Executive Readiness RoomTurn your ACRA Snapshot into governance priorities, ownership decisions, and a readiness roadmapAugust 19, 2026Apply for Your Seat → Executive Readiness RoomTurn your ACRA Snapshot into governance priorities, ownership decisions, and a readiness roadmapAugust 19, 2026Apply for Your Seat → Executive Readiness RoomTurn your ACRA Snapshot into governance priorities, ownership decisions, and a readiness roadmapAugust 19, 2026Apply for Your Seat → Executive Readiness RoomTurn your ACRA Snapshot into governance priorities, ownership decisions, and a readiness roadmapAugust 19, 2026Apply for Your Seat →
ACRA Executive Snapshot

How ready is your organization to govern AI-era risk?

A short, executive-level readiness indicator across the nine ACRA domains. Eighteen questions, about ten minutes. There is no score to pass, only a clearer picture of where deeper review may be needed.

18 Questions / 9 Domains / About 10 Minutes / Confidential

What this is, and is not.

This Snapshot is an executive-level readiness indicator designed to help leaders see where deeper review may be needed. It is not a certification, full audit, Comprehensive ACRA, or guarantee of cybersecurity, compliance, or AI governance maturity.

Please answer at the policy, governance, and leadership level. Direnzic uses your responses to generate your Snapshot and personalize readiness guidance.

For each question, choose the answer that most honestly reflects your organization today.

Domain 1

Governance Readiness

Who is accountable for AI governance in your organization, and how formally is that established?

What best describes your organization's AI governance or acceptable-use policy?

Domain 2

AI Usage Visibility

How well does your organization know which AI tools are officially approved and in use?

How much visibility do you have into AI tools staff use that have not been approved?

Domain 3

Cyber Hygiene

Can leadership get a current, reliable picture of the devices and systems you operate?

Can leadership get evidence that access is controlled, limited to those who need it, and protected by multi-factor authentication?

Domain 4

Vendor and Third-Party Risk

How well do you know which vendors you rely on and which carry the most AI or cyber exposure?

Before adopting an AI tool or service, how do you check the vendor, and do you require evidence from them?

Domain 5

Data Governance

How does your organization distinguish sensitive data from ordinary data?

How well do you know where your sensitive data lives and how it moves?

Domain 6

Incident Readiness

If you had a serious cyber or AI incident today, what would guide your response?

Does your incident planning address AI-specific events, not just traditional cyber incidents?

Domain 7

Workforce

How clearly do staff know what AI use is and is not acceptable in your organization?

Where AI outputs feed real decisions or work, are people expected to review them before acting?

Domain 8

Operational Resilience

If systems or data were lost, how confident are you that you could recover, and how do you know?

For operational technology, critical systems, business-critical platforms, or control systems, can leadership see evidence they are resilient to cyber or AI disruption?

Domain 9

Board Defensibility

Does AI and cyber risk actually reach your board, council, or governing body, with enough substance to govern it?

Is your governance activity documented well enough that you could show your work to a board, regulator, or insurer?

Before revealing your Snapshot, confirm that your answers reflect your organization's current documented posture, not your intended future state.

Please answer all 18 questions to see your readiness.
Almost there

Enter your details to generate your Snapshot.

We use these to generate your results, send a copy to your inbox, and personalize your Executive Readiness Room experience.

Please complete every field and check the box to continue.
Your readiness snapshot
Overall readiness
0 / 54
 
 

Your relative strengths

Your priority risk domains

All nine domains
The next step

Bring this readiness posture into the Executive Readiness Room.

Your Snapshot is a starting point, not the full picture. The next step is to bring this readiness posture into the Executive Readiness Room, where we will translate your results into governance priorities, ownership decisions, and a practical readiness roadmap.

Apply for the Executive Readiness Room

If your Snapshot revealed unclear ownership, weak evidence, vendor AI exposure, or gaps in incident response readiness, the Comprehensive ACRA provides the deeper nine-domain baseline your leadership team can review, defend, and act on.

This Snapshot is an executive-level readiness indicator, not a certification, a full audit, the Comprehensive ACRA, or a guarantee of cybersecurity, compliance, or AI governance maturity. Domain scores reflect relative readiness across the nine domains, not an objective measure of security.

>