What is AI change management?

AI change management is the process of helping an organization adopt AI tools effectively — covering governance, training, cultural buy-in, and measurement. Unlike a software rollout, it is ongoing rather than project-based.

Should the CEO or CMO lead AI change management?

Both, depending on scope. The CEO sets the organizational permission level and culture. The CMO leads adoption within marketing and revenue functions. For enterprise-wide transformation, CEO sponsorship is non-negotiable. For function-specific adoption, the CMO can drive it independently.

What is the biggest mistake companies make with AI change management?

Treating it like a project with an end date. AI change management is ongoing — the tools evolve, team capabilities need to keep pace, and new use cases emerge constantly. Organizations that compound their AI advantage treat it as a continuous operating model, not a one-time initiative.

How long does AI change management take?

The first measurable results — time savings, productivity improvements — typically appear within 60 to 90 days of a structured adoption program. Compounding benefits accumulate over 12 to 18 months as the organization builds confidence and expands use cases.

What is the AI Flywheel?

The AI Flywheel is NorthLight's framework for sustained AI transformation: a four-stage cycle of Audit, Training, Personalized Tools, and ROI measurement. Unlike a linear project, the flywheel keeps spinning — each cycle builds capability and produces better results.

What Is an AI Audit? (And Does Your Company Need One?)

Blog

May 4

Written By Susan Diaz

An AI audit is a structured assessment of how your organization is currently using AI: what tools are deployed, how employees are actually using them, where the gaps are, and what's working versus what's theatre. It's less of a compliance exercise and more of a diagnostic. And most companies that think they don't need one are the ones who need it most.

Here's why.

The Problem With "We're Already Using AI"

Most mid-market companies are using AI. Almost none of them know what that actually means at an organizational level.

Ask a typical executive team these questions:

Which AI tools are employees using right now, including tools the company didn't approve?
Which functions have measurable productivity gains from AI, and which have noise?
Where is AI output going to customers or decision-makers without a human review step?
Which employees have had training in the last six months, and which are guessing?

If your leadership team can't answer those four questions with specifics, you don't have an AI strategy.

An audit turns AI activity into a picture. The picture tells you where to invest, where to slow down, and where you're exposed.

What an AI Audit Actually Covers

A well-structured audit looks at five areas:

Tool inventory
What AI tools are being used across the organization - sanctioned and unsanctioned. This almost always surfaces shadow AI use that leadership didn't know about. (Read more here: "What Is Shadow AI")
Data handling
What information is entering AI tools? Is customer data, financial data, or proprietary IP going into consumer AI products with no enterprise data agreement? Most companies don't know. This is where legal and compliance exposure lives.
Training coverage
Who has had structured AI training, and what kind? There's a significant difference between "we showed the team a ChatGPT demo in February" and "our team knows how to build repeatable AI workflows in their specific roles".
Output review
Where is AI output going without a human check? A blog post is low risk. A client proposal, a financial summary, or a customer service response is not.
ROI clarity
Which uses of AI are producing measurable results? Most organizations can point to anecdotal time savings. Very few can point to a number.

Two Signs You Need an Audit Now

Sign 1: You've been using AI for more than six months but can't describe the ROI.

If AI has been running in your organization for a year or more and you still can't quantify what it's producing, the problem usually isn't the tools. It's that no one has taken a clear-eyed look at what's actually happening versus what people assume is happening.

Sign 2: You're about to make a significant AI investment.

Buying a new enterprise AI platform, rolling out Copilot across the organization, or hiring an AI consultant are all decisions that cost significantly more when you don't know your current baseline. An audit before a major investment is the difference between informed spending and expensive guessing.

What an Audit Is Not

It's not a vendor evaluation. It's not a technology implementation. It's not a policy document.

An AI audit is a snapshot of organizational reality - where you are right now, not where you want to be. Done well, it takes a few hours of stakeholder input and produces a clear prioritization: what to fix first, what to build next, and what to stop doing.

The output shouldn't be a 60-page report no one reads. It should be a one-page picture and a short action list.

How to Run One

There are two approaches depending on your resources and timeline.

Self-assessment: Use a structured scorecard covering the five areas above. This works for organizations that want a fast baseline before engaging outside help. It won't catch everything - self-assessments have blind spots by design - but it will surface the biggest gaps.

Third-party assessment: An external team interviews stakeholders across functions, reviews tool usage, and delivers a prioritized gap analysis. This is more thorough and more honest, because employees will say things to an outside assessor they won't say to their own leadership.

NorthLight's Marketing AI Audit Scorecard is a good place to start. It takes 15 minutes and gives you a structured baseline across all five areas - a starting point before a fuller assessment or a sanity check if you think you're already in good shape.

The Short Version

You need an AI audit if:

Employees are using AI but leadership can't describe the results
You're about to make a significant AI investment
You've had an AI incident (bad output reaching a client, data entered into an unapproved tool) and don't have a clear picture of the exposure
You're preparing a board presentation on AI strategy and need something more than anecdotes

You don't need a six-figure engagement to get started. You need a clear picture of where you are. That's what an audit gives you.

Start with the scorecard.

****************

Susan Diaz is the host of AI Literacy for Entrepreneurs and the author of the forthcoming book 'Swan Dive Backwards'. She runs AI Power Circle, an AI implementation mastermind for founder-led businesses ready to stop producing more and start producing effectively. If that's where you are, find Susan Diaz on LinkedIn to see if this is a fit.

AI agencyCreative agencyTorontoLeveraging artificial intelligenceAI advantageRobotic Process Automation (RPA) for creative businessesStreamlining marketing workflows using AIIncreasing efficiency and productivity in marketing using AIAccessible AIEmpowering businesses to drive revenue with AIDriving innovation in marketing with AIConsistent revenue-driven marketing with AIAI training for marketingMastering the art of prompting AIPrompt engineering for marketingAutomating routine marketing tasks

Susan Diaz