A field guide for governing the AI you already use.

Most of the AI in your business didn't arrive with a press release. It showed up inside Word, Outlook, Zoom, your CRM. CAIRN helps small Canadian teams keep track of all of it, agree on what it must never do, and write a policy you can actually stand behind.

Everything stays in your browser. Nothing is uploaded, no account required. Export to a file whenever you want a backup or to share with your team.

your steps to governance
  1. Take ten minutes to write down what's in use. Open the Inventory. We've pre-listed common tools that quietly added AI features such as Microsoft 365, Google Workspace, Salesforce, Zoom. Tick what your team uses, then add notes and refine each entry.

  2. Agree on what AI must never do here. Open Redlines and walk through the preset list with whoever needs to be in the room. Keep what fits, edit the language to match how your team functions, add your own.

  3. Build your Responsible AI policy template Once you've filled in your Inventory and Redlines, we can pull it all together into a Policy that you can circulate and sign.

grounded in established frameworks

CAIRN follows the work that came before it.

NIST AI RMF — function alignment

govern Redlines
Policy
map Inventory
measure Reviews
— coming
manage across all modules

Each CAIRN module maps to one of NIST AI RMF's four core functions.

01
NIST AI Risk Management Framework

U.S. National Institute of Standards and Technology, January 2023.

02
AIGN SME & Startup Framework

AI Governance Network — practical canvases for small teams.

03
OPC Principles for responsible generative AI

Federal & provincial Canadian privacy regulators on PIPEDA & AI, December 2023.

Read more about the frameworks behind CAIRN

Nothing leaves the browser.

CAIRN has no server and no account. Your inventory, your redlines, your draft policy all live in your browser.