI

Low Risk

128K

Context

91%

Accuracy

2.5%

Hallucination

GDPR ✓ EU AI Act ✓ NIST RMF ✓

Custom Credit Scoring

Internal

High Risk

N/A

Context

96%

Accuracy

0.5%

Error Rate

GDPR ✓ EU AI Act High-Risk Bias Audit Pending

7 · Remediation Workflows & Task Tracking

Track and manage remediation tasks to address governance gaps.

Active Workflows

Completed

Overdue

Active Workflows

Implement Data Governance Framework

In Progress

65% complete • 8/12 tasks doneDue: Feb 15, 2026

✓

Define data classification policy

✓

Establish data stewardship roles

Implement data lineage tracking

Deploy data quality monitoring

EU AI Act Compliance Assessment

In Progress

40% complete • 4/10 tasks doneDue: Mar 30, 2026

✓

Identify high-risk AI systems

✓

Map AI systems to risk categories

Conduct conformity assessment

Prepare technical documentation

Model Bias Audit - Credit Scoring

Pending

10% complete • 1/8 tasks doneDue: Jan 31, 2026

✓

Define protected attributes

Collect demographic test data

Run fairness metrics analysis

Document findings and remediation

8 · Reports & Export

Generate and download comprehensive compliance and governance reports.

Available Reports

📊 Executive Governance Summary

High-level overview of AI governance posture, key metrics, and recommendations for board-level reporting.

🛡️ Compliance Matrix Report

Detailed compliance status across all regulatory frameworks (EU AI Act, MAS FEAT, PDPA, NIST RMF, ISO 42001, EO 14110).

🤖 AI Model Inventory Report

Complete inventory of all registered AI models with risk scores, compliance status, and usage metrics.

⚠️ Risk Assessment Report

Comprehensive risk analysis including vulnerability assessments, threat modeling, and mitigation recommendations.

📈 Trend Analysis Report

Historical trends in governance scores, compliance metrics, and risk indicators over time.

9 · MCP Governance & Compliance Matrix

Track compliance across major international AI governance frameworks and standards.

Frameworks Tracked

78%

Overall Compliance

Gaps Identified

Governance Frameworks

EU AI Act

European Union

72%

Key Requirements

Risk-based classification system
Prohibited AI practices
High-risk AI requirements
Transparency obligations
Conformity assessment

NIST AI RMF

United States

85%

Core Functions

Govern - Establish accountability
Map - Identify AI risks
Measure - Assess risks
Manage - Prioritize & respond

ISO/IEC 42001

International

68%

Management System

AI policy & objectives
Risk assessment process
AI system lifecycle
Continuous improvement

MAS FEAT Principles

Singapore

65%

Core Principles

Fairness - No discriminatory outcomes
Ethics - Alignment with values
Accountability - Clear ownership
Transparency - Explainable decisions

Singapore PDPA

Singapore

88%

Data Protection

Consent obligation
Purpose limitation
Notification obligation
Access & correction
Protection & retention
Transfer limitation

US EO 14110

United States

70%

Executive Order Requirements

Safe & secure AI development
AI red-teaming standards
Dual-use foundation model reporting
Federal agency AI safeguards
AI talent recruitment

OECD AI Principles

Global

82%

Core Principles

Inclusive growth & well-being
Human-centred values
Transparency & explainability
Robustness & security
Accountability

GDPR

European Union

88%

Data Protection Principles

Lawfulness, fairness, transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity & confidentiality

G7 Hiroshima AI Process

G7 Nations

80%

Code of Conduct

Risk assessment & management
Adversarial testing
Content authentication
Privacy & IP respect
International cooperation

Compliance Matrix

Requirement	EU AI Act	MAS FEAT	PDPA	NIST RMF	EO 14110	Status
AI Risk Assessment	Compliant	Compliant	Compliant	Compliant	Partial	90%
Data Governance	Compliant	Compliant	Compliant	Compliant	Compliant	100%
Model Transparency	Partial	Partial	Compliant	Compliant	Partial	70%
Human Oversight	Partial	Compliant	Compliant	Compliant	Gap	65%
Bias & Fairness	Gap	Partial	Partial	Partial	Partial	50%
Incident Response	Compliant	Compliant	Compliant	Compliant	Compliant	100%

10 · Organization & Team

Manage your organization, invite team members, and configure departments.

Organization Loading...

Your Role Loading...

16 · Platform Administrator Panel

Hard-coded Blue River platform administrators are auto-promoted on Google login. Use this panel to verify users, roles and operational status.

👑 Auto-admin users: sngricky@yahoo.com, sngricky@blueriver.cc, chriscynda@yahoo.com, sngsuo@gmail.com, sngquintia@gmail.com

Total users—

Platform admins5

Assessments—

Evidence files—

Email	Name	Role	Tier	Status	Last Login
Loading users...

11 · Executive Dashboard

Organization-wide AI governance metrics and trends.

—

Avg Governance Score

Across all assessments

—

Avg Maturity Score

Across all assessments

—

Total Assessments

All time

—

Evidence Files

Uploaded

Recent Assessments

Score Trend (Last 5 Assessments)

Run multiple assessments to see trends

12 · Evidence Library

Upload and manage evidence files linked to assessments and governance domains.

Upload Evidence

Drag & drop files here or click to browse

PDF, DOCX, PNG, JPG (max 10MB)

Link to Assessment (optional)

Domain Tag (optional)

Uploaded Evidence

No evidence files uploaded yet.

13 · Assessment Versions & Comparison

Track how your AI governance posture evolves over time.

Select Assessment

GOVERN YOURAI RESPONSIBLY

PROFESSIONAL-GRADE TOOLS

Governance Scorecard

Risk Assessment

Compliance Mapping

Real-Time Alerts

Model Registry

Executive Reports

9 Governance Domains Assessed

REGULATORY FRAMEWORKS

MAS FEAT Principles

PDPA / IMDA

EU AI Act

EO 14110 / NIST RMF

ISO/IEC 42001

OECD / G7 Hiroshima

Trusted by Enterprise Leaders

Ready to govern your AI responsibly?

Assessment History ✕

Understand your Responsible AI posture in one structured scorecard.

Sign in

USER MANUAL · BLUE RIVER RESPONSIBLE AI SCORECARD

What do I need prepared?

How are the scores produced?

Data handling

1 · Org Snapshot & Inputs

2 · Responsible AI Governance Scorecard

3 · AI Maturity Scorecard

4 · Advisory & Roadmap

Executive summary

Roadmap

5 · Real-Time Compliance Alerts & Monitoring

6 · AI Model Registry & Risk Scoring

7 · Remediation Workflows & Task Tracking

8 · Reports & Export

📊 Executive Governance Summary

🛡️ Compliance Matrix Report

🤖 AI Model Inventory Report

⚠️ Risk Assessment Report

📈 Trend Analysis Report

9 · MCP Governance & Compliance Matrix

Key Requirements

Core Functions

Management System

Core Principles

Data Protection

Executive Order Requirements

Core Principles

Data Protection Principles

Code of Conduct

10 · Organization & Team

16 · Platform Administrator Panel

11 · Executive Dashboard

12 · Evidence Library

13 · Assessment Versions & Comparison

Version —

Version —

GOVERN YOUR
AI RESPONSIBLY

Assessment History