Kettera AI Architecture Practice

Engine · runs in your browser

AI EA Maturity Assessment

Rate your AI estate against the six axes below. You get a radar, an overall Kettera Index (0–100), your three weakest axes, and a route straight into the matched content. The scoring is deterministic and published; nothing you enter leaves this page.

No data leaves your browser Self-assessment — indicative
01 Business Capability

Rate each: 1 Ad hoc · 2 Aware · 3 Defined · 4 Governed · 5 Optimised

We have mapped which business capabilities AI could augment or transform.
We prioritise AI investment by value and risk, not hype or vendor push.
We have a deliberate view of which capabilities stay human, augmented, or AI-native.
We track the realised business value of deployed AI, not just delivery.
02 Business Architecture

Rate each: 1 Ad hoc · 2 Aware · 3 Defined · 4 Governed · 5 Optimised

AI’s place in our value streams and human/AI hand-offs is documented.
We have decided our AI operating model (centre of excellence vs federated).
Decision rights for approving AI use cases are clear and assigned.
Accountable owners are named for AI use cases where required.
03 Application Architecture

Rate each: 1 Ad hoc · 2 Aware · 3 Defined · 4 Governed · 5 Optimised

We maintain an inventory of AI applications and embedded-AI features in use.
We have a build / buy / embed policy for AI capabilities.
The boundary between assistive and agentic AI is defined and controlled.
Shadow AI (unsanctioned tools) is discovered and brought into scope.
04 Data & AI

Rate each: 1 Ad hoc · 2 Aware · 3 Defined · 4 Governed · 5 Optimised

The data feeding our AI has known quality, lineage and provenance.
We can produce the data-provenance evidence an impact assessment requires.
We have an AI/ML reference architecture (model layer, vector/feature stores).
LLMOps — evaluation, monitoring, drift — is in place for deployed models.
05 Technology

Rate each: 1 Ad hoc · 2 Aware · 3 Defined · 4 Governed · 5 Optimised

Our AI platform and compute strategy is deliberate (sovereign vs hyperscaler).
AI-native security risks (prompt injection, model integrity, agent identity) are addressed.
We can exit or port an AI platform/provider without prohibitive lock-in.
Run-cost / FinOps for AI workloads is visible and managed.
06 Governance

Rate each: 1 Ad hoc · 2 Aware · 3 Defined · 4 Governed · 5 Optimised

Every AI use case is risk-classified before it is built or bought.
A review board or gate approves AI use cases against defined criteria.
We know which AU obligations (DTA, Privacy ADM, EU exposure) apply to each use case.
Guardrails, human oversight and incident handling are defined and operating.

How scoring works

Deterministic core, transparent by design.

Each axis carries four diagnostic statements you rate 1–5 on the maturity scale (Ad hoc → Optimised). The axis score is the average of its statements; the Kettera Index is the average across all six axes, expressed 0–100. No language model grades your estate — you can see exactly how every number is produced in src/lib/maturity.ts. AI is reserved for the edges (a plain-language explanation and a starter remediation note) and arrives as a Phase-1 server addition.

A reason to return.

Two mechanisms make this a posture, not a quiz: cohort benchmarking (you vs the AU gov/corporate cohort by sector, size and jurisdiction) and an obligation changelog that prompts a re-assessment when AU regulation moves. Both need a saved profile and arrive in Phase 2 — until then your score saves locally so a re-take shows movement, and benchmarking shows a “cohort forming” state.

Privacy by construction (spec §5.6): no organisation name or free text is collected, and benchmarking — when it opens — will use coarse segments only.