BLOG ARTICLES

The sequence matters: proper engineering design must occur before deployment, not afterwards. by Raimund Laqua, PMP, P.Eng  As a professional engineer with over three decades of experience in highly regulated industries, I firmly believe we can and should embrace AI technology. However, the current approach to deployment poses a risk we simply cannot afford. Across industries, I’m observing a troubling pattern: organizations are bypassing the engineering design phase and dire

Raimund Laqua, P.Eng., PMP Note: Link to my strategy briefing document is located at the end of the blog post. About a year ago, I heard an AI expert suggest that we might need AI to control AI. My immediate reaction? That's nonsense. Why would you control something uncertain with more uncertainty? It seemed like doubling down on the problem rather than solving it. Turns out I was wrong. Or at least, I was asking the wrong question. The Problem That Won't Go Away I'm an engin

I've been thinking a lot about promises lately. Not the kind we make at year-end meetings, but the deeper promises organizations make when they deploy AI systems. Promises about safety, fairness, and accountability. Promises that become very real when something goes wrong. The challenge with Large Language Models is that traditional compliance approaches assume you can audit the decision-making process. You write procedures, train people, create controls around logical steps

Presenter:  Raimund Laqua, P.Eng., PMP. Date:  November 20, 2025 For Compliance Officers and Managers When compliance becomes operational—which is necessary to meet performance and outcome obligations—you need a method of improvement that focuses on operational systems. This is where LEAN comes in. However, LEAN has to adapt its principles to work with compliance. This presentation explores 10 lean principles and how they are used to improve compliance performance. If you're

If you're a compliance director or manager, you've probably noticed something frustrating: organizations can have excellent compliance documentation, pass audits, and still get surprised by violations. The gap isn't in what they document—it's in how regulatory obligations are embedded in operational capability. This is where integrative compliance  transforms everything. While traditional compliance creates separate activities that run parallel to operations, integrative comp

If you're a compliance director or manager in a highly regulated industry, you know this frustration: Your organization has procedures, training records, audit schedules, and risk assessments. You pass audits. Your management systems are certified. But violations still surprise you. You're constantly firefighting. And when leadership asks "are we actually meeting our obligations?" you can't answer with complete confidence. The problem isn't your competence. It's that most com

If you're responsible for compliance, you've probably faced this uncomfortable question: "How do you know you're actually compliant?" Most organizations point to policies, training records, and audit reports. But there's often a nagging gap between having documentation and having genuine confidence that your obligations are truly being met. This is where Goal Structuring Notation (GSN ) and claim trees become game-changers. They're tools borrowed from safety-critical industr

As someone working in compliance during this wave of AI adoption, I've been thinking about how we approach automation differently than other industries. The compliance field is naturally cautious about new technology—and for good reason. When we fail to meet regulatory standards, performance targets, or outcome requirements, the consequences extend far beyond operational inefficiency. Recently, I've been reflecting on Jidoka, Toyota's manufacturing principle that emerged over

Why Business Managers Should Own Compliance There's a persistent practice in organizational management where compliance is separated from...

How do we deliver safe AI? This is the question every organization grappling with AI adoption must answer. Yet too often, discussions...

When mission success requires compliance success Every organization is on a journey. Ahead lies your vision—the total value you're...

What GRC Should BE Traditionally, GRC activities were centered around integrating the siloed functions of Governance , Risk , and...

The Compliance Charter In project management, we don't start without a charter. Yet in compliance—where the stakes are often higher and...

The Dual Nature of Compliance Over the years working with companies in highly-regulated industries, I've observed that organizations...

By Raimund Laqua, Founder of Lean Compliance Why Risk Assessments Should Start with Uncertainty Walk into most organizations today, and...

AI Risk Containment Architecture Industrial leaders in safety-critical, highly regulated sectors like energy, chemical processing,...