Terms of Use & Privacy Disclosure
Please review the following terms carefully before using this assessment tool. By proceeding, you agree to be bound by these terms.
The DMS AI Governance Assessment (the "Service") is a self-guided assessment tool that evaluates your organization's AI governance posture against the NIST AI Risk Management Framework 1.0 (AI RMF 1.0). Based on your responses, the Service generates a risk maturity assessment report, prioritized recommendations, and customized AI governance policy documents.
This Service uses DMS Secure Processing, our AI governance policy pipeline built on the OpenAI API, to generate governance policies and recommendations. All policy documents and recommendations produced by this Service are AI-generated content.
Policies are generated based on: (a) your assessment responses; (b) official NIST AI RMF 1.0 guidance and the NIST AI RMF Playbook; and (c) industry best practices for responsible AI governance. While we strive for accuracy, AI-generated content may contain errors, omissions, or recommendations that require adjustment for your specific circumstances.
We take a security-first approach to protecting your information:
(a) Purpose Limitation: Your assessment data is collected and processed solely for the purpose of generating your customized report and AI governance policies. Aside from the limited contact use described in item (g) below, we do not use your data for any other purpose.
(b) No AI Model Training: Your data is NOT used to train AI models. Policy and recommendation generation is performed using the OpenAI API. Under OpenAI's API data usage policies, data submitted through the API is not used to train or improve OpenAI's models. DMS does not use your data to train any models of its own.
(c) Data Retention: Your assessment responses are retained by DMS for thirty (30) days to allow you to access your results, after which they are permanently deleted from our systems. Separately, our AI sub-processor (OpenAI) may retain API inputs and outputs for a limited period (up to 30 days) for abuse-monitoring purposes under its own data usage policies, after which it deletes them; OpenAI does not use this data to train its models. The limited contact details described in item (g) are retained beyond this window for support and follow-up. You may request deletion of your data at any time by contacting us at info@strategydms.com.
(d) Encryption: All data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256 encryption.
(e) Third-Party Processing: Aside from the limited contact use described in item (g) below, your assessment data is processed within the DMS Secure Processing pipeline solely for the purpose of generating your report and policies. That pipeline uses vetted infrastructure providers acting on our behalf under data processing terms: OpenAI (analysis and document generation, with model training on customer data disallowed), Pinecone (framework reference retrieval), Stripe (payment processing), and our email delivery provider (receipts and delivery notifications). We do not sell your data, and we do not share or disclose it to any other third parties except as required by law.
(f) Access Controls: Access to assessment data is restricted to authorized DMS personnel on a need-to-know basis for support purposes only.
(g) Contact Details Collected at Generation: When you generate your report or policy documents, the contact name, organization name, and contact email you provide in Section 1 are recorded and sent to DMS. We use these contact details to deliver your results, provide support, and follow up with you about your assessment and related DMS services. These contact details are retained beyond the thirty (30) day assessment window for the purposes described above, and you may request their deletion at any time by contacting us at info@strategydms.com. We do not sell your contact details or share them with unrelated third parties.
IMPORTANT: All AI-generated policies and recommendations must be reviewed by qualified personnel within your organization before adoption or implementation. You assume full responsibility for reviewing, modifying, and approving any policies before use.
Prior to implementing any generated policy, you should:
(a) Have policies reviewed by your leadership, legal counsel, HR, and/or compliance team as appropriate;
(b) Verify that all timelines, tool recommendations, and requirements are feasible for your organization;
(c) Modify policies to reflect your specific operational context, contractual obligations, regulatory requirements, and risk tolerance; and
(d) Ensure alignment with any existing policies, legal requirements, or industry standards applicable to your organization.
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, AND NON-INFRINGEMENT.
DMS does not warrant that: (a) the Service will meet your specific requirements; (b) the Service will be uninterrupted, timely, secure, or error-free; (c) the results obtained from the Service will be accurate, complete, or reliable; or (d) any errors in the Service will be corrected.
This Service is provided for informational and educational purposes only and does not constitute legal, regulatory, compliance, or professional advice. The assessment results and generated policies:
(a) Do not guarantee compliance with any law, regulation, standard, or framework, including but not limited to NIST AI RMF, EU AI Act, ISO 42001, GDPR, CCPA, or other applicable AI governance requirements;
(b) Do not guarantee protection from AI-related incidents, harms, or regulatory enforcement actions;
(c) Do not constitute certification, attestation, or regulatory audit readiness; and
(d) Should not be relied upon as a substitute for consultation with qualified legal counsel, certified AI risk professionals, or compliance experts.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL DMS, ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, DATA, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF THE SERVICE.
DMS's total cumulative liability arising out of or related to these terms or your use of the Service shall not exceed the amount you paid to DMS for the Service in the twelve (12) months preceding the claim, or one hundred dollars ($100), whichever is greater.
You agree to indemnify, defend, and hold harmless DMS and its affiliates, officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or in connection with: (a) your use of the Service; (b) your implementation of any policies or recommendations generated by the Service; (c) your breach of these terms; or (d) your violation of any applicable law or regulation.
You acknowledge that the quality and relevance of the Service's outputs depend on the accuracy and completeness of your assessment responses. You agree to provide truthful and accurate information to the best of your knowledge. You should answer questions based on your organization's current state, not aspirational goals or planned improvements. DMS is not responsible for inaccurate outputs resulting from incomplete, inaccurate, or misleading information provided by you.
The Service, including its underlying technology, methodologies, and templates, is the property of DMS and is protected by intellectual property laws. Upon payment (if applicable), you are granted a non-exclusive, non-transferable license to use the generated policies and reports for your organization's internal business purposes. You may not resell, redistribute, or sublicense the generated content without DMS's prior written consent.
These terms shall be governed by and construed in accordance with the laws of the State of New Jersey, without regard to its conflict of law provisions. Any dispute arising out of or relating to these terms or the Service shall be resolved exclusively in the state or federal courts located in New Jersey, and you consent to the personal jurisdiction of such courts.
DMS reserves the right to modify these terms at any time. Material changes will be communicated via the Service interface or email. Your continued use of the Service after such modifications constitutes acceptance of the updated terms.
If any provision of these terms is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that these terms shall otherwise remain in full force and effect.
These terms, together with any applicable order form or service agreement, constitute the entire agreement between you and DMS regarding the Service and supersede all prior agreements and understandings, whether written or oral.
Questions? Contact us at info@strategydms.com
Dynamic Management Services, LLC • Last Updated: June 2026
Please confirm the following before beginning your assessment
Before you begin, we need your explicit consent for how your data will be used, including the contact name, organization name, and contact email we record when you generate your report or policy documents. Please read and check each item below.
Under GDPR, you have the right to request access to or deletion of your personal data at any time. Your assessment responses are permanently deleted after the 30-day retention window; the contact details described in item (g) are retained for support and follow-up until you ask us to delete them. To exercise your rights, contact us at info@strategydms.com.
Dynamic Management Services, LLC • DMS Secure Processing
AI Governance Assessment · NIST AI RMF 1.0