From Sales Transformation to AI Governance: Why the Path Was Shorter Than I Expected

If you have followed my work for any length of time, you know me as a sales consultant and fractional CRO, the person who maps commercial functions, finds where capacity is being left on the table, and helps businesses build the structure to release it. That is still what I do, but I have added something to it and I want to explain why.

I now work with businesses on AI governance, specifically ISO/IEC 42001, the international standard for AI management systems. Before you assume this is one of those "consultant discovers new revenue stream" stories, let me walk you through how I got here, because the path was shorter than it looks from the outside.

AI arrived in the middle of the work

The shift did not start with a decision to learn about AI governance. It started with an observation.

Over the past two years, AI has quietly embedded itself in almost every commercial function I work with. Sales teams use AI-assisted CRM tools and automated outreach, marketing teams generate content and analyse campaign performance with AI, finance teams use AI-powered forecasting, and operations teams automate processes that used to require manual intervention.

None of this happened as a single announced change. It arrived gradually, tool by tool and team by team. An individual contributor found something that saved them two hours a week, a manager approved a new platform that promised better pipeline visibility, and a founder started using a generative AI tool to draft proposals and never went back.

The result, in most businesses I work with, is that AI is now woven into how the business operates, and in most of those businesses nobody has a complete picture of what is being used, by whom, what data it touches, or what happens when something goes wrong.

The CRM parallel

We've seen this pattern before, haven't we?

Fifteen years ago, the technology arriving in sales functions was CRM. Businesses bought it, configured it, trained their teams on the basics, and hoped it would transform their commercial performance. Some got enormous value from it, many did not, and the difference was rarely the technology itself. It was whether the business wrapped structure around it: clear processes, defined ownership, data governance, and a feedback loop between what the system showed and what the business actually did with that information.

AI is following the same adoption curve, but the stakes are different. CRM stores data, whereas AI makes decisions, generates content, and acts on behalf of the business. When CRM is poorly governed, you get a messy database and unreliable forecasts. When AI is poorly governed, you get a system making decisions that nobody fully understands, using data that nobody fully controls, in ways that nobody has formally approved.

That is not a theoretical concern. I see it in real businesses, operating in good faith, run by capable people who simply have not had reason to think about AI governance yet.

What governance looks like when it works

My career before consulting was in commercial leadership roles in regulated environments: financial services, manufacturing, sectors where governance is not optional and where the consequences of getting it wrong are tangible and immediate.

I saw what good governance enables. In regulated environments, strong governance does not slow the business down, it gives people confidence to move faster because the boundaries are clear, the risks are understood, and the decision-making framework is explicit. Sales teams in well-governed businesses do not spend time second-guessing what they can and cannot do, because someone has done the work to make it visible.

I also saw what happens when reality tests governance to breaking point. Even in organisations where diligence and safety are genuinely part of the culture, things go wrong. Products get recalled, markets shift, and regulatory environments change faster than internal processes can keep up. What I learned from those moments was not that governance had failed, but that the businesses which had invested in strong governance were better equipped to navigate what came next. The governance did not prevent every problem, but it gave people a framework for responding when problems arrived.

That experience is directly relevant to what businesses face with AI today. The question is not whether something will go wrong with an AI system your business relies on, it is whether you will have the structure in place to understand what happened, respond effectively, and prevent it from happening again.

Why I formalised it

The honest answer is that you cannot help a business optimise its commercial function today without talking about AI and automation. The two are now the same conversation. And as I added the capability to support teams through AI design and implementation alongside the sales work, something became impossible to ignore.

Businesses are being pushed into high-risk steps by a technology that is moving faster than their ability to absorb it. The pressure to adopt is everywhere, the consultants offering to solve it are everywhere, and the window to do this properly from the outset is closing. It is clear that business after business is taking steps that carry real, material risk, and in most cases nobody has named the risk, let alone structured a response to it.

Here is the part that shifted my thinking. Whatever happens to AI from here, there will always need to be a human-designed layer of governance sitting above it. The day there is not is the day human work ends, and I am not planning for that outcome. If we accept that human governance is a permanent feature of how AI gets used, then a management system for AI stops being a nice-to-have and becomes the operating layer that makes everything else possible.

That is why I formalised the practice. I completed my ISO/IEC 42001 foundation certification and I am working toward Lead Implementer accreditation. The standard gives me a rigorous, internationally recognised framework for a conversation I was already having, rather than relying on instinct alone.

Where the two practices meet

AI governance and sales transformation are not separate offerings that happen to sit under the same name, they are connected by the same underlying principle: structure enables ambition.

The Sales Map™ exists because businesses perform better when their commercial function has visible structure, clear ownership, and evidence-based decision-making. AI governance exists because businesses adopt AI more confidently when they understand what they are using, how it is being governed, and what the risks and responsibilities look like.

For the businesses I already work with, many of whom are actively using AI in their sales, marketing, and operational functions, the governance conversation is a natural extension of the commercial work. For businesses I have not worked with before, the AI governance entry point leads to the same place: a clearer picture of what is happening, where the risks and opportunities sit, and what to do about it.

What comes next

Over the coming weeks, I am going to publish a series of posts exploring AI governance for businesses that are already using AI but have not yet thought about how to govern it. I will cover what ungoverned AI actually looks like in practice, why governance applies to businesses that use AI (not just businesses that sell AI products), what ISO 42001 actually requires in plain English, and how to assess your own readiness.

If your business uses AI in any part of its operations, delivery, or decision-making, this series is for you. And if you want to have a conversation about where your business stands, I am offering a small number of free AI Governance Readiness Assessments as I build this practice. More on that in a later post.

For now, the point is simple: the path from commercial transformation to AI governance was not a pivot. It was the next step on a road I was already walking.