Applied AI governance

AI use readiness is organizational decision readiness applied to the tools already in use.

Rule 52 turns 52 workplace AI decisions into editable policies, staff rules, review checklists, approval forms, inventories, registers, vendor questions, and rollout records.

By Evan FosterPublished
Rule 52AI use readinessWorkplace AI governance
Core proposition
IVA governs how organizational context becomes legitimate action. Rule 52 governs how AI may participate in that organization.

0 to 52

One point only when the rule is real.

A general policy cannot govern every tool, data type, workflow, external output, vendor, exception, or incident. Rule 52 makes the operating decisions explicit and produces the records staff and leadership need to use them.

  • Decided
  • Documented
  • Owned
  • Supported by an artifact

Eight operating domains

The complete readiness field.

Governance + scope

Approved tools, ownership, access, work purpose, experiments, and refresh cadence.

Data, privacy + access

Prohibited and conditional data, minimization, accounts, retention, permissions, and contracts.

Use-case approval

Low-risk uses, approval triggers, prohibited uses, people-affecting decisions, and formal submissions.

Human review + quality

Review triggers, reviewer qualification, facts, sources, bias, accessibility, safety, and responsibility.

Disclosure + IP

Internal and external disclosure, authorship, copyright inputs, output review, and public approval.

Vendors + third parties

Vendor terms, data use, security review, contractor rules, validation, and change review.

Security + incidents

Prompt injection, agent permissions, output handling, logging, incidents, and impersonation.

Training + enforcement

Role-sensitive literacy, acknowledgment, exceptions, remediation, consequences, and refresh.

Relationship to the thesis

Everything is context does not mean every tool receives unrestricted access.

IVA argues against discarding organizational information merely because its value is not immediately visible. Rule 52 governs which AI tools, accounts, roles, data classes, workflows, and outputs may access or use that context. Preservation, access, inference, disclosure, and action are separate governance decisions.

Commercial product

Make the decisions and generate the operating pack.