Ravenkeep AI
Resources

Topics the practice can speak to clearly

Summaries of the working material used inside engagements. The full versions are instantiated against your environment during delivery.

Assessment

Before you commit to a build

Private AI readiness checklist

A structured way to evaluate use-case clarity, data sensitivity, internal ownership, deployment constraints, and governance readiness before funding a pilot.

What it covers

  • A way to tell whether your use case is concrete enough to fund
  • Signals that a named owner exists (and what to do if one does not)
  • Common data-access blockers and how they surface in discovery

Use-case scoping guide

How to choose the first internal AI workflow without creating an oversized pilot. Patterns for narrowing scope so the build produces a useful, measurable outcome.

What it covers

  • Criteria for picking the first workflow over the most ambitious one
  • Acceptance-criteria patterns the business actually agrees to
  • Signs the use case is too broad and needs to be cut down

Deployment

Architecture and infrastructure choices

Deployment model comparison

A framework for comparing on-premises, private cloud, and controlled hosted options against data sensitivity, operational maturity, scale, and support expectations.

What it covers

  • When on-prem is the right call and when it is over-engineering
  • How private cloud and controlled hosted patterns differ in practice
  • A way to score deployment options against your real constraints

Model selection notes

Practical orientation on choosing between open-weight, private-endpoint, and hybrid model deployments — including the operational implications most evaluations skip.

What it covers

  • Where model choice matters and where it does not
  • The hidden ops cost of self-hosting vs private endpoint
  • When fine-tuning is the right call and when retrieval is enough

Governance

Controls, policies, and review

Governance starter outline

Suggested topics for access, logging, retention, change control, acceptable use, and incident handling — written so an internal security team can review it.

What it covers

  • A starting outline for an internal AI use policy
  • The minimum logging and retention design that holds up to review
  • Change-control patterns that scale beyond a single pilot

Threat model template

A working starting point for documenting AI-specific risks — prompt injection, retrieval leakage, model drift, egress exposure, privileged misuse — and the mitigations the design has to answer for.

What it covers

  • Named risks an AI threat model should always cover
  • Mitigation patterns that map to common control frameworks
  • How to verify mitigations actually hold during pilot evaluation

Operations

After launch

Operating runbook outline

A starting structure for routine operation, escalation, model updates, prompt changes, and rollback — the document an internal owner should be able to follow without ongoing dependency.

What it covers

  • Sections every AI runbook should contain
  • Escalation paths that match how your team actually pages
  • A rollback approach the security team will sign off on

Common failure modes after launch

The recurring patterns that quietly degrade a private AI environment after go-live — and the operating practices that prevent each one.

What it covers

  • Why behavior drift goes unnoticed without an evaluation cadence
  • How retrieval quality decays and how to monitor it
  • When to expand scope and when to hold the line

Want the working version against your environment?

Instantiating these against a specific deployment is the part that produces a defensible deliverable. That is what engagements buy.

Book discoveryRead the long-form articles