AI Readiness Audit: how to find where LLMs and agents can actually create ROI

Most companies do not need another impressive demo. They need to know where AI can survive contact with real processes, real data, real permissions, real users, and real budgets.

That is the point of an AI Readiness & ROI Audit.

What I check

1. Business pressure. Which process is expensive, slow, risky, or strategically important enough to justify intervention?
2. Data readiness. Where is the relevant knowledge, who owns it, how stale is it, and what access model is realistic?
3. Workflow shape. Is this a retrieval problem, a decision support problem, a tool-using agent, or an automation pipeline?
4. Risk. What can go wrong: data leakage, wrong action, prompt injection, vendor lock-in, cost explosion, weak evaluation?
5. Operating model. Who will own prompts, evals, monitoring, escalation, approvals, and updates after launch?
6. ROI path. What metric should move: time saved, deflection rate, cycle time, quality, error reduction, cost per task, revenue per operator?

What the output should be

The output is not a 60-slide deck. It is a decision document:

• a prioritized use-case map;
• readiness score for data, process, security, and team ownership;
• build-vs-buy recommendation;
• architecture sketch;
• risk register;
• first pilot scope;
• next 30/60/90 days.

What usually fails

AI pilots fail when they start from a model instead of a workflow. They also fail when nobody owns evaluations, observability, access control, or the human handoff.

The real question is not “can we add AI here?” The real question is:

Can this system produce a measurable business result without introducing unacceptable operational or security risk?

That is the work I help with.