Shadow AI, discovered · a service line of the AI Security & Cyber Risk practice readiness & advisory  ·  senior-only bench
§ AI Security & Cyber Risk·Shadow AI discovery·v2026.07

Find what your employees are already using — before a regulator or breach does.

Staff have not waited for a policy. They are pasting customer data, spreadsheets, and code into public AI chatbots, drafting with browser add-ins, and letting AI note-takers sit in confidential meetings — usually with good intent and no idea they have created an exposure. The Shadow AI Discovery + Policy Readiness Sprint is a fixed-scope, 3–4 week engagement that identifies the unsanctioned AI tools in use and the data flowing to them, assesses your policy and control gaps, and hands back a prioritized control roadmap and an AI acceptable-use policy framework you can put in front of your board.

Part of the AI Security & Cyber Risk practice · fees fixed in writing after scoping — see engagement models.

§ What this is

This is Discovery, not monitoring. The sprint is bounded to systems you already have access to and data sources you agree to in scoping — network, DNS, or gateway logs; SaaS and OAuth-grant inventories; expense and procurement records; and voluntary employee surveys and interviews. It is explicitly not covert surveillance, not employee monitoring, and not unauthorized access to any system. It is a readiness assessment and advisory work — a point-in-time exposure map and a roadmap, not a certification, a legal opinion, or a guarantee of any regulatory or examination outcome. The findings and the policy framework are yours to own; we work alongside your counsel, HR, and security team.

§A
The signals.
Where shadow AI actually shows up.

A shadow AI assessment that looks where the exposure really is.

Unsanctioned AI use rarely lives in one place. We assemble a picture from the sources you can see and the people who will tell you — then map each finding to the data it touches and the risk it carries.

Public chatbots

Data pasted into public AI

Staff paste customer records, financials, contracts, and source code into public generative-AI chatbots to summarize, draft, or debug. We look for the signal that this is happening and, with your team, the categories of data most likely leaving — without accessing the prompts themselves.

Browser & app add-ins

Unsanctioned add-ins and extensions

AI writing assistants, meeting summarizers, and browser extensions request broad access to mail, documents, and calendars through OAuth grants nobody reviewed. We inventory the connected third-party AI apps in your Microsoft 365 or Google Workspace tenant and flag the over-permissioned ones.

AI note-takers

Bots in confidential meetings

Automatic transcription and AI note-taker bots join calls where privileged, material, or customer-confidential matters are discussed, and quietly retain recordings in a third-party account. We surface where they are in use and the data-retention questions that follow.

Embedded & vendor AI

AI features switched on inside tools you already buy

Vendors ship AI features into the SaaS you already run, often on by default. We identify where AI has been enabled inside sanctioned tools and whether that changes what data is processed, where, and by whom — the line between shadow AI and a governed-replacement decision.

Team & department tools

Departmental AI subscriptions

Individual teams buy AI tools on a card or a free tier to move faster, well below the radar of IT and procurement. We review expense, procurement, and SaaS-spend records for the AI subscriptions that never went through review.

The people

What staff will tell you directly

The fastest route to the real picture is often to ask. We run short, voluntary, non-punitive surveys and interviews with a sample of team leads about how they actually use AI — framed to surface reality, not to catch anyone out.

§B
The boundary.
Discovery — not surveillance.

A bounded discovery — with a hard line on how we do it.

The value of this sprint is that it is defensible: bounded scope, agreed data sources, and no covert monitoring of your people. Being precise about that is the whole point.

