What an AI Opportunity Audit Should Include

An AI Opportunity Audit is not a technology review. It is a business workflow assessment with AI as the lens.

A good audit should leave you knowing: which workflows are worth improving with AI, which are not, what risks need to be controlled before building anything, and what practical first step makes commercial sense.

What should the audit review?

A workflow audit should start with the repeating administrative tasks in the business — the things that happen daily or weekly, consume staff time, and produce a predictable output.

Common candidates include: enquiry handling and follow-up, proposal and quote preparation, document processing, meeting summaries, internal knowledge retrieval, and FAQ responses.

The audit should identify the inputs, the outputs, the people involved, the current time cost, and the current error or inconsistency rate.

What should the audit score?

Each identified opportunity should be scored across four dimensions: business value, implementation effort, data readiness, and risk level.

Business value is the measurable cost of the current problem — in hours, in lost revenue, or in staff frustration. If the value is not measurable, the opportunity is speculative.

Implementation effort is how much work is required to build a reliable workflow — including the quality of source material, the number of systems involved, and the complexity of the decision logic.

Data readiness is whether the business has the documents, content, and structured inputs needed for the AI to do useful work. A knowledge assistant built on a disorganised shared drive will produce poor results.

Risk level covers data sensitivity, professional liability, and the consequences of an error. A quote draft has lower risk than a legal advice summary. A product FAQ has lower risk than a medical information response.

What should the recommendations include?

A good audit recommendation is direct. It should say: here is the workflow worth starting with, here is why, here is the tool or approach, and here is what to build first.

It should also say: here is what to avoid, here is where the data is not ready, and here is where you need specialist advice before proceeding.

A recommendation that says “AI could help with everything” is not useful. A recommendation that prioritises one workflow with a clear business case is.

What is out of scope?

An AI Opportunity Audit should be clear about what it does not cover. It is not a legal privacy assessment. It is not a cyber-security review. It is not a custom model specification. Where those are needed, it should say so and recommend the appropriate specialist.

The next step

The audit conclusion should tell you clearly: the case for proceeding, the recommended scope for a prototype or implementation, and what would change the recommendation.

If the business case is not there, the audit should say so. That is a useful finding, not a failure.