Trusted AI advisory
Institutional AI deployments succeed or fail at the boundary between the model and the mandate. We write that boundary in the language a regulator, a board and a court will accept — accountability, lineage, failure mode, sovereign dependency — before a system enters production.
Digital sovereignty assessment
Sovereignty is a posture, not a vendor list. We stress-test the three tests that matter: substitution, jurisdiction, continuity. The deliverable is a written institutional position on which Monday morning the operator continues to function, and what would move that Monday by a year. See the essay for the underlying method, and the residency vs sovereignty distinction.
EU AI Act readiness for critical infrastructure
Article 6 high-risk classification is not a label; it is the gate to a stack of Articles 9–15 obligations. We treat the AI Act as the integration spine that carries NIS2 supply-chain obligations and DORA incident timelines under a single institutional clock. Detail: The EU AI Act and the operators of critical infrastructure.
Resilience architecture
Every engagement is scored against the UberConsul Resilience Audit — six dimensions rated against the institution's own mandate, not a generic maturity ladder. The output is a one-page institutional position, defensible in front of a regulator, a board, and — increasingly — a court.
How engagements are taken
By appointment. Signed and delivered by the principal personally. There are no associates, no white-labelled partners and no undisclosed advisory relationships with vendors whose products the practice may assess. Affiliations are disclosed on the engagement letter. To open a conversation, see Contact.