Legible for decision-makers.
Translating what an AI system does, what risks it runs and how it is controlled, for someone who is not technical.
Writings
Reference articles for decision-makers, without jargon or smoke. Authority is earned here: by demonstrating, not proclaiming.
§ 01 · The three lines
Translating what an AI system does, what risks it runs and how it is controlled, for someone who is not technical.
What it means for a business to be documented so that artificial intelligence can read and operate it.
EU AI Act, AESIA, ISO 42001 and data protection, explained for non-lawyers.
§ 02 · Index
Is your AI “high-risk”? How to tell without being a lawyer.
A five-question tour to place your system within the EU AI Act classification — and to defend your answer in writing before using it.
AI governance for decision-makers, without being technical.
The noise about regulation hides a simpler question: do you, who sign, know what the AI does in your company and how it holds up? Without that answer, the standards are a dead letter.
The reason is rarely the model, but the ground that was missing: scattered data, undocumented access and no traceability. What separates a demo from a system that operates.
Fines under the AI Act: how much, on whom and from when.
Up to 35 million euros or 7% of worldwide turnover. The three bands of the penalty regime, whom they reach and from what date — without the jargon.
No data governance, no AI: why projects stay a demo.
An AI is only as good as the data it can read. Why the order of your data, not the model, decides whether a project ever operates the business.
How to comply with the AI Act, step by step (without becoming an expert).
Compliance is not a last-minute act, nor only a matter for lawyers, but a sequence of steps in order. What they are, and where to begin without becoming an expert in the regulation.
AESIA: what it is and what it asks of your company.
Europe passed the AI Act, but who supervises it in Spain? There is an agency with a name and a seat: what it looks at, with what tools and from when.
Your board cannot see what your AI does: how to change that.
A protocol so that leadership can see what its AI does, what risks it runs and how it is kept under control — without depending on the technical director to translate it each time.
From using AI to directing it: control as a management capability.
The reason to govern an artificial intelligence is not the auditor: it is that the machine does what you want. Directing it — shaping it, understanding it, correcting it — is a management capability.
A Monday morning with AI running the department.
The difference between having artificial intelligence and operating with it is not visible in a demonstration. It shows in the routine: in what the system did over the weekend and in what the manager finds on arrival.
The rules your AI obeys: where they live and how they are enforced.
The difference between an intention and a rule is that a rule has a place, a mechanism and a test. How a limit is built that the machine observes every time.
How to know your AI is not making things up: source verification.
An AI answers with the same confidence whether it knows or not. The answer is not trusting more: it is the circuit that demands the source before publishing — shown in a real, open system.
What your AI is forbidden to say: compliance that runs with the system.
A filed policy describes; an embedded control prevents. The difference shows on the day of the error — and the European regulation, read closely, asks for the latter.
§ 03 · No newsletter
There is no email capture or pop-up newsletter. If something you read here fits a concrete problem in your company, open a conversation.
Authority demonstrated. Conversation when it serves you.