.html Interactive Tool ✓ Professional Edition Updated Q2 2026

Pre-Deployment AI Safety Gate Tool

A structured go/no-go assessment covering 49 safety, security, and compliance requirements across 7 deployment gates. Guided wizard walks non-experts through the entire evaluation. 10 deployment templates pre-configure scoping for your exact use case. Profile-aware scoping filters out items that don’t apply to your system. Zero install, zero subscription, zero telemetry. Your data stays in your browser.

Safety Items

Deployment Gates

Templates

Install Required

NIST AI RMF 1.0 EU AI Act 2024 ISO 42001:2023 OWASP LLM Top 10 CSA MAESTRO

What This Capability Typically Costs

Organizations deploying AI systems without a structured pre-deployment review expose themselves to regulatory fines, data breaches, and reputational harm. GRC platforms bundle this capability into annual subscriptions that require onboarding, training, and budget approval before your team can run a single assessment. This tool is a focused, single-purpose gate. It covers the specific workflow of evaluating whether an AI system is safe to deploy, works immediately in your browser, and doesn’t require committing to a platform just to answer the question “is this ready?”

GRC Platform Pricing

Entry-level (Sprinto, Vanta)$5,000 – $15,000/yr

Mid-market (Hyperproof, ZenGRC)$12,000 – $72,000/yr

Enterprise (LogicGate, Archer)$25,000 – $150,000+/yr

Recurring$5,000+/yr

This tool

One-time purchase$299.00

RenewalNone. Yours forever

Guided wizard + PDFIncluded

8 framework crosswalkIncluded

One-time$299.00

$4,700+ first-year savings

vs. $5,000+/yr entry-level GRC platform. Own it forever

Platform pricing based on published 2026 rates from Sprinto, Vanta, Hyperproof, ZenGRC, and LogicGate

$299.00

One-time purchase · Instant download

✓Single .html file. Runs in any browser, no install, no subscription
✓49 safety items across 7 gates: Risk Classification, Security, Human Oversight, Reliability, Data Governance, Operations, Transparency
✓Guided Wizard Mode. Walks you through every item with plain-language questions and template pre-configuration
✓10 deployment templates: Chatbot, Knowledge Assistant, Decision System, Code Gen, Healthcare, HR, Fraud Detection, Agent, Marketing, Research
✓3 PDF reports (Certification Statement + Executive Summary + Detailed) via jsPDF. Branded, offline, no CDN
✓Auto-saves to browser localStorage. Your data never leaves your machine

.html Zero Install NIST AI RMF EU AI Act ISO 42001 OWASP LLM ✦ v1.0

🛡️

Functional Promise

If a formula, feature, or function isn’t working as expected. contact us and we’ll patch it. Custom modifications available upon request.

How It Works

Download. Open. Assess.

Download

Single .html file arrives instantly after purchase

Open in Browser

Double-click the file or drag into Chrome, Edge, Firefox

Pick a Template

Choose from 10 deployment profiles. Scoping auto-configures to your AI system type

Run the Gate

Walk through the guided wizard or use the expert checklist. Export PDF when done

No server, no login, no subscription. Your data auto-saves to your browser. Export anytime as JSON backup, CSV for spreadsheets, or branded PDF governance reports for stakeholders and auditors.

Key Feature

Guided Wizard Mode

Most pre-deployment checklists are spreadsheets full of jargon that require a security or compliance background to interpret. The Safety Gate’s guided wizard translates every requirement into a plain-language question and walks you through the assessment one item at a time.

How the wizard works

Select a deployment template to pre-configure scoping, then the wizard presents each gate in prioritized order based on your system’s risk profile.

Profile Setup

Choose from 10 deployment templates (chatbot, healthcare, agent, etc.) or configure custom scoping. LLM-specific items auto-hide for non-LLM systems.

Gate-by-Gate Walk-Through

Each item is presented as a plain-language question with context explaining why it matters and how to resolve gaps. Answer with one click.

Results & Export

See your readiness score, identify gaps, export the assessment as a branded PDF for sign-off, or switch to the expert checklist for deeper review.

The wizard and the expert checklist stay synchronized. Answers you give in the wizard appear in the checklist table, and edits in the checklist table are reflected back. Use whichever mode fits your workflow. Start with the wizard, finish in the checklist, or skip the wizard entirely if you prefer working from the full table.

Screenshots

See it in action

1 / 11

Click image or thumbnail to browse · 11 screenshots shown

Overview

What this tool does

Deploying an AI system without a structured safety review is how organizations end up in the headlines. Data breaches from unsanitized model outputs, regulatory fines from undocumented risk assessments, discrimination lawsuits from undetected bias, and reputational damage from hallucinating customer-facing chatbots. These are real failure modes that a pre-deployment gate is designed to catch before they reach production.

This tool structures that review into 49 concrete, assessable items organized across 7 deployment gates. Each item maps to specific requirements from NIST AI RMF, EU AI Act, ISO 42001, OWASP LLM Top 10, and CSA MAESTRO. Profile-aware scoping means you only see what applies to your system. A fraud detection model won’t see LLM prompt injection items, and a research prototype won’t see EU regulatory obligations.

