Insights

The thinking behind shipping AI into regulated systems.

I write the deep dives here first — canonical, unhurried, ungated. Then I share them, and the best of what I'm reading, on LinkedIn, dev.to and X.

Start here

Deep dive8 min read

The AI Audit Trail That Survives an Inspection: capture, seal, replay

You can't audit a model that retrains — you audit the trail. What to capture, how to seal it tamper-evident, and how to replay one decision when the auditor asks.

By André Queiroz · dezotech

Read the playbook →Book a call

More deep dives

One new deep dive in the pipeline each month.

Deep dive

Shadow AI Is Already in Your Org: a 90-day containment plan

What to find, what to fence off, and what to formalize — before unsanctioned AI shows up as an audit finding.

8 min read

Deep dive

Adopt AI Without Failing Your Next Audit: a 2026 playbook

The exact frameworks, guardrails and shadow-AI assessment I run on real engagements — for the people who'll be in the room when the auditor asks "who approved this?"

9 min read

Join the newsletter

Subscribe and the next deep dive lands in your inbox before it hits LinkedIn.

What I've been reading & writing in public

Not articles — just the threads, posts and notes worth your time, hand-picked from where I work in the open. Links go out to the original.

inLinkedIn

"We'll add governance later" is the most expensive sentence in AI adoption.

My take after another audit post-mortem.

Read on LinkedIn

ddev.to

Strangler-fig, but for compliance: migrating a legacy core with no downtime window.

The reference architecture I keep linking people to.

Read on dev.to

XX.com

A short thread on what the EU AI Act Aug-2 deadline actually changes in production.

The thread that got the most questions.

Read the thread

Ship & Stay Compliant

One practical playbook every other week.

Automation, legacy modernization & safe AI adoption. Free: the AI-Adoption-Without-Audit-Failure checklist.