Where we're starting
Get ahead of the disclosure event
The real risk isn't only a leak — it's the moment Wasatch has to answer for one. Your clients have signed anti-AI clauses. If something surfaces later (a client question, a subpoena, an insurance claim), you'll have to disclose exactly which AI tools were used and what data was touched. Right now, those answers don't exist.
- Unsanctioned tools are already in the building. Roughly ten employees on personal AI accounts — outside your visibility, against your clients' signed terms.
- No enforceable policy. Without one, you have no defensible position when a client or insurer asks what protections were in force.
- Announcing first destroys the evidence. The moment employees hear "audit," they may try to clear the logs and traces we need to answer for any future disclosure.
What's in the audit
The deliverables
- Tool & account inventory. Every AI tool in use, corporate and personal, scored against your client confidentiality requirements.
- Endpoint & file-system review. Desktop AI installs and what documents have been touched or uploaded.
- Written findings report + policy requirements doc. A prioritized action plan plus what your attorney needs to draft the formal policy. We coordinate the handoff.
- Company-wide rollout session. Findings and new policy presented together — answering employee questions with answers, not speculation.
How we work
Operating principle
The audit runs quietly, coordinated with you and Audra only — not announced internally, not shared with the broader team until findings are ready. That's how we preserve the logs and traces we need. The rollout lands at the close: your team hears "here's what we found, here's the new policy" in one coordinated moment.
Investment
3 weeks · 50% on signing, 50% on delivery
$12,500