What the sprint is

Bounded discovery + a control roadmap

  • A fixed-scope, 3–4 week engagement to identify unsanctioned AI tool usage and the data flowing to it, limited to accessible systems and the data sources we agree in scoping.
  • An assessment of your policy and control gaps against a proportionate baseline, framed with the NIST AI RMF and the generic supervisory expectations that already apply to your firm.
  • A prioritized control roadmap and an AI acceptable-use policy framework your team can adopt — findings and artifacts you own, not a binder.
What the sprint is not

Not covert monitoring, not certification

  • Not covert surveillance or employee monitoring — we do not read prompts, key-log, or watch individuals; surveys are voluntary and non-punitive.
  • Not unauthorized access — we work only within systems you grant access to and data sources you approve; nothing is touched outside that scope.
  • Not certification or legal advice — it is a point-in-time readiness assessment; it does not certify compliance, guarantee an examination outcome, or replace your counsel.
§C
The format.
Three to four weeks, fixed scope.

How the 3–4 week sprint runs.

A short scoping agreement up front, a focused discovery-and-assessment window, and a debrief that ends in a roadmap and a policy framework. Built for a compliance and technology calendar, not a six-month program.

§ The sprint·scope · discover · assess · roadmap

We keep it tight and senior-led, with the scope and data sources agreed in writing before any discovery begins:

Want a fast read before you scope? Start with the free Shadow AI Inventory Quiz — it runs entirely in your browser.

§D
The deliverable.
An exposure map + a roadmap.

You leave with an exposure map and a plan you can act on.

The sprint ends in artifacts your compliance committee, your CIO, and your board can use — a clear picture of what is in use, and the short list of moves that most reduce your risk. Not a certificate. A starting point you own.

§ You receive

A concrete read on your shadow-AI exposure the day the sprint closes:

  • A shadow AI exposure map — the unsanctioned AI tools and AI-enabled features found in scope, each tied to the data it touches, the business function using it, and a banded exposure rating.
  • A policy and control gap assessment — where your current policy, access controls, and oversight are silent against a proportionate baseline framed with the NIST AI RMF and the supervisory expectations that apply to you.
  • A prioritized control roadmap — the handful of moves that most reduce exposure (sanctioned alternatives, access changes, DLP and egress controls, training), each with a suggested owner and sequence.
  • An AI acceptable-use policy framework — a structured, ready-to-adapt policy outline (scope, approved and prohibited tools, data-handling rules, review gates, and enforcement) your team finalizes with counsel.
  • A one-page brief for the board and the risk committee — what we found, what it means, and what you are doing about it, in language a non-technical reader can act on.
§ Scoped add-on·AI acceptable-use policy framework

Every sprint includes an AI acceptable-use policy framework outline. As a scoped add-on, we can extend that outline into a fuller, finalized AI acceptable-use policy tailored to your firm:

The policy framework is a readiness artifact and a starting point — you finalize and adopt it with your counsel. It is not legal advice.

§E
Who it's for.
The desk that answers for AI use.

Built for the people who own the policy — and the people who own the workforce.

Sponsored by compliance and technology leadership, and scoped so it opens the compliance-and-legal channel and the HR / people-ops channel at the same time — distinct from the technical CISO buyer, and a natural partner to privacy counsel.

Compliance

Chief Compliance Officer

You own the answer when an examiner or the board asks how AI use across the firm is governed. A discovered inventory and an acceptable-use policy framework turn "we're not sure" into a defensible, evidenced position.

Technology

CIO / CTO

You carry the data-flow and vendor risk of tools that were never reviewed. The exposure map tells you where AI is actually running, what it touches, and where a governed, sanctioned alternative removes the reason to go around you.

Governance

AI Governance Owner

You need a real inventory before any governance program means anything. The sprint gives you the shadow-AI baseline your policy, risk register, and roadmap all depend on — and the policy framework to build from.

§ Also at the table·HR / people-ops & privacy counsel

HR and people-ops are essential partners: acceptable-use policy, employee communications, training, and the voluntary, non-punitive framing that makes discovery work depend on them, which is why this engagement opens the people channel, not just the technical one. And privacy counsel is a natural secondary buyer — especially post-incident, when the question shifts to what personal or regulated data reached which third-party AI tool, and what the firm must do about it.

