Preparing for AI: A Ten-Part Operating Playbook

If AI is an operating-model change rather than a tool rollout, preparation stops being abstract and becomes a set of concrete steps you can start now. The ten that follow are roughly in order, but they feed each other, and most organizations will run several at once.

The thread tying them together is the lesson from every earlier transition in this series: the value comes from the system built around the tool. These ten steps build that system, from the unit of analysis all the way to measurement.

The first step is conceptual, and it sets up everything after it. A software-license rollout asks who gets access, what it costs, and whether people are trained on it. An operating-model change asks a harder set of questions: how the work will change, which decisions are affected, what controls are needed, how roles evolve, and how you will measure performance.

That shift changes who owns it. Framed as a tool rollout, AI lands with IT by default. IT is essential, but AI adoption also pulls in legal risk, data governance, security, training, customer experience, operational design, procurement, and strategy. It is an enterprise question, because it changes how work gets performed, supervised, measured, and improved.

Map tasks, not job titles. Walk each function and inventory the repetitive, language-heavy, analytical, customer-facing, compliance-sensitive, and judgment-heavy tasks. Then sort each one into a bucket: automate, augment, accelerate, monitor, or keep off-limits.

This sidesteps the two crude errors. Everyone should use AI everywhere is too blunt and ignores risk. No one should use AI because it is risky is just as blunt and ignores value. A task map asks sharper questions: what is high-volume and low-risk, what is high-value but jammed up, what touches sensitive data, what needs expert review, and where people are already using AI off the books.

You cannot govern what you cannot see, and shadow adoption is a given once employees can reach public tools without going through procurement. Visibility, not just prohibition, is what helps. If people think owning up gets them punished, the actual risks stay hidden. If they think there is an approved path, the use cases come out into the open.

A useful inventory records the use case, the user group, the model or vendor, the data involved, the business process, the risk level, the human-review point, the output type, integration status, and an accountable owner. Keep it light enough that people actually use it: a twenty-page form for every experiment just pushes usage back underground. Tier the documentation by risk instead.

The best early use cases are rarely the flashy ones. They are high-frequency, language-heavy, low-to-moderate-risk workflows with clear review built in: drafting customer responses, summarizing meetings, first-draft proposals, test generation, contract review for standard clauses, ticket classification, sales-call briefs, document extraction, and structured research support.

The evidence backs this kind of targeting. In a study published in the Quarterly Journal of Economics, access to generative AI assistance raised customer-support productivity by 15 percent on average, measured by issues resolved per hour, with the biggest gains landing on less experienced workers. In a controlled experiment, developers using GitHub Copilot finished a coding task 55.8 percent faster than the control group. AI tends to be most valuable where it captures expert patterns and spreads them around, though prioritization still has to weigh legal exposure, data sensitivity, and how reviewable the output is.

The strongest AI workflows are not a contest between human and machine. They are structured collaboration. People set the objective, supply context, judge the outputs, apply judgment, and stay accountable. AI retrieves, drafts, summarizes, classifies, compares, transforms, and suggests. The exact split varies by function, but the principle holds.

Require human review for regulated, financial, legal, safety-critical, customer-impacting, and brand-sensitive outputs, and make the standard explicit: what gets checked, by whom, against which source, with what documentation. Human in the loop means nothing if the human is overloaded, undertrained, or rewarded for approving fast. Build review as a real checkpoint, with sampling, escalation rules, checklists, source links, and audit trails.

Literacy is a lot more than prompting. It means understanding what AI is good at, where it breaks, why hallucinations happen, how sensitive data leaks, why outputs need checking, how bias creeps in, and when human judgment is required, plus knowing the organization's approved tools, prohibited uses, review requirements, and how to report an incident.

It should be role-specific. A customer-service agent, a board member, and a machine-learning engineer each need a different depth, but everyone needs the same baseline: what is allowed, what data is off-limits, how to verify, when to escalate, and who owns the final call. The regulation is pointing the same way; under the EU AI Act, prohibited-practice rules and AI-literacy obligations began applying on February 2, 2025, with governance and general-purpose-model obligations following on August 2, 2025.

Governance should be light enough to leave room for experimentation and strong enough to keep sensitive workflows from being deployed unchecked. The point is not to slow everything down. It is to set the conditions under which adoption can speed up safely. The NIST AI Risk Management Framework gives you a clean structure, organizing the work into four functions, govern, map, measure, and manage, run continuously across the system lifecycle. ISO/IEC 42001:2023 adds a management-system approach built around responsible use, traceability, transparency, reliability, and risk management.

In practice that means an empowered steering committee, approved-use policies, data-handling rules, vendor review, risk tiers, incident reporting, audit trails, model-evaluation procedures, and clear ownership. Risk tiering carries the most weight: a low-risk brainstorming use needs only basic guidelines, while a customer-facing recommendation engine needs testing, bias evaluation, monitoring, security review, and legal sign-off. Proportional governance lets you move fast where the risk is low and slow down where it is high.

AI is only as good as the context it can reach and the quality of what it is allowed to use. Plenty of organizations find that their AI problem is really a knowledge-management problem: scattered policies, incomplete records, stale documentation, murky permissions, inconsistent terminology, and institutional knowledge locked in inboxes and the heads of long-tenured staff.

So preparation includes cleaning up knowledge bases, labeling authoritative sources, improving access, managing permissions, and building retrieval that lets AI work from trusted enterprise context. This is the most underrated part of readiness. A powerful model wired to bad information produces bad output, confidently. Knowledge governance, source authority, ownership, taxonomy, and review cycles all sound mundane, and they sit right at the center of enterprise value.

AI reintroduces familiar risks in unfamiliar forms: confidential data leaking through prompts, employees pasting customer information into public tools, generated code carrying vulnerabilities, vendor models processing data under terms nobody read, generated content raising copyright and attribution questions. Define the approved tools, the prohibited data types, the retention rules, the logging requirements, and the escalation channels, so people are not left guessing.

Security review has to go past vendor reputation into data retention, training terms, access controls, encryption, auditability, integration architecture, prompt logging, and incident response. Find out whether a vendor trains on your prompts, whether your data can be deleted, and where it gets processed. Intellectual-property risk deserves explicit rules for marketing, product, software, and client deliverables, including when AI use has to be disclosed or avoided. Procurement, legal, and security should work in parallel rather than in sequence, because AI risk runs through all three at once.

Work changes before titles do. Most employees will not be replaced by AI, but they may be replaced by coworkers who use AI inside a redesigned process. Expect new or expanded roles: AI workflow owner, model-risk lead, prompt and workflow designer, knowledge-base curator, AI auditor, human-in-the-loop reviewer. Tie incentives to outcomes rather than visible effort or raw speed, and protect the apprenticeship tasks where juniors build judgment by having them critique and verify AI output instead of just passing it along.

Finally, measure outcomes, not activity. Usage is the easiest metric to collect and one of the least meaningful; thousands of prompts can add up to very little. Set the baseline before the pilot, state a hypothesis, then track cycle time, error rates, quality, customer satisfaction, rework, and risk reduction together. AI can lift throughput while quietly lowering accuracy, so time saved never stands on its own. Pick a workflow, baseline it, introduce AI, measure quality and time, add controls, compare, then decide whether to scale. Run it like an operating-improvement program, not a novelty demo.