Enterprise Consulting
AI Procurement & OSINT Consulting
I evaluate the vendors so you don't get burned. OSINT-based due diligence, structured RFPs, and governance frameworks that surface risks before contracts are signed. Years of building the tools myself means I know exactly what to demand from vendors.
Services
What I deliver
OSINT Vendor Due Diligence
Deep open-source intelligence investigations into AI vendors. I uncover what sales decks hide: funding instability, technical debt, data handling practices, regulatory gaps, and reputational risks - before you sign anything.
RFP/RFI Development
Structured procurement documents that ask the right questions. I write RFPs that force vendors to prove their claims with evidence - not marketing language. Templates designed for AI-specific evaluation criteria.
Evaluation Scorecards & Matrices
Objective, weighted comparison frameworks that remove gut-feeling from vendor selection. Every criterion is traceable, every score is justified. Decision logs that hold up to audit.
Risk Assessment (GDPR, GxP)
Systematic evaluation of vendor-lock-in risks, data protection compliance, and regulatory exposure. I map the real risks to your specific environment - pharma, healthcare, or regulated enterprise.
Decision Logs & Traceability
Every procurement decision documented with rationale, evidence, and audit trail. In regulated industries, you need to show why you chose a vendor - not just that you did. I build that paper trail from day one.
Executive Materials & C-Suite Communication
Translating technical findings into clear, actionable recommendations for leadership. I prepare board-ready presentations, executive summaries, and decision briefs that executives actually read and act on.
Track Record
Results, not just deliverables
AI vendors evaluated through OSINT-based due diligence
High-risk vendors flagged and rejected before contract stage
Years of experience building the tools vendors claim to sell
Procurement decisions documented with full audit trail
Process
How I work
Every engagement follows a structured approach - adapted to scale, never skipped.
Scope
I map your requirements, constraints, and regulatory landscape. What problem are you actually solving? What does your existing stack look like? Where are the real risks?
Investigate
OSINT-based research into shortlisted vendors. Funding, leadership, technical claims, customer reviews, regulatory history, data handling practices - everything that matters, nothing that doesn't.
Evaluate
Structured scorecards with weighted criteria. Side-by-side comparison, risk matrices, and decision logs. Every score backed by evidence, not opinion.
Recommend
Executive-ready materials with clear recommendations, risk summaries, and implementation guidance. I present to your leadership and answer the hard questions they'll ask.
Risk Areas
What I look for
Vendor Lock-in
Proprietary data formats, API dependencies, contractual traps, and migration costs. I identify the exit barriers before you walk in.
Data Protection & GDPR
Where does your data go? Who processes it? Under which jurisdiction? I audit data flows, sub-processors, and privacy policies for real compliance - not checkbox compliance.
GxP & Regulatory Fit
AI tools in regulated environments need validation, audit trails, and change control. I assess whether vendors actually understand your regulatory obligations or just claim to.
Technical Claims vs. Reality
AI vendors love impressive numbers. I verify performance claims, benchmark methodologies, and technical architecture against what's actually achievable and proven.
Don't sign until you know what you're buying
Whether you're evaluating a single AI vendor or building a full procurement framework, I'll give you an honest assessment of what's real - and what's marketing.