The questions to ask before any AI tool
Every time your team considers using an AI tool — whether it's Microsoft Copilot built into Office, a new vendor tool, or a custom-built system — there are five questions worth asking:
**1. What data does it access?** Does it need access to your emails, customer data, internal documents? What are the minimum permissions needed for it to do its job?
**2. What does it do with that data?** Is data used to train future models? Where is it stored? Who can access it? What happens when you stop using the product?
**3. What happens when it gets something wrong?** This is the most important question that most teams skip. What does a failure look like? How would you know? What's the process to catch and fix it?
**4. Who is accountable for its outputs?** If the AI gives incorrect advice that someone acts on, whose responsibility is it? Your organisation's? The vendor's? This needs to be clear before deployment, not after an incident.
**5. What does good oversight look like?** For this task, at this risk level, what does appropriate human review actually mean? Not 'someone looked at it' — meaningful review.
Reading vendor safety claims — what to actually check
AI vendors make a lot of claims. 'Enterprise-grade security.' 'SOC 2 certified.' 'GDPR compliant.' 'Responsible AI.' Here's how to evaluate them:
**'SOC 2 certified'** — This means they've had an audit of their security controls. It's a good baseline. It doesn't mean their AI outputs are reliable or that your data is never used for training.
**'GDPR compliant'** — Means they have a compliance programme. Doesn't mean using their product makes *you* compliant. You still have your own obligations around data processing, consent, and retention.
**'Responsible AI'** — Almost meaningless as a standalone claim. Ask: what specifically does this mean? What guardrails are in place? What independent testing has been done? What can't the system do?
**'Our AI doesn't hallucinate'** — This is false. Every LLM-based system can produce incorrect confident output. A vendor claiming otherwise either doesn't understand their product or is being misleading. The right question is: what mechanisms detect and mitigate it?
Data governance in practice
When you introduce an AI tool to your team, you're making decisions about data governance whether you mean to or not. A practical framework:
Tier 1 — Public information: Can be used with any tool without restriction. Press releases, public documents, general knowledge.
Tier 2 — Internal but non-sensitive: Internal documents, project notes, general business communications. Should require basic vendor vetting (data processing agreement, clear data retention terms).
Tier 3 — Sensitive: Customer PII, financial data, legally privileged communications, HR data. Should require explicit approval, data processing agreement reviewed by legal, and clear retention and deletion terms.
Tier 4 — Regulated: Data subject to specific regulatory requirements (HIPAA, financial regulatory requirements, etc.). Requires specialist legal review before any AI tool touches it.
A surprisingly common failure mode: a team member feeds Tier 3 data into a free AI tool without realising they're potentially training future models with it.
Human oversight that actually works
' A human reviews all AI outputs' sounds like good oversight. It often isn't.
Real human oversight requires three things: **time**, **context**, and **authority to act**.
*Time:* If a human is reviewing 200 AI outputs per hour, they're not reviewing — they're rubber-stamping. Genuine review takes time proportional to the stakes.
*Context:* The reviewer needs to understand what the AI was asked to do, what it produced, and what the right answer looks like. A reviewer without this context cannot meaningfully evaluate.
*Authority:* The reviewer needs to be able to stop, change, or override the AI's output without friction. If the process makes it easier to approve than to push back, the oversight is broken.
The warning sign to watch for: the AI is doing so many tasks so fast that humans *can't* meaningfully review. At that point, the 'oversight' has become a formality, not a safeguard.
The organisations that deploy AI well aren't the ones with the most advanced tools. They're the ones with clear policies about what the tools can access, who reviews outputs, and what happens when something goes wrong.