Grant Thornton Cyprus Launches EU AI Act & ISO 42001 Governance, Risk, and Compliance (GRC) Service Offering
Grant Thornton Cyprus is pleased to announce the launch of its EU AI Act & ISO 42001 Governance, Risk, and Compliance (GRC) services, designed to support organisations in deploying artificial intelligence responsibly, securely and in full alignment with emerging regulatory and governance requirements.
As artificial intelligence becomes increasingly embedded in core business processes, organisations face heightened regulatory scrutiny, operational risk and reputational exposure. The introduction of the EU AI Act, alongside the ISO/IEC 42001 Artificial Intelligence Management System standard and the ongoing applicability of the General Data Protection Regulation, marks a fundamental shift from voluntary best practices to enforceable accountability across the AI lifecycle.
Grant Thornton’s new service helps organisations navigate this evolving landscape by providing structured, end-to-end support across AI governance, risk management and compliance. The offering covers EU AI Act readiness and implementation, ISO 42001 design and certification support, AI risk and impact assessments, technical assurance, and the integration of AI governance into existing risk, security and data protection frameworks.
By combining regulatory expertise, technical assurance and practical implementation, Grant Thornton Cyprus enables organisations to move beyond fragmented compliance efforts and embed AI governance as a core component of their digital risk strategy, supporting innovation while safeguarding trust, transparency and resilience.
Christos Makedonas, Partner and Digital Risk Services Leader, commented: “AI is transforming how organisations operate, but it is also introducing a new category of digital risk, one that is fast-moving, complex and highly scrutinised by regulators. Staying ahead of technology today is not just about adoption; it is about governance, accountability and control. With the EU AI Act and ISO 42001, organisations now need to demonstrate that their AI systems are trustworthy by design and compliant by default. Our role is to help clients manage AI risk proactively, so they can innovate with confidence rather than react to regulatory or operational disruption.”
Anna Papaonisiforou, Senior Manager, Digital Risk Services also stated: “For many organisations, the real challenge today is not compliance itself, but understanding what compliance means in practice. The first step is gaining visibility over where and how AI is being used across the organisation, and then establishing the governance structures, risk assessments and documentation required by the regulation.”
The new service is delivered by Grant Thornton Cyprus’ multidisciplinary Advisory Team, drawing on global experience across governance, risk, compliance, cybersecurity and data protection, and is tailored to organisations across sectors that develop, deploy or rely on AI systems. Click here to find out more.