What did your board ask you to do this quarter?
Each lane is the long version of a real conversation with a CTO or CAIO this year — the framework for the strategy ask, the role-scope for the hire, the audit playbook for governance, the discipline shift for engineering, and the tooling shortlist for capabilities. Pick the brief that matches your Q.
Write us an AI strategy.
Frameworks, roadmap, maturity. What goes in the document, what goes in the appendix, what gets cut — and what survives a Q3 board review.
02 · LEADERSHIPHire a CAIO.
Role scope, comp benchmarks, the 90-day plan. Seven questions for every shortlisted candidate, and the reporting lines that hold.
03 · GOVERNANCEAudit our AI governance.
EU AI Act, NIST AI RMF, tooling. The clause template two SaaS renewals failed without, and the CISO-versus-DPO boundary resolved.
04 · ENGINEERINGModernise software engineering.
Code review, testing, platform, maintenance. What changes about how engineering runs once half the code is AI-generated.
05 · CAPABILITIESPick AI capabilities & tooling.
AI-SRE, agents, orchestration, observability. The procurement frame no vendor will draw for you, and the tools that earn their licence.
— · BROWSENone of these match?
Open the full library of 68 briefs across 7 hubs. The most-asked board questions drive the lanes; the rest live one click in.
Latest research
All hubs →AI Agent Security: The Runtime Tooling View of Prompt Injection, Data Exfil, and Output Trust
The operational read on AI agent security tooling in 2026 — the four threat categories that matter, the four procurement archetypes (runtime guardrails proxy, runtime monitoring, MLSecOps platform, OWASP-LLM assessment), where each named vendor sits in the pipeline, and the structural failure mode of treating these tools as a checkbox.
EssayAI Brand Visibility Tools in 2026: The Honest Procurement Read
A practitioner's evaluation of the LLM brand-visibility tooling market — Profound, Otterly.AI, Peec AI, Goodie AI, AthenaHQ, Scrunch AI, Evertune, Daydream, Rankscale, Writesonic GEO, HubSpot AI Search Grader, Semrush AI Toolkit, Ahrefs Brand Radar, Surfer AI, Airops, Bluefish. Four archetypes, a four-criterion scoring rubric, and the consolidation prediction nobody in this market wants to hear.
EssayAI Data Readiness: The Data Layer That Pre-Dates Your Strategy Approval
The four data-readiness checks no AI strategy survives without — inventory, classification, lineage, access controls — extended with the AI-specific surfaces classical data governance does not cover (training-data licensing, embedding-store provenance, prompt-context auditability), and the named-vendor read on Alation, Atlan, Collibra, Informatica, Databricks Unity Catalog, Snowflake Cortex, Select Star, Secoda, and Cloudera against an honest practitioner rubric.
EssayAI Orchestration Frameworks in 2026: The Practitioner's Comparison
Framework-by-framework evaluation of the agentic AI orchestration landscape — LangChain, LangGraph, CrewAI, AutoGen, LlamaIndex, Haystack, Semantic Kernel, DSPy, Model Context Protocol, plus the model-vendor-native surfaces. Four criteria, named verdicts, and the honest answer to the question every engineering team asks: do I need a framework at all?
The hubs
- C1 →
Frameworks
Six widely-cited AI strategy frameworks scored against eight criteria — McKinsey, Microsoft CAF, Gartner, Databricks, IBM watsonx, and the operator-built four-question diagnostic. Honest about what each gets wrong.
- C2 →
Roadmap
Once an AI strategy exists, the question becomes the order in which to do the work. The roadmap cluster covers the discretionary-to-operating-budget transition, the six- and eighteen-month horizons, mid-programme pivots, and the difference between an AI transformation and an AI strategy with a louder cover sheet.
- C3 →
Maturity
Six AI maturity models — Gartner, Microsoft CAF, MITRE, CNA, Deloitte, and an operator-built version — plotted against one set of axes. Target maturity stage is conditional on strategic posture, not absolute.
- C4 →
Governance
What enterprise AI governance actually requires in 2026 — the EU AI Act August deadline, the NIST/ISO alphabet soup, the 35-tool platform market, and the CAIO/CISO/DPO boundary that breaks most programmes. Written by someone who has run the programmes, not audited them.
- C5 →
Roles
Should you hire a Chief AI Officer? Where does the role sit, what does the first 90 days look like, and where is the CAIO ↔ CTO ↔ CIO boundary. Written for executives deciding the org-chart question, not selling the search.
- C6 →
Capabilities
The serious AI coding tools market has compressed to four enterprise contenders, two emerging agents, and a handful of IDE plays. The strategic question is not which is best — it is who decides, what is actually being procured, and what the licence-versus-API split does to the budget twelve months in. Written for the VPE, the CIO, and the platform lead who will own the consequences.
- C7 →
Software Eng
What AI is doing to software engineering as a discipline, not a procurement line: the code review, testing, maintenance, and platform shifts a VP owns.
Editor & principal author
Tom Prommer
The AI Strategy Guide is edited by Tom Prommer — twenty years as CIO and CTO, with AI programs run and audited across European media and technology groups. Briefs are operator-written and editorially reviewed before they publish, so the opinion is foregrounded and the trade-offs are named, not buried.