Guides

Practical, practitioner-written guides on running AI responsibly in a regulated small business. Start with one of the main guides, then go deeper into the specifics.

10 lessons from my first 90 days as an AI program lead

The hardest parts of responsibly standing up an AI program in a business are not necessarily on the technical side. They are about data, timing, consent, communication, and trust. Ten lessons from my first 90 days as an AI program lead: not overestimating the tools, planning for high-risk data before issuing a single license, sending use cases to legal before rollout, and empowering people instead of replacing them.

adoption governance-documents measurement
Read the guide →

What AI governance costs a small business (and how to budget for it)

AI governance cost depends on the engagement, not a sticker price: training, a readiness assessment, automation builds, ongoing fractional AI leadership, security monitoring, or compliance readiness. Here's what drives each, the published market ranges so you can budget, and how to scope yours in a free consultation.

pricing governance-documents fractional
Read the guide →

AI governance FAQ for regulated small businesses

Plain-language answers to the questions regulated small businesses actually ask about AI governance: whether you need a policy, how to handle shadow AI, free versus enterprise tiers, where identity fits, what the law and HIPAA require, and how to start.

shadow-ai governance-documents ai-tiers
Read the guide →

If your automations work, let them cook before chasing AI agents

AI agents like Hermes Agent and OpenClaw are genuinely capable and getting better fast. But if a standard automation is already doing its job, replacing it now means trading a small, known maintenance burden for new costs in setup time, security exposure, usage-based AI fees, and auditability. It is fine to let the agents mature first.

automation agents human-in-the-loop
Read the guide →

Free vs enterprise AI: the setting that decides whether your data trains the model

The most consequential AI decision a small business makes is usually the tier, not the tool. Free and personal accounts often use your inputs to train the model unless you opt out. Business and enterprise tiers generally do not, and give you documentation you can show later. Here is how to tell the difference and prove it.

ai-tiers data-classification governance-documents
Read the guide →

Identity is where AI governance actually starts

AI tools are reached through identity, so an AI program built on weak identity security is documentation of holes, not governance. Multi-factor authentication, account inventory, checks for passwords already exposed in breaches, and the external risks AI introduces are part of the AI program, not separate from it.

identity security human-in-the-loop
Read the guide →

Shadow AI: why banning AI backfires

Shadow AI is staff using unapproved AI tools, usually on personal accounts, because the business has no policy or a ban. A ban does not remove the risk, it removes your visibility into it. Governance beats prohibition because it brings the use into the light where you can guide it.

shadow-ai governance-documents human-in-the-loop
Read the guide →

The attractive side of AI governance: it drives the adoption your ROI depends on

Governance sounds like bureaucracy and more documents to sign. With AI it does the opposite of what the word suggests. The documents people dread, the acceptable use policy, the training, the onboarding steps, are exactly what gets hesitant employees actually using the tools you are paying for. Low adoption is not a technology problem. It is a governance problem.

measurement governance-documents training
Read the guide →

The five AI governance documents every small business needs

The foundation of an AI program rests on five documents: a tool inventory and approved-use registry, an acceptable use policy, a data classification quick reference, an AI risk assessment, and an onboarding and offboarding procedure. Here is what each one does and why finished documents beat a binder of best practices.

governance-documents shadow-ai data-classification
Read the guide →

Your AI memory problem is usually a file system problem

Agent harnesses like Hermes Agent and OpenClaw promise better memory and context across your work. Sometimes they deliver, at a high cost in usage-based AI fees and a complexity most small businesses cannot sustain. The deeper cause of AI context drift is usually a scattered file system, and the first fix is discipline, not a new tool.

automation knowledge-management agents
Read the guide →