What a Paid AI Audit Actually Looks Like
Many consultancies offer "AI readiness assessments" that amount to a deck of generic recommendations and a bill. You get a maturity model, a heatmap, and a recommendation to "invest in data quality." None of this tells you whether your actual systems can support an AI deployment.
A proper audit is different. It traces data lineage end to end, stress-tests integration points, and quantifies what the system actually costs to run per decision. Here is the methodology I use and why it surfaces problems that never appear in quarterly reviews.
Phase 1: Data Lineage Tracing
Before any model runs, you need to know where the data comes from and where it goes. Not at a high level. At the level of: this field in this database is populated by this cron job that pulls from this API that was last updated on this date. Most organisations cannot answer this. They know the data exists. They do not know how it got there or whether it is still accurate.
The audit traces every data source that would feed the AI. If a field has not been updated in six months, that goes in the report. If two systems disagree on the same customer record, that goes in the report. If the API that feeds pricing data has a 4-hour lag, that goes in the report — because a pricing AI running on 4-hour-old data is not a pricing AI, it is a guessing machine.
Phase 2: Integration Point Stress Testing
AI systems do not run in isolation. They call APIs, query databases, write to CRMs. Every one of those integration points is a potential failure surface. The audit tests each one under load: what happens when the CRM API rate-limits? What happens when the database connection pool is exhausted? What happens when the third-party verification service returns a 503?
Most teams have not thought about these failure modes because they have not had to. The AI system will force them to. The audit surfaces these before the system goes live, not after it starts dropping bookings.
Phase 3: Cost-per-Decision Modelling
AI pricing is usually discussed in terms of tokens or API calls. That is the wrong unit. The right unit is cost per business decision. How much does it cost to route a patient inquiry? To verify an insurance policy? To generate and audit a single review response?
The audit models this: given your expected volume, your integration architecture, and your model choice, what does each decision actually cost to run? The answer is usually different from what the API pricing page suggests — because the API pricing page does not account for retries, fallbacks, verification overhead, or the human review gates that every responsible deployment includes.
Phase 4: The Gap Report
The final deliverable is not a maturity score. It is a prioritised list of what needs to be fixed before AI can be deployed safely, ranked by impact and difficulty. Some gaps are trivial (add an index to a database table). Some are existential (the CRM does not expose a programmatic API and the vendor has no timeline for adding one).
The gap report is the most valuable artefact the audit produces — because it tells you not whether you are "ready for AI" in some abstract sense, but exactly what stands between you and a live deployment, and what it will cost to close each gap.
Why This Matters Before You Spend Anything
The most expensive mistake in AI deployment is not picking the wrong model. It is discovering, six weeks into a build, that a critical integration point does not exist, or that the data you need is trapped in a system that cannot expose it. By then you have spent time and money and you have nothing that works.
A proper audit costs money. But it costs less than discovering the same problems halfway through a deployment — and a lot less than launching a system that fails because nobody checked whether the data was actually current.