AI-enabled tooling to guide and advise employees in different roles in the organization.

Examples:

**Risk analysis**
- C-level: high level policies state that we analyse risks and identify mitigating measures when starting a new project
	- Policy_Agent drafts a context specific policy based on best practices
- Project manager:
	- Risk_Agent provides an overview of the steps to be taken, who to involve in what way (based on stakeholder analyses, creating a RASCI matrix) and guides the project manager through gathering the data. Maybe even plan meetings and send out invites.
- Integrate with project management and GRC software

**Vendor selection**
- C-level: high level policies state the security requirements for vendors and applications
	- Policy_Agent drafts a context specific policy based on best practices
- VendorQ_agent creates questionnaires to send out to a selection of vendors
- Q_Comparison_agent compares the returned questionnaires with the requirements and creates a table comparing the vendors

**Data classification**
1. questionnaire on how employees would classify different kinds of documents
2. a classification matrix is suggested based on the results
3. once the policy is established, this serves as a metric on how the perception of different groups of employees differs from the norm
4. develop interventions based on these differences

**Threat analysis**
- do a threat analysis, see [[Create a threat analysis chatbot]]


**Policy drafting**

**Auditing**
- a virtual auditor, that interviews you, and identifies areas for improvement

**Feed the bot**
- Blokdyk content
- NHC cases