Sample Deliverables
What an Engagement Actually Produces
Not a slide deck and a handshake — written findings you can act on and a policy your board can adopt. Here is the format and depth, shown honestly.
Read this first. The samples below are drawn from a fully worked simulated engagement with a fictional newsroom — not from a past client. Rihlah is a new practice, and we would rather show you exactly what you’ll receive than dress the site up with borrowed logos. The format, structure, and rigor shown here are what every real engagement delivers. Evidence over hype applies to us, too.
Sample 1 — AI-Readiness Audit: Findings Memo
The centerpiece of every audit: a confidential written memo to leadership. Excerpted below from the simulated engagement — an 18-person nonprofit newsroom whose board asked, “Do we have an editorial AI policy?”
Excerpt — Executive Summary
“Your staff has adopted AI tools faster than your newsroom has adopted rules for them. That gap — between everyday use and shared standards — is the core finding of this audit… The single biggest risk is unverified AI-generated facts entering the reporting pipeline at the research step, compounded by widespread ‘shadow AI’ — staff using free consumer tools on personal accounts, outside any account controls or newsroom visibility… You do not have a culture problem. You have a policy-and-habits problem, and it is fixable ahead of your next board meeting.”
Excerpt — Findings at a Glance
| Area | Finding | Figure |
|---|---|---|
| Survey response | Strong participation | 15 of 18 (83%) |
| Shadow AI | Use personal/free accounts for work | ~60% |
| Verification | Regular users who always verify AI output | ~50% |
| Governance | Staff aware of any AI rule | 1 of 15 |
| Appetite | Want clear guidelines and hands-on training | ~80% |
What the full memo contains
Methodology (confidential staff survey, one-on-one interviews, tool and account review, workflow mapping) · six evidence-based findings with anonymized staff voices · a likelihood-and-impact risk table · recommendations prioritized into quick wins (0–30 days), near-term (1–3 months), and follow-on — each mapped to the accompanying policy so adoption does most of the work.
Sample 2 — Board-Ready AI Policy
Most audits end with a policy the organization can adopt at its next board meeting — written in plain language your staff will actually follow, not legal boilerplate. The structure, from the same simulated engagement:
Table of contents — Editorial AI Policy
- 1.Purpose & scope — who and what the policy covers, including personal accounts used for work
- 2.Core principles — a human is always accountable; nothing an AI produces is true until a human verifies it
- 3.Approved tools & accounts — organization-provided tools for organization work; hard lines for consumer tools
- 4.Green-light uses — encouraged, always subject to the verification rule
- 5.Yellow-light uses — allowed with extra care or editor sign-off, where the risk actually lives
- 6.The verification rule — AI output is a lead, never a source
- 7.Audience disclosure standard — when readers are told, and in what words
- 8.Sources, confidentiality & sensitive data — including transcription of sensitive audio
- 9.Ownership & review cadence — a named point person and a standing review so the policy stays alive
The same architecture adapts to other sectors: for public agencies it becomes records- and PII-safe use guidance; for colleges, staff AI-use plus academic-integrity policies.
Also part of every audit
Confidential staff survey
A tested survey instrument, anonymized by design, so leadership learns how work actually happens — not how people think they’re supposed to describe it.
Interim guidance one-pager
A do/don’t sheet your team can use the day the audit starts — you don’t wait four weeks to get safer.
Live readout
A working session with leadership — and with your board, if useful — walking through findings, risks, and the 90-day plan.
Want this for your organization?
Tell us what you’re trying to accomplish. If an audit isn’t the right starting point, we’ll say so.
Get Started