Field notes from building governed AI for regulated organizations — standards, frameworks, workflows, security, and where the work is going. Long-form, with examples.
New to the terminology? Start with the AI glossary — industry jargon in plain English →
Claude is excellent. Pointing it straight at your data and your systems, with nothing in between, is a liability. Here is exactly what goes wrong — and how a governed gateway fixes each one.
RiskTwo quiet ways a careless AI rollout leaks your crown jewels — your prompts becoming training data, and your API keys escaping. Here’s how each happens, and how to stop it.
StrategyHiring a Chief AI Officer and a bench of ML engineers is out of reach for most organizations. The outcomes they’d deliver don’t have to be.
StrategyThe demo dazzles, leadership is sold, and then nothing ships. The gap between a pilot and a production system is governance, integration, and ownership — and it’s where most AI initiatives quietly die.
Point of viewChat was the demo. Agents that run for hours or days — and the professionals who supervise them — are the product. What changes, and why governance is the unlock.
Future of workRoutine entry-level tasks are the first to be automated — a real disruption to how people learn a profession and how organizations build their talent pipeline. The response isn’t fear; it’s moving people up to supervise the work sooner.
Point of viewBolting a chatbot onto an unchanged process gets you a rounding error. The real gains come from redesigning the work around what agents do well — and what humans do best.
ArchitectureNo single model is best at everything, and routing everything to one public API is a privacy liability. How to get both quality and privacy, with examples.
Engineering“AI model” isn’t one thing. There’s a whole toolbox — language, reasoning, small, multimodal, embedding, image, and speech models — and good systems use several together.
ArchitectureOpen-weight models now rival the closed frontier, and you can run them in your own environment. Here’s how to evaluate them, the current leaders, and the licensing fine print — as of mid-2026.
StrategyThe two-year data-warehouse project is the most expensive way to delay AI value. Governed agents can work your data where it already lives — today.
EngineeringThere are three ways to make a model fit your work — context, retrieval, and fine-tuning. Most teams reach for the expensive one first. Here’s when each is the right call.
Point of view“AI automation” makes it sound like fancier macros. Agents reason, sequence, and adapt — and that difference completely changes what you can hand them.
GovernanceThe world’s first certifiable standard for managing AI — what it actually requires, clause by clause, and how to build toward it without boiling the ocean.
GovernanceThe US risk framework and the international standard are constantly framed as competitors. They’re layers of the same program — here’s how they map, with examples, and why building both is one job.
SecurityPrompt injection, data leakage, insecure output, excessive agency — the real ways LLM apps break, walked through with examples, and the gateway controls that contain each one.
EngineeringHow to build with AI in the loop — dramatically faster, without shipping confident nonsense. The practices, the orchestration model, and the pitfalls, with examples.
ArchitectureMost architecture diagrams confuse more than they clarify. The C4 model fixes that with four levels of zoom — context, containers, components, code.
ArchitectureThe cloud Well-Architected frameworks predate the AI boom — but their pillars map cleanly onto what a governed AI system actually needs.
DeliveryFixed time, variable scope, and bets instead of backlogs. Why we scope engagements around appetite — not guesses — especially when the work involves AI.
DesignClassic UX laws (via lawsofux.com) still govern whether an experience works — and AI raises the stakes on every one of them. A practical walkthrough, with examples.
Framework reviewThe Loop, the Keys, and the Principles — where IBM’s framework genuinely helps build AI products, where it falls short, and the AI-specific extensions every team needs.
CapabilitiesGoverned, ready-to-tailor capabilities for the work your team actually does — with concrete examples by industry, and how each one is governed.