Start free · client-side

Start with the free Shadow AI Inventory Quiz.

Before you scope a sprint, get a read. Answer ten questions about your current visibility into employee AI-tool use and our free, 100% browser-local Shadow AI Inventory Quiz returns an exposure score, the common unsanctioned AI tools in your industry, and a sample AI acceptable-use-policy framework outline. Nothing you enter leaves your browser. Bring the output to a scoping call and we turn it into a real discovery.

What does it cost? The fee is fixed in writing after a short scoping call — it scales with the number of systems and data sources in scope and whether you add the fuller acceptable-use policy build, not your headcount. See the non-binding market-estimate ranges for this and every DSE engagement on the pricing page.

See engagement models
§F
Questions.
Straight answers.

Common questions.

What compliance, technology, and people leaders ask before they scope a shadow AI discovery sprint.

What is a shadow AI assessment?+

A shadow AI assessment is a structured discovery of the unsanctioned AI tools your employees are already using and the data flowing to them — public chatbots, browser and app add-ins, AI note-takers, AI features switched on inside tools you already buy, and departmental subscriptions bought below procurement's radar. DSE delivers it as a fixed-scope 3–4 week sprint that ends in an exposure map, a policy and control gap assessment, a prioritized control roadmap, and an AI acceptable-use policy framework. It is Discovery, not monitoring: a readiness assessment, not a certification or an audit.

How do you discover unsanctioned AI tools without surveilling employees?+

We work only within systems you already have access to and data sources you agree to in scoping — connected-app and OAuth-grant inventories in your Microsoft 365 or Google Workspace tenant, SaaS-spend and procurement records, available network, DNS, or gateway logs, and voluntary, non-punitive surveys and interviews with a sample of team leads. We do not read prompts, key-log, monitor individuals, or access anything outside the agreed scope. It is deliberately Discovery, not covert surveillance or employee monitoring, and the framing is designed to surface reality without putting anyone on the defensive.

What's in the AI acceptable use policy framework?+

The framework is a structured, ready-to-adapt outline for a GenAI policy for employees: scope and definitions, an approved-tool list and a request path for new tools, prohibited uses and the data that may never enter a public AI tool, data-handling and logging rules, human-review gates for AI-assisted decisions, and an acknowledgment, training, and review cadence. Every sprint includes the framework outline; as a scoped add-on we can extend it into a fuller, finalized AI acceptable use policy for financial services tailored to your roles and data. It is a readiness artifact and a starting point you finalize with counsel — not legal advice.

What common unsanctioned AI tools do employees use in financial services?+

The recurring categories are public generative-AI chatbots used for drafting, summarizing, and coding (for example ChatGPT, Gemini, Claude, or a browser Copilot); AI writing and email assistants added as browser extensions; AI meeting note-takers and transcription bots that join calls; AI coding assistants used by engineering; and AI features quietly enabled inside SaaS tools the firm already licenses. The exact mix depends on your stack — the free Shadow AI Inventory Quiz returns a common-tools list tuned to your industry, and the sprint replaces that with what is actually in use in your environment.

How much does the sprint cost?+

The fee is fixed in writing after a short scoping call and scales with the number of systems and data sources in scope and whether you add the fuller acceptable-use policy build, not your company size. We publish non-binding market-estimate ranges for every engagement, including this one, on the engagement models page.

Last reviewed: 2026-07-03 · Initial release. The Shadow AI Discovery + Policy Readiness Sprint is a service line of the AI Security & Cyber Risk practice. All work is Discovery, readiness, and advisory — a bounded discovery limited to accessible systems and agreed data sources, plus an exposure map, gap assessment, control roadmap, and AI acceptable-use policy framework. It is not covert surveillance, employee monitoring, or unauthorized system access, and not a certification, legal advice, or a guarantee of any regulatory or examination outcome. The NIST AI RMF is referenced as a framework, not certified.