New AI Governance Framework 2026 now available. View Resource →

Cichocki Advisory · AI Evidence Readiness

Make AI decisions you can prove — without surrendering your knowledge.

Jan Cichocki helps CISOs, CIOs, General Counsel, and AI-governance leaders decide which AI uses are approved, under what controls, and with what evidence — so the decision stands up to board, audit, customer-risk, and legal review.

Principal-led · NDA-first · implementation-neutral. For the leaders accountable for AI decisions.

NDA-first Principal-led Implementation-neutral Evidence-ready Controls mapped to SOC 2 TSC
Who this is for

For leaders accountable for AI decisions.

CISOs, CIOs, CTOs, General Counsel, audit committees, and AI-governance leads are being asked the same question: where does our knowledge go when our teams use AI? The answer has to be operational, not theoretical — something you can show, not just assert.

Why Jan

Principal judgment from where governance, software, and evidence meet.

Jan Cichocki is Principal Advisor at Cichocki Advisory and Founder of ThreadSync. His advisory work focuses on the executive question behind AI governance: which AI uses are approved, under what controls, and what evidence proves the decision held. Cichocki Advisory is Jan’s solo principal advisory practice.

Evidence-first point of view

The work starts with records, approvals, retention, model touchpoints, and board-ready proof — not generic AI-strategy language.

Builder and advisor context

Jan brings software architecture and operator context to governance questions, while keeping the recommendations implementation-neutral.

Standards-aware, claim-careful

Analysis references NIST AI RMF, ISO/IEC 42001, EU AI Act considerations, and SOC 2 control mapping — without overstating certification or attestation.

Not sure where to start? Bring one AI workflow and the executive question behind it — Jan will confirm whether the Self-Check, the Diagnostic, or a confidential conversation is the right next step.

Start here

Start with one real workflow.

The Diagnostic maps a single AI workflow end to end — source knowledge, model touchpoints, approvals, logging, retention, human review, and evidence gaps. The output is a decision memo your security, legal, audit, and executive teams can use.

  1. Pick one workflow

    A real AI use your teams already run — or want to. 90–120 minutes, principal-led, under NDA.

  2. Build the decision record

    Which AI use is approved, under what controls, who signs off, where it's logged, and how long anything is retained.

  3. Find the evidence gaps

    The specific places where you couldn't yet prove the decision held — and what it would take to close each one.

  4. Get the memo

    A short, board-ready decision memo within five business days. $5,000 fixed fee.

The operating model

An executive operating model for AI evidence readiness.

AI evidence readiness isn't a slogan — it's four decisions you can assign, monitor, and prove.

Use case

Which uses are approved

The specific AI uses your teams run — named, scoped, and decided on purpose rather than by default.

Controls

What governs each use

The policy, approvals, and guardrails that apply before a use goes live — and who owns them.

Evidence

What proves the decision held

The records that make the decision defensible: who approved, what was reviewed, where it's logged, and what stands up to audit.

Accountability

Who signs off

The named accountability for approving, monitoring, and responding — so it survives an audit and a board question.

Recent thinking

The point of view behind the Diagnostic.

AI Evidence Readiness is not about saying yes or no to AI. It is about making the decision traceable — approved, controlled, owned, and provable — before audit, board, customer-risk, or legal review arrives.

Concrete starting points

Ways to begin — today.

Evidence Readiness Self-Check

Twelve questions across policy, control, evidence, and ownership gaps. Score shown immediately; an optional executive action plan by email — no cost, no signup friction.

Take the Self-Check →

AI Evidence Readiness Diagnostic

One workflow, 90–120 minutes, fixed $5,000 fee. Jan maps source knowledge, model touchpoints, approvals, logging, retention, human review, and evidence gaps — and you receive a board-ready decision memo within five business days: the decision, the top evidence gaps, control recommendations, and next steps. No obligation to continue.

Best for teams with one AI workflow already in use, under review, or blocked by security, legal, audit, or board questions.

View the Diagnostic →

Published Governance Analysis

Practical analysis on NIST AI RMF, ISO/IEC 42001, EU AI Act considerations, and board-ready operating models.

Read the analysis →

Frameworks & Guides

Resources leaders can use before an engagement — the same artifact types used in the Diagnostic methodology.

Browse resources →
How engagements work

Confidential and procurement-aware from the first conversation.

Advisory work touches sensitive strategy, security, vendor, and governance material. Engagements are NDA-first, scoped before discovery, principal-led, and implementation-neutral — the recommendation is the right control, not a product. Jan also founded ThreadSync, but Cichocki Advisory engagements are implementation-neutral — recommendations are not tied to ThreadSync adoption.

Honest by default

What this is not.

Not a certification claim

Controls may be mapped; an attestation is only claimed when it's explicitly documented.

Not a software funnel

The advice may well be to keep the stack you already have. Implementation-neutral, by design.

Not presentation-only advisory

The work is decisions, controls, and evidence — not a strategy presentation you file and forget.

Not a vendor bake-off

No disguised procurement. The output is your operating model, not a shortlist.

Decide which AI uses you can defend.

Book a confidential conversation to identify the workflow, the evidence gaps, and the decision path that matter first.

Confidential by default: no sensitive workflow detail is reviewed before scope and NDA are agreed.