The AI Readiness Audit.

Define the business problem and the metric it moves before any model work starts. RAND found the top cause of AI project failure is stakeholders misunderstanding or miscommunicating the problem, not the technology, and that mistake is locked in on day one.

Assign a P&L owner and a target number to every AI initiative. Gartner names unclear business value as a leading reason at least 30% of gen AI projects were predicted to die after proof of concept by end of 2025.

Run a buy-versus-build decision with real cost data for every use case. MIT NANDA found externally purchased tools and partnerships reached deployment about 67% of the time versus roughly 33% for internal builds, so defaulting to building burns budget and time.

Set explicit kill criteria for every pilot before it starts. S&P Global found the average organization already scraps 46% of AI proofs of concept before production, and without criteria the wrong half survives.

Measure AI investment outcomes on a fixed cadence, not just at launch. Cisco's 2025 AI Readiness Index found only 32% of organizations measure the value of their AI investments, which turns every roadmap debate into opinion.

Refresh AI cost models at least quarterly. Stanford's AI Index documents a more than 280-fold fall in GPT-3.5-class inference cost between November 2022 and October 2024, so build and capacity decisions priced on last year's tokens are simply wrong.

Require a concrete answer to what a proposed agent does that a workflow plus an LLM call does not. Gartner expects over 40% of agentic AI projects to be canceled by end of 2027 and estimates only about 130 of the thousands of self-described agentic AI vendors are real.

Weigh back-office and operations use cases before flashier customer-facing ones. MIT NANDA found the strongest ROI in back-office automation while more than half of gen AI budgets go to sales and marketing tools.

Inventory the data each approved use case needs and confirm it exists with rights to use it. RAND lists lacking the data needed to train an effective model among the five leading causes of AI project failure, and it usually surfaces only after months of sunk work.

Stand up lineage and quality monitoring on every dataset that feeds a model. Informatica found 67% of data leaders are struggling to move gen AI pilots to production, with data quality, completeness, and readiness cited by 43% as a top obstacle.

Centralize or federate data access so teams can discover and reuse datasets and features. Cisco found 64% of organizations struggle to centralize data, and every duplicated extract adds silent inconsistency to model behavior.

Extend data management to AI-specific capabilities: vector stores, chunking, embeddings, and RAG integration. Gartner's 60% abandonment prediction applies precisely to projects unsupported by AI-ready data in this sense.

Score data management maturity against an external model such as DCAM, not a self-assessment. The EDM Association's 2026 benchmark found only 31% of organizations report advanced data strategy capability even though more than 70% have CDOs and formal governance structures on paper.

Track data dependencies and undeclared consumers of every pipeline. Sculley's hidden technical debt research showed unmanaged data dependencies make a change to one system a change to all of them.

Classify sensitive data and enforce access controls before it reaches any model or prompt. IBM found 97% of organizations breached through AI models or applications lacked proper AI access controls.

Test retrieval quality separately from model quality in every RAG system. When retrieval is wrong, the best model available produces confident garbage and the failure gets misdiagnosed as a model problem.

Automate training and deployment pipelines with versioned data, code, and models. Google's MLOps level 0, the all-manual notebook stage, is where models silently rot because retraining never actually happens.

Build an evaluation suite before scaling any LLM feature: unit-test assertions, human and LLM-judge trace review, then A/B tests. Hamel Husain finds unsuccessful AI products almost always share one root cause: the failure to create robust evaluation systems.

Validate every LLM judge against human labels before trusting its scores. Husain's guidance is to track correlation between model-based and human evaluation before relying on automatic scores; an unvalidated judge launders failure modes into a green dashboard.

Review production traces on a regular cadence with near-zero-friction tooling. The same eval research treats regular trace review as the foundation of error analysis, and skipping it means flying blind on real user failures.

Pin model versions and run regression evals before any provider or version migration. Applied LLMs documents Voiceflow taking a 10% drop on intent classification just migrating between GPT-3.5 versions, caught only because evals existed.

Handle malformed output and provider outages in code with retries, fallbacks, and multi-provider switching. GoDaddy measured invalid output on about 1% of GPT-3.5 structured calls and lost its chatbots to a multi-hour provider outage.

Gate irreversible or sensitive actions with deterministic code, never the model's judgment. GoDaddy gates human handoff with code-identified stop phrases instead of the model's judgment, because a model that is right most of the time still fires the wrong action constantly at scale.

Monitor for drift and define exactly what triggers retraining or prompt revision. Microsoft's MLOps maturity model puts drift-triggered automatic retraining at its top level, and without it quality decays invisibly.

