… because there’s always clearly one winning side (classic, tested, reliable, known confidence) vs. the other losing side (Gen-AI, experimental, hallucinatory, unknown dependability) …

but, as Garry points out in his Tuesday Afternoon post, they do need to know whether or not they can use it, what they can use, how they can use it, to what extent they can depend on it, and whether or not they’ll be in trouble for using it (or not) if they follow the rules and something goes wrong … especially when they are told late on a Tuesday afternoon to just git ‘r done on a last minute task that has to be done before they leave (and you haven’t provided them proper systems to get the task done).

This is why, as per our last post, you need an AI Rulebook that can give your users guidance on what AI can be used where, who can use it, when, how, and why those rules are in place.

However, as Garry makes clear in his Tuesday post, your users need training on how to properly use the rulebook, and, more importantly, on how to properly think about AI and their use thereof. This posts, which builds on his ladder post (which, as we’ve noted, you don’t need if you use Busch-Lamoureux Exact Purchasing because that tells you how much “decision” authority can be turned over to a dumb machine vs. how much needs to be human judgement by default), puts together a routine for departments that don’t have a request type classified (and obviously don’t have the right systems in place because his examples of getting a contract deviation approved, a risk flag explained, or a supplier added should be a quick and easy process in your current systems assuming you have guaranteed access to legal/risk professionals for targeted questions on a daily basis, full system log access, and/or management has (pre)granted you override authority — because none of these examples require AI (and certainly not Gen-AI), and if you need to use AI, it’s demonstrating a failure of your Procurement leadership on expert and system selection, implementation, and/or utilization. (But we digress.)

When you feel you need to use AI because you don’t have the systems and expert access you need, and especially if you don’t have a good AI rulebook, then you need to go through Garry’s AI buying routine.

1. Why are you using the AI?
   To quickly locate information (in an online help or policy guide) or help you support a decision. In the former case, use it without hesitation, click through to the source (so you don’t have to worry about hallucinations), and git-r-done. Move on. In the second case, slow down, think about its response, and continue to step 2. (And start by asking, does it make sense?)
2. What is the decision that has to be made?
   Frame it in the shortest possible sentence. Is the clause acceptable to the organization in a signed contract? Is it okay to put the order through to the contracted supplier given the newly identified risk? Will adding this supplier violate any risk policies or compliance requirements? You’re much less likely to be swayed by LLM mumbo-jumbo when you analyze the response in response to your short and succinct question.
3. How reversible is this?
   What happens if I get it wrong? If it’s a three year contract, that tells you that you can’t make the decision unless you have expert access and confidence as it’s not reversible. If it’s a new supplier that might not meet government compliance regulations, you can always ban them later, so there is short term reversibility, as long as a contract or payment doesn’t go through, so it really depends on how soon an order is going out and being fulfilled and how likely they could be in a risky area as to whether or not you can make the decision . If it’s an order to an existing supplier that just got flagged for a delivery or bankruptcy risk, you can always send the order to someone else in a few days if you need to and it’s completely reversible.
4. What is the evidence bar to match the cost of failure?
   For reversible and low impact, which is what you’d find in the bottom-most octant of the Busch-Lamoureux Exact Purchasing framework, you can literally turn over the process to an AI, even a Gen-AI that hallucinates semi-regularly because it’s so easy to undo and having to deal with an exception on one in twenty decisions is just so much more efficient than making sure all 20 decisions are perfect. But if the impact is high and the decision irreversible, you don’t want to use AI for anything beyond helping you do your research and opinion-free analysis.
5. Can the AI show its work?
   If not, you’re not using AI, it’s using you.
   (Because if you can’t question and verify it, then all you can do is follow it.)
6. Who owns the judgement?
   What single person is responsible for the decision. Not a system. Not a committee. What person. You? Then you get to make the decision and accept the consequences. Your boss — then you need to get her approval, bringing your recommendation and reasoning, and then you can go forth and execute. Your boss’s boss — you can’t make the decision, but you can bring your boss all of your research and reasoning and she can choose what to push up the corporate ladder.
7. Are All Exceptions Automatically Logged in Unalterable Audit Trails?
   Not just because exceptions are where trust is won or lost, but if AI is used at all, and the worst case happens, and you end up in court, you need that audit trail that shows you followed a process, a human was involved where necessary, the necessary risks were analyzed, and the decision, according to your processes, was just. If you don’t have that trail, you don’t use AI for any critical decision. Period.

That’s the process. And the reality is that if you have proper systems and processes installed, you are properly staffed and trained, and you are proactively planning risk mitigations, you’ll need to use AI a lot less than you think you will. (Unless, of course, you’ve already used it so much that the cognitive atrophy has progresed to complete brain fry and you don’t know how to think for yourself anymore.)