For fractional CFOs · internal auditors · compliance officers · family offices

AI workflows your
auditor would approve.

Stop pasting client data into ChatGPT or Claude. Build a local-first, audit-grade AI workflow your board, your regulator, and your client confidentiality agreements can defend.

Get the free 90-min workshop → See how it works

Plus the project-start prompt that produces an auditable stack in 5 minutes. Free, no credit card.

The problem

If you've ever paused before pasting client data into ChatGPT or Claude, you already know.

The fastest-growing use of AI in finance and audit isn't on a slide deck — it's in private chat sessions. Workpapers, client P&Ls, advisor notes, all pasted into consumer LLMs because the in-house tools aren't ready and the deadlines are.

This works until it doesn't. When the auditor asks for your AI usage policy. When a regulator subpoenas your prompt history. When your engagement letter says "client data will not be transmitted to third parties for model training" and the AI provider's TOS says it will.

You don't have an AI problem. You have an AI governance problem. And the tools selling you a fix mostly sell you slides.

From the field — 2026

What we keep hearing from the people who do this work.

Internal Audit

"Internal auditors are emailing workpapers to their personal email addresses to use ChatGPT for creating findings."

— Internal Auditor magazine (IIA), April 2026

Compliance

"In compliance, a hallucinated requirement is not merely embarrassing — it can lead to misallocated resources, false assurance, or genuine regulatory breaches."

— AI for Compliance Officers Guide, 2026

Family Office

"Family offices must understand what AI tools are doing with their data, how it's leveraged, and whether their data is used to help train other people's results."

— Plante Moran AI Governance Framework, March 2026

Fractional CFO

"Set rules that prevent the assistant from sharing one client's data in another client's context."

— AI Prompt Engineering Guide for Fractional CFOs, 2026

Every one of these problems has the same root cause: AI without an audit trail.

The method

One architecture. A handful of files. A real audit trail.

Most AI prompt templates tell the AI what to produce. We teach you how to govern the production.

The Project-Brain pattern separates three things consumer chatbots blur together:

01Storage — a small local SQLite database that holds every decision, every prompt hash, every red-team verdict.
02Working memory — Markdown handoff files the AI reads at the start of every session.
03Reasoning — the LLM itself, which never sees more context than it needs and never persists anything you can't audit.

When your CAE, your client, or your regulator asks "what did your AI do, and why?" — you have a row.

A taste of the method

The first message you send your AI.

You paste this once. The AI sets up the project brain, the handoff file, the runner that hashes every prompt, and the no-touch boundaries — before producing a single line of your deliverable.

# Project Start Prompt — LITE

You are helping me start a serious AI-assisted project.
Do not begin by producing the final deliverable.
First, build a small local workspace that gives me an audit trail
and survives across chat sessions.

## 1 — About this project
- Name:  [PROJECT NAME]
- Goal:  [What "done" looks like]
- OS:    [macOS / Linux / Windows]

## 2 — No-touch list
You may not:
- request or store credentials, API keys, or .env contents
- access files outside the project folder
- delete, overwrite, or publish without my approval
- generate the full final deliverable on the first turn

## 3 — Create this local layout (cross-platform paths only)
[PROJECT NAME]/
  README.md
  HANDOFF_LATEST.md
  project_master.db
  schema.sql
  init_db.py
  runner.py
  docs/decisions/
  outputs/

## 4 — Project brain: 3 audit tables in SQLite
   decisions       — what did we decide and why?
   work_log        — what did the AI actually do?
   handoff_registry — what state did we hand off between sessions?

## 5 — Hash every interaction (SHA-256)
## 6 — Cross-platform commands (bash AND PowerShell)
## 7 — Proceed with patch #1 only

The full version, with 6 tables, red-team gating, idempotent migrations, and three domain variants, ships with the course.

Free, this week

Three deliverables. One email. No credit card.

90-minute workshop

Self-paced video. You'll leave knowing exactly how an audit-grade workflow differs from a chat session, and which three files you need to start.

Lite project-start prompt

A ~30-line copy/paste prompt for Claude or ChatGPT. The AI sets up a SQLite project brain, a handoff file, and a runner that hashes every prompt. Works on macOS, Linux, Windows.

Audit-question crib sheet

A one-page PDF mapping each table in the Project-Brain to a specific audit question you'll be asked. Bring it to your next AI committee meeting.

Built for

The four people who need this most.

Internal Auditors

You're being told to use AI without a defensible methodology. This is the methodology.

Compliance Officers

Every output that informs a compliance decision must be verifiable. Hash logs and red-team gates make that automatic.

Family Office Operators

Local-first means client data never leaves the family office. The principal can see every prompt sent.

Fractional CFOs

Cross-client data leakage is your biggest liability. Per-project folders and explicit no-touch boundaries enforce confidentiality by design.

Also if you're a serious AI builder

Not in finance? Same wall, same fix.

If you've watched a coding agent drift halfway through a project, treat the chat thread as its own source of truth, or invent file paths because the context window got compacted — the architecture in this course is the fix.

The "audit-grade" framing speaks to regulated buyers. The underlying pattern — local SQLite project brain, handoff files, hashed prompts, red-team gate — is exactly what stops drift and gives any serious build a memory it can trust between sessions.

Auditable for regulated work. Stable for serious building. Same six-table pattern. Same handoff files. Same red-team gate.

Honest about what this is

What this is not.

This isn't a prompt-engineering course. It's not a tour of LangChain or CrewAI or AutoGen. It's not a course on AI policy slides. It's a hands-on workshop on building a local, auditable workflow you control — using Python, SQLite, Markdown, and your terminal.

You don't need to write Python from memory. You do need to be able to paste a command into a terminal and read the result.

About

Hi, I'm Kirk.

I've spent 12+ years building financial systems, automated reporting, and data-modeling tooling at Unilever, News America Marketing, and The Durst Organization — the person on the team who actually shipped the dashboards, pipelines, and Excel/Python tooling FP&A teams ran their close on.

At Unilever I cut a financial-reporting data pull from four hours to under one. While I was there I also built an internal Excel model — heavy VBA, UserForm navigation, click-of-a-button PowerPoint generation — that exported as a single 200+ slide PDF with hyperlinked navigation. The CFO of North America used it on his phone during meetings; no one had given him a one-source file like that before. Before that, at News America Marketing, I built the Month-End close models the entire FP&A team ran their close on.

Since then I've shipped governance-grade SQLite systems in production for complex multi-source research workflows — auditable from row one, every decision tracked, every prompt hashed — before AI made any of this fashionable.

I built this course because I kept watching smart finance and compliance people paste client data into ChatGPT or Claude, knowing it was wrong, knowing there had to be a better way. There is. This is it.

Email: kirk@auditgradeai.com

LinkedIn: linkedin.com/in/kirk-nielson-3b408995