Verify engineering fundamentals first: small batches, robust automated tests, fast feedback loops. DORA found AI adoption correlated with an estimated 7.2% drop in delivery stability, consistent with AI-enlarged change batches overwhelming weak review and testing practices.

Hire in sequence: product and platform engineers first, data instrumentation next, ML specialists last. Applied LLMs practitioners found hiring an ML engineer too early wastes money and causes churn when there is no product or data foundation for them to optimize.

Train for role-specific AI proficiency, not generic awareness sessions. Prosci attributes 38% of AI implementation struggles to user proficiency gaps, and EY found only 12% of employees receive sufficient AI training.

Put AI initiatives in line teams with empowered managers rather than a central lab that owns everything. MIT NANDA found successful deployments put adoption ownership with empowered line managers and domain leaders, not central AI labs.

Measure actual employee AI usage instead of relying on leadership estimates. McKinsey found employees self-report heavy gen AI use at three times the rate their C-suite estimates, so plans built on the official picture mistarget.

Give every engineer sanctioned, paid AI tooling with clear usage guidance. MIT NANDA found workers at over 90% of companies use personal AI tools while only 40% of companies hold official LLM subscriptions, and that gap is filled with company data on personal accounts.

Define ownership of prompts, retrieval logic, and eval assets the way you define code ownership. Unowned prompts become the new configuration debt: edited by everyone, tested by no one.

Budget upskilling as an ongoing program line, not a one-off workshop. EY finds AI on a strong talent foundation can unlock up to 40% more productivity gains, value that weak training strategies leave on the table.

Adopt a named risk framework, with NIST AI RMF as the floor, and map every AI system to it. IBM found 63% of breached organizations either had no AI governance policy or were still developing one.

Implement AI-specific access controls on models, prompts, and training data. IBM found 97% of organizations breached through AI models or applications lacked proper AI access controls.

Detect and inventory shadow AI from observed behavior, not policy attestations. IBM found high shadow AI usage added an average $670,000 to breach costs, and one in five organizations reported a breach due to shadow AI.

Assign a named owner for the accuracy of every customer-facing AI output. A BC tribunal made Air Canada honor its chatbot's invented bereavement-fare policy, establishing that a company is liable for what its AI tells customers.

Classify your systems against the EU AI Act's high-risk categories now, even though the deadline moved. The May 2026 omnibus agreement deferred Annex III high-risk obligations to December 2027 and Annex I to August 2028, but Article 99 penalties still reach EUR 35 million or 7% of worldwide turnover at the top tier, and classification work does not fit in a last-minute sprint.

Stand up agentic AI guardrails before deploying agents, not after. Deloitte found 74% of organizations expect at least moderate AI agent use by 2027 while only 21% have a mature governance model for agentic AI.

Build and rehearse an AI incident response runbook. Stanford's AI Index counts 233 documented AI incidents in 2024 rising to 362 in 2025, and scaling adoption multiplies your share of them.

Audit regularly for unsanctioned AI use even where policies exist. IBM found that among organizations with AI governance policies, only 34% perform regular audits for unsanctioned AI, which makes the policy decorative.

Redesign the workflow around the AI capability instead of layering AI onto the old process. McKinsey found workflow redesign is the single biggest driver of EBIT impact from gen AI among 25 attributes tested, and roughly four in five organizations have not done it.

Write a change management plan for every AI deployment with the same rigor as the technical plan. Cisco found 91% of Pacesetters have change management plans versus 35% overall, and Pacesetters move pilots to production four times more often.

Allocate effort roughly 70% to people and process, 20% to technology, and 10% to algorithms. BCG's leading adopters follow this 70-20-10 split, and inverting it is how 74% of companies end up struggling to achieve and scale value.

Put a senior executive, ideally the CEO, visibly accountable for AI outcomes. McKinsey found CEO oversight of AI governance was the element most correlated with bottom-line gen AI impact at larger companies, yet only 28% of organizations using AI have it.

Pair every efficiency target with a quality guardrail metric. Klarna leaned on AI to do the work of roughly 700 customer service agents, then its CEO admitted the cost focus produced lower quality service and the company publicly returned to hiring humans, as reported by Fortune.

Keep a human escalation path in every customer-facing AI flow. Klarna's CEO now says it is critical that customers can always reach a human if they want one, a lesson bought with public brand damage.

Close the trust gap by level: involve and train frontline staff, not just leadership. Prosci measured executive trust in AI at roughly three times frontline levels, and unconvinced users quietly route around the tool.

Track adoption depth and process change, not deployment counts. Deloitte found 37% of organizations use AI at a surface level with little or no change to existing processes, which produces tool spend without transformation.