Independent Advisory

AI Governance,
Risk & Enablement
Advisory.

Helping regulated organizations govern AI safely — and use it effectively. Healthcare. Financial services. Legal. Government contractors.

Request a conversation →

i. The Problem

AI is moving faster than governance.

Regulators, boards, insurers, and customers are now asking how your organization manages AI risk. Federal agencies cite the NIST AI Risk Management Framework. State laws — Colorado SB 24-205, California AB 2013, NYC Local Law 144 — are creating real obligations. Cyber and E&O carriers are adding AI questions to underwriting. Procurement teams are sending AI security questionnaires.

“We’ll figure it out” is no longer a defensible answer.

ii. The Engagement

AI Governance Readiness Assessment.

A focused two- to three-week engagement that gives you a defensible answer to the questions you are now being asked.

iAn AI use inventory across your organization
iiA policy gap analysis against the NIST AI RMF — and where relevant, ISO/IEC 42001, HIPAA, and applicable state laws
iiiA starter AI risk register
ivA prioritized 90-day roadmap
vA board-ready summary

Fixed fee. Advisory only — no software to buy, no implementation lock-in.

iii. About

About Pathlight Advisory.

Pathlight Advisory is an independent AI governance, risk, and enablement practice serving regulated organizations.

The practice is led by Landon Mercer, who brings two decades of leadership across IT, cybersecurity, and compliance in regulated environments.

Pathlight works directly with clients — no subcontracting, no implementation services, no software resale. Advisory only.

iv. Contact

Let’s talk.

If you are being asked harder questions about AI than your current program can answer, a thirty-minute conversation is the right place to start.

hello@pathlightadvisory.com