Free MSP Toolkit

Deliver an AI Risk Assessment your clients can't argue with

A co-brandable toolkit that lets you run a free, read-only AI risk assessment from a client's real endpoints — then frame their own findings and turn it into a recurring AI governance service. Built on ShadowLock's scanner, not generic slideware.

Get the toolkit

What's inside

Four assets, one motion

Co-brandable education deck

PPTX

A short, data-free briefing you present before the scan to explain the shadow-AI problem and build the case for a free assessment. Drop in your logo; no client numbers to fill.

Assessment runbook

Markdown

The full motion: offer the free assessment, run the read-only scan, walk the findings, and turn it into a recurring service.

One-page leave-behind

Markdown

A client-facing summary that wraps the assessment report and names the next step. Co-brand and hand over after the meeting.

MSP close-kit

Markdown

Objection handling and how to price AI governance as a recurring line item — the part that turns the assessment into MRR.

The framework

The five places AI data leaks on an endpoint

Most assessments only check the first one or two. The toolkit covers all five — including the Microsoft 365 OAuth grants competitors don't look at — and each maps to a control ShadowLock actually enforces.

  1. A paste into an AI tool
  2. Secrets typed into a prompt
  3. AI sites used on a personal login
  4. A desktop AI app installed on the machine
  5. An AI app granted OAuth access to Microsoft 365

How it works

From free scan to recurring revenue

  1. Educate: Present the co-brandable briefing deck so the client understands where AI data leaks and why it matters - before you ever run a scan.
  2. Offer the assessment: Position a free, read-only AI risk assessment: no admin rights, nothing left installed.
  3. Run the scan: Each employee runs a lightweight scanner that inventories AI apps, browser extensions, AI-site history, and browser AI settings.
  4. Review the findings: Walk the client through their own AI Exposure report: risk tier, what's in use, and the device-by-device breakdown.
  5. Propose the program: Set a policy, enforce it on the endpoint across all five leak surfaces, and prove control with audit-ready logs.
  6. Make it recurring: A quarterly AI Risk Review keeps it current and turns a one-time scan into a billable, recurring service.

Get the toolkit

Tell us where to send updates and grab all four assets.

No spam. We'll only use this to send toolkit updates and helpful MSP resources.

Frequently asked

Toolkit FAQ

What is in the MSP AI Risk Assessment toolkit?

Four assets: a co-brandable education deck (PPTX) that sets up the problem, a step-by-step assessment runbook, a one-page client leave-behind, and an MSP close-kit with objection handling and recurring-service pricing. Together they let you deliver a free AI risk assessment and convert it into a recurring AI governance service.

Is the AI risk assessment really free to run?

Yes. The assessment uses ShadowLock’s read-only prospect scanner, which needs no admin rights and leaves nothing installed. You deliver the resulting AI Exposure report to the client whether or not they buy the governance service.

How is this different from a generic AI education deck?

It is assessment-led, not lecture-led. The centerpiece is the client's own scan data — their tools, their personal-account usage, their Microsoft 365 OAuth grants — not a stat from a vendor pilot. That makes it more persuasive and unique to each client.

Can I put my own logo on it?

Yes. The deck and leave-behind are co-brandable, and the generated AI Exposure report supports white-label partner logos. The materials are built to be presented as your service, powered by ShadowLock.

How do I turn the assessment into recurring revenue?

The close-kit shows how to price AI governance as a per-seat managed-service line plus a quarterly AI Risk Review. Because ShadowLock bills to your partner account across all clients, every client you add moves your whole book toward lower volume tiers.

Run the assessment with ShadowLock

The toolkit is the playbook. ShadowLock's scanner and multi-tenant platform are the engine that delivers the report and enforces the controls.

See the MSP platform