The tool produces a clear answer: is this system ready to deploy, conditionally ready with documented exceptions, or not ready. That answer comes with evidence trails, owner assignments, and branded PDF reports that stakeholders and auditors can review independently.

What’s Inside

9 Tabs · Interactive Application

Real-time deployment readiness overview. Gate completion percentages, overall readiness score with color-coded status, risk category breakdown, priority distribution, and gap analysis. One-click launch into the guided wizard directly from the dashboard. Auto-refreshes as you complete assessment items.

Live MetricsWizard LaunchAuto-Refresh

Configure the AI system being assessed: name, version, deployment environment, risk tier, autonomy level, and scoping flags (EU market, personal data, health data, LLM usage, RAG, end users). Scoping flags automatically filter the 49 items to show only what applies to your specific system.

Profile Scoping6 Scope Filters

Full 49-item checklist with inline editing. For each item: status (Compliant, In Progress, Non-Compliant, N/A, etc.), priority override, evidence status, evidence location, owner, target date, scope override, and notes. Inline resolution guidance shows recommended actions without leaving the table. Filter by gate, status, priority, or scope.

49 ItemsInline GuidanceFilterable

Auto-generated executive view for leadership and board reporting. Overall readiness determination, gate-by-gate pass/fail status, critical item count, risk category heat map, and deployment recommendation. Designed to communicate assessment results to non-technical stakeholders.

Board-ReadyAuto-Generated

Visual mapping of each safety item to its source requirements across NIST AI RMF, EU AI Act, ISO 42001, OWASP LLM Top 10, CSA MAESTRO, MITRE ATLAS, and HIPAA. Filter by framework to see only relevant requirements. Useful for demonstrating multi-framework coverage to auditors.

5+ FrameworksCross-Reference

Tracks how assessment gaps map to regulatory exposure. Surfaces which open items create risk under specific regulations (EU AI Act penalties, HIPAA sanctions, GDPR enforcement). Helps prioritize remediation based on regulatory consequence rather than technical severity alone.

Penalty MappingPrioritization

Documents the scoring methodology, risk category taxonomy, framework alignment rationale, and item selection criteria. Provides auditors with the methodological basis for the assessment. Required for ISO 42001 conformity evidence.

Audit EvidenceMethodology

Timestamped audit trail of all assessment changes. Records scope overrides with rationale, status changes, and evidence updates. Provides tamper-evident documentation of assessment evolution for governance reviews.

Audit TrailTamper-Evident

Terms, licensing, and how-to-use guidance. Explains how to open the tool, configure a profile, run the wizard, and export results. Includes data handling notice confirming all data stays in your browser.

OnboardingUsage Guide

The 7 Gates

What gets assessed before deployment

EU AI Act risk tier classification, AI system impact assessment (ISO 42005), fundamental rights impact assessment, stakeholder identification, and lifecycle risk management verification. Establishes the risk baseline that determines which downstream gates activate.

6 ItemsEU AI Act Art. 6ISO 42005

Prompt injection testing, data disclosure testing, output sanitization, supply chain integrity (AI-SBOM), adversarial red teaming, input validation, API security, and secure serialization. LLM-specific items (prompt injection, system prompt leakage, prompt firewalls) auto-scope based on your system profile.

10 ItemsOWASP LLM Top 10LLM-Aware Scoping

HITL/HOTL/HOOTL classification, kill-switch verification, graded response levels, operator training, override logging, and meaningful human review (GDPR Art. 22). Fully autonomous systems trigger priority escalation across all items.

6 ItemsEU AI Act Art. 14GDPR Art. 22

Hallucination rate measurement, grounding mechanism validation, real-world accuracy testing, citation verification, performance thresholds, and output consistency testing. Hallucination measurement auto-scopes to LLM systems only.

6 ItemsNIST MEASUREISO 42001 A.7.4

Training data provenance, bias evaluation across protected classes, PII/ePHI handling, DPIA completion, data minimization, and machine unlearning assessment. Personal data and health data items auto-scope based on your system profile.

6 ItemsGDPR Art. 35HIPAA

LLM observability stack, production guardrails, rollback plan, incident response procedures, performance degradation detection, audit trail integrity, and post-market monitoring. LLM-specific monitoring items auto-scope based on your system profile.

7 ItemsEU AI Act Art. 72ISO 42001 Cl. 9

Model card completion, end-user transparency, EU AI Act Annex IV technical documentation, deployer instructions, explainability assessment, acceptable use policy, QMS coverage, and EU Database registration. End-user and EU-specific items auto-scope based on your system profile.

8 ItemsEU AI Act Annex IVArt. 49

Audience

Who uses this tool

🛡

CISO / Security Lead

Runs the gate before any AI system reaches production. Uses the Executive Summary PDF to report deployment readiness to the board. Relies on the Security gate to verify adversarial robustness.

📋

Compliance Officer

Uses the framework crosswalk to verify multi-standard coverage. Runs the Regulatory Watch tab to identify which open items create the highest enforcement exposure.

📈

AI / ML Engineering Lead

Works through the expert checklist to document security testing, accuracy metrics, and operational readiness. Uses the guided wizard for first-time assessments on new system types.

