HomeAboutServicesBlogPodcastContact Client Login Work With Us
Selected Work

Every build turns a domain's data into decisions.

A decade of data engineering and compliance reporting inside one of the four largest U.S. banks — now applied across finance, security and compliance, AI governance, and operations. The through-line is the firm itself: illuminating data, empowering decisions. Every project below is built and operated rather than theorized.

10+
Years Fortune 500
Enterprise Data
10
Delivered
Projects
12+
Published Articles
On AI Governance

One discipline, applied across every engagement.

Most AI consultants advise on slides. This work is the opposite: a running governance control plane, production financial and compliance dashboards, and live agents — each built and operated. The common thread is configuration-management discipline carried over from regulated enterprise environments and turned into systems a team can actually run and decide from.

Filter by Claude capability

Financial & Business

Admin Dashboard & CRM — overview
Live Built & operated in-house

Admin Dashboard & CRM

A production platform that merges Stripe and QuickBooks into a single financial-reporting surface, with the client pipeline and financial KPIs in one view.

Outcome. Replaces manual spreadsheet reconciliation with one governed view of revenue, pipeline, and cash — the numbers a decision actually runs on.

Node.jsExpressSQLiteStripeQuickBooks
View case study →

Security & Compliance

Security Baseline Dashboard — overview
Live Built & operated in-house

Security Baseline Dashboard

Compliance analytics over CIS benchmarks: coverage across products, rule search, and drift and gap tracking against a library of 11,000+ security rules.

Outcome. Turns a sprawling benchmark library into a coverage-and-gap view a team can act on, instead of a PDF no one reads.

CIS BenchmarksSQLiteNode.js
View case study →
PRISMA — AI Compliance Analyst — overview
Live Built & operated in-house

PRISMA — AI Compliance Analyst

Prism Risk Intelligence & Security Management Advisor: an AI analyst layered on the baseline data that answers compliance questions and cites the underlying CIS rule IDs so answers can be verified.

Outcome. Makes the benchmark library conversational and auditable — every answer is traceable to a cited rule, not an unsourced guess.

Claude APIRetrieval over CIS rulesNode.js
View case study →

AI Governance

CM-AI Governance Platform — overview
Live Built & operated in-house

CM-AI Governance Platform

KRI/KPI analytics for AI agents: inventories every governable surface (agents, skills, hooks, integrations, scheduled tasks), diffs the live environment against an approved baseline, and renders drift reports and audit-ready attestations.

Outcome. Answers the question observability cannot — was this agent ever authorized to do what it did — with evidence an auditor accepts.

Node.jsConfiguration ManagementKRI/KPI framework
View case study →
Chloe — Strategic Chief-of-Staff Agent — overview
Live Built & operated in-house

Chloe — Strategic Chief-of-Staff Agent

A memory-backed strategic agent that runs across four operating modes, governed under an approved CM-AI baseline (defined model, tool inventory, and KRI thresholds) — the governance framework applied to a real production agent.

Outcome. Demonstrates the platform on its own dog food: a live agent operating inside the same baseline-and-drift controls the firm builds for clients.

ClaudeCM-AI baselinePersistent memory
View case study →

Operations

Operations Control Plane — overview
Live Built & operated in-house

Operations Control Plane

A daily orchestration routine plus a mission-control inbox and decision tracking that surfaces what needs a human call and routes the rest.

Outcome. Turns scattered operational signals into a single daily view of what is in flight and what is waiting on a decision.

Node.jsScheduled automationHuman-in-the-loop gates
View case study →
Research-to-Content Automation — overview
Ongoing Built & operated in-house

Research-to-Content Automation

A pipeline that takes source research and produces a published article, audio, and infographic in under a day.

Outcome. Collapses research-to-publish from days to under a day, keeping a steady cadence of published work.

NotebookLMClaudeStatic site pipeline
View case study →
Client Onboarding & Readiness Engine — overview
Live Built & operated in-house

Client Onboarding & Readiness Engine

An end-to-end onboarding pipeline: a new request auto-provisions a client workspace and a warm, human-first welcome; a six-dimension AI Readiness Assessment scopes the work; and any payment opens a gated client portal — with a person leading every client touchpoint.

Outcome. Turns a scattered, manual intake into one governed lifecycle — evaluate, adopt, deliver — where automation handles the scaffolding and a person is never replaced at the client's door.

Node.jsExpressSQLiteResendHuman-in-the-loop gates
View case study →
Research Provenance Ledger — overview
Live Built & operated in-house

Research Provenance Ledger

An internal ledger that records every external source pulled during research — its date, the claim it supports, where it's cited, and a verbatim quote — with a trend view of where the firm's research attention is concentrating over time.

Outcome. Makes every stat in a brief or blog replayable to its source, and turns scattered reading into a signal of where attention is moving — provenance and trend in one governed view.

Node.jsExpressSQLiteChart.js
View case study →

Published Research

CM-AI Published Research — overview
Ongoing Built & operated in-house

CM-AI Published Research

A growing body of published articles establishing configuration management for AI agents (CM-AI) in the open.

Outcome. Establishes the framework publicly — proof the thinking is in the open, not a private pitch deck.

Long-form writingOriginal framework
View case study →

Vendor-neutral and integration-oriented — extending the tools you already run, against the frameworks your auditors already use.

CIS Benchmarks DISA STIGs NIST 800-53 NIST AI RMF CMMC 2.0 FedRAMP HIPAA PCI-DSS SOC 2 ISO 27001 ISO/IEC 42001 EU AI Act

Have a scope in mind?

The clearest way to start is a defined, time-boxed engagement — a governance assessment, an analytics modernization sprint, or a compliance build. Tell me where you are and I will scope from there.

Explore Services → Start a Conversation