← Back to Bootstrap Kit
CSM-Lite Documentation

CSM Framework Quick-Start Guide

A simplified 3-layer approach to AI governance. Get compliant in 8 weeks without reading 1,800 pages.

What is CSM?

CSM (Cognitive Systems Management) is the open-source framework that powers HAIEC tools. Think of it as the Linux of AI governance - free to use, widely adopted, enterprise-proven.

The full CSM framework has 6 layers and 1,800+ pages of documentation. CSM-Lite simplifies this to 3 essential layers you can implement in 8 weeks.

3 Layers
vs 6 in full CSM
8 Weeks
Implementation time
20 Pages
vs 1,800 in full CSM

The 3 Layers of CSM-Lite

Layer 1

System Inventory

Catalog all AI systems, their purpose, risk levels, and data flows

Create AI system inventory
Classify risk levels
Map data flows
Identify stakeholders
Layer 2

Risk Assessment

Evaluate potential harms, compliance gaps, and mitigation strategies

Conduct risk assessment
Identify compliance requirements
Document potential harms
Create mitigation plans
Layer 3

Policy & Governance

Establish policies, approval workflows, and governance structures

Draft AI usage policies
Create approval workflows
Establish governance committee
Define roles & responsibilities

8-Week Implementation Timeline

1
Week 1-2

Discovery & Inventory

  • Complete AI system inventory
  • Interview system owners
  • Map data flows
  • Identify high-risk systems
2
Week 3-4

Risk Assessment

  • Conduct risk assessments
  • Document compliance gaps
  • Create mitigation plans
  • Prioritize remediation
3
Week 5-6

Policy Development

  • Draft AI usage policies
  • Create approval workflows
  • Establish governance structure
  • Get stakeholder buy-in
4
Week 7-8

Implementation & Training

  • Roll out policies
  • Train staff
  • Set up monitoring
  • Launch governance committee

Common Scenarios & Requirements

Hiring AI System

NYC Local Law 144EEOC
  • Annual bias audit
  • Candidate notification
  • Data retention (3 years)
  • Adverse action notices

Credit Scoring AI

FCRAECOA
  • Adverse action notices
  • Disparate impact testing
  • Model explainability
  • Regular validation

Healthcare AI

HIPAAFDA
  • PHI protection
  • Clinical validation
  • Adverse event reporting
  • Patient consent

Customer Service AI

GDPRCCPA
  • Privacy notices
  • Right to opt-out
  • Data minimization
  • Human escalation

What's Included in CSM-Lite

Quick-start guide (20 pages)
Implementation checklist
Policy templates
Risk assessment framework
Compliance mapping tables
Common scenario playbooks
Governance structure templates
Training materials

Ready to Implement CSM-Lite?

CSM-Lite documentation is included in all Bootstrap pilot programs. Get started today.

Join Free WaitlistGet Immediate Access

Need the Full CSM Framework?

The complete 6-layer CSM framework with all 15 documents is available in the Enterprise tier ($999/month). Includes custom onboarding, dedicated support, and quarterly reviews.

Contact Sales for Enterprise Access →