🔍

Risk / GRC Manager

Uses the dashboard to track gate completion across the portfolio. Exports assessments as JSON for organizational archiving. Assigns owners and target dates for remediation tracking.

Framework Alignment

Standards coverage

NIST

NIST AI RMF 1.0

Gate structure aligned to GOVERN, MAP, MEASURE, and MANAGE functions. Risk classification supports MAP requirements. Monitoring items address MEASURE and MANAGE continuous improvement.

MAP 1.1MEASURE 2.1MANAGE 4.1

EU AI Act 2024

Risk tier classification per Art. 6 and Annex III. FRIA for high-risk systems. Human oversight per Art. 14. Technical documentation per Annex IV. Post-market monitoring per Art. 72.

Art. 6Art. 9Art. 14Annex IIIAnnex IV

42001

ISO/IEC 42001:2023

Supports risk assessment (A.5.3), risk treatment planning (A.5.4), documented information (Cl. 7.5), and performance evaluation (Cl. 9). Assessment methodology satisfies management system requirements.

A.5.3A.5.4Cl. 7.5Cl. 9.1

OWASP

OWASP LLM Top 10

Gate 2 Security items map directly to OWASP LLM Top 10 vulnerabilities: prompt injection, sensitive info disclosure, supply chain, insecure output handling, and insecure plugin design.

LLM01LLM02LLM03LLM05

Value Proposition

Why not a spreadsheet or internal checklist?

✓ This Tool

✓Guided wizard walks non-experts through every requirement with plain-language questions.

✓Profile-aware scoping. Only shows items relevant to your AI system type.

✓Branded PDF reports for board sign-off and audit evidence, generated offline.

✓5-framework crosswalk (NIST, EU AI Act, ISO 42001, OWASP, CSA) built into every item.

✓Data stays on your machine. No third-party servers, no telemetry, no vendor lock-in.

✓One-time $200. No subscription, no per-seat fees, no annual renewal.

✗ Alternatives

✗Spreadsheets: No guided workflow, no scoping logic, no PDF reports, manual framework mapping.

✗SaaS GRC: $15K–$100K/year, procurement delays, data sovereignty risk for assessment data.

✗Internal checklists: Typically outdated, missing framework updates, no scoring or analytics.

✗Consultants: $200–$500/hr for readiness assessments that become stale after delivery.

✗Ad hoc reviews: No standard structure, inconsistent coverage, undocumented gaps.

✗Free checklists: Generic, no LLM-aware scoping, no evidence tracking, no export.

“Why is this only $200?”

I’ve been building governance documentation since 2012. That year I helped my healthcare analytics company earn its first HITRUST certification. Since then I’ve created and managed compliance documentation for SOC 2, PCI DSS, HITRUST, and ISO 27001 programs across enterprise organizations. I have a writing degree and I genuinely like this work.

HITRUST CSF SOC 2 PCI DSS ISO 27001 14 Years in GRC Writing Degree

Credentials don’t explain the price though. This does:

I want AI adopted responsibly. I don’t want my friends, my family, or my kids dealing with threats and risks that come from deploying AI without governance. Organizations will take the path that earns them the most money. That’s how business works. So I feel obligated to put quality tools out at a price where governance isn’t something only Fortune 500 companies can afford. SaaS GRC platforms charge $15K–$100K per year. I’m charging $200 once.

You’re building something that matters. A safety assessment process that earns trust from your board, your customers, and your team. And it has to work.

The citations in these templates were checked against the published standards. The actual ISO 42001:2023 PDF, the EU AI Act regulation text, the NIST AI RMF 1.0 document, and the OWASP LLM Top 10. Control IDs, article numbers, framework crosswalks. This is practitioner-built tooling from someone who’s sat in the audits, written the remediation plans, and knows what survives a compliance review.

Derrick Jackson // Founder, Tech Jacks Solutions

Related Templates

Works with these

Single .html file
49 assessment items
7 deployment gates
Guided wizard mode
10 deployment templates
2 PDF report types
9 interactive tabs
JSON/CSV export
localStorage persistence
5-framework crosswalk
Works offline
Zero telemetry

AI Risk Register Tool →
Track identified risks after the gate assessment

AI Risk Treatment Tracker →
Manage remediation plans for failed gate items

★ BUNDLE DEAL. SAVE 30%

Get the complete AI Risk Management Command Bundle

Includes this Safety Gate Tool plus the Risk Register Tool, Treatment Tracker, 10 governance documents, and Excel workbooks. Everything you need for a complete AI risk program.

Important

This tool is a starting point, not a finished product. It provides a professionally structured pre-deployment safety assessment with verified framework citations to accelerate your AI governance program. It does not replace legal counsel, compliance review, or organizational judgment. Every organization is different. You’ll need to evaluate items in the context of your regulatory environment, risk tolerance, and operational requirements. Your data is stored locally in your browser via localStorage and is never transmitted to any server. You are responsible for backing up your data via the export function. Framework citations reflect standards as of Q2 2026. Single organization license. All purchases include a 14-day money-back guarantee.