Audit Scope

Here's the problem with most AI audits:

They try to do everything. Map every process. Fix every problem. Touch every system.

And they fail.

Not because the work wasn't good—because the scope was too big, too vague, or too ambitious for the time and resources available.

This step is about drawing clear lines. What you'll cover. What you won't. How deep you'll go. And what success actually looks like.

Do this right, and you'll stay focused on high-value work. Skip it, and you'll waste weeks chasing things that don't matter.

Why Scope Matters

Without a clear scope, three things happen:

Scope creep. The audit expands into areas that weren't part of the plan, eating up time and energy.
Misaligned expectations. The client expects one thing. You deliver another. Trust breaks.
Wasted effort. You spend time mapping processes that won't lead to actionable opportunities.

A good scope keeps everyone aligned, protects your time, and ensures the audit delivers real value.

What You Need Before You Start

Pull out your Intake Summary from the last step. You'll need:

Your top 3 business goals
Your known constraints (budget, compliance, timelines, systems you can't touch)
The type of audit you're running (2-week assessment or 4-week full audit)
A realistic view of how much time and capacity you actually have

Step 1: Decide What You'll Cover

Start with the core areas you need to review.

These might include:

Specific departments (Sales, Support, Operations)
Key processes (customer onboarding, order fulfillment, reporting)
Systems (CRM, ERP, support ticketing)
Decision points (approvals, escalations, bottlenecks)

Here's the key: Every area you include should tie directly back to one of your business goals.

If it doesn't help you hit a goal or remove a constraint, leave it out.

Step 2: Decide What You Won't Cover

This is just as important as what you will cover.

Write a clear exclusion list. Be specific:

Departments you won't review
Systems you won't touch
Experiments you won't try
Outcomes you won't promise

Why this matters: Clear exclusions protect you from scope creep and keep expectations honest. They also speed up delivery because you're not constantly negotiating boundaries.

Step 3: Set the Depth for Each Area

Not everything needs the same level of attention.

For each area you're covering, decide how deep you'll go:

High: Full process mapping + opportunity scoring + detailed analysis
Medium: High-level mapping only, enough to spot opportunities
Low: Context only—just enough to understand how it fits

Never set all areas to "High." You don't have the time, and you don't need to. Focus deep effort on the areas with the highest potential impact.

Step 4: Define What Success Looks Like

What does "done" look like?

Write 3–5 clear statements that define success. Keep them simple and outcome-focused.

Examples:

"We have a ranked list of AI opportunities tied to real ROI."
"Leadership agrees on what to build first, second, and third."
"At least one quick win is ready to implement."

Avoid technical jargon. If a non-technical executive can't understand it, rewrite it.

Step 5: Lock the Timeline

Set hard boundaries.

Define:

Start date
End date
Number of interviews you'll conduct
Number of workshops or review sessions

Then make it clear: Anything outside this window gets deferred. No exceptions.

Why this matters: Without time boundaries, audits drag on forever. Work expands to fill the time available. Lock the timeline, and you force focus.

Step 6: Set Your Guardrails

State the rules up front.

Examples:

No systems over $100k in this audit cycle
No rebuilding core systems unless explicitly approved
No AI where risk outweighs value

Why this matters: These rules protect you from pressure later. When someone asks, "Why didn't we consider rebuilding the CRM?" you can point back to the guardrails and say, "We agreed that was out of scope."

Step 7: Create Your Scope Lock Document

Pull everything together into one page.

Your Scope Lock should include:

In Scope: What you're covering
Out of Scope: What you're not covering
Depth by Area: High, Medium, or Low for each area
Success Criteria: What "done" looks like
Timeline: Start date, end date, key milestones
Guardrails: Rules and constraints

Save it as: YourCompany_AuditScopeLock_v1

Keep it to one page. If it's longer, it's too complicated.

Step 8: Get Written Approval

Don't start without it.

Send the Scope Lock document to everyone involved. Get explicit written approval before you conduct a single interview.

Why this matters: Verbal agreements fade. Written approval protects both sides. It's your proof that everyone agreed on what this audit would and wouldn't do.

What You Should Have Now

By the end of this step, you should have:

✅ A one-page Scope Lock document

✅ A clear list of what's in scope and what's not

✅ Depth levels assigned to each area

✅ Success criteria everyone agrees on

✅ A fixed timeline with hard boundaries

✅ Written approval from all stakeholders

Quality Check: Did You Do This Right?

Before you move on, make sure:

Your Scope Lock fits on one page
Every "In Scope" item maps to a business goal
Exclusions are written in plain language (no legal jargon)
Success criteria are outcome-based, not technical
You have written approval documented
There's no ambiguity about time, depth, or cost boundaries

Need Help Defining Your Scope?

We built a tool that generates your audit scope summary quickly.

Use it here: Generate Your Scope Summary

Here's the problem with most AI audits:

They try to do everything. Map every process. Fix every problem. Touch every system.

And they fail.

Not because the work wasn't good—because the scope was too big, too vague, or too ambitious for the time and resources available.

This step is about drawing clear lines. What you'll cover. What you won't. How deep you'll go. And what success actually looks like.

Do this right, and you'll stay focused on high-value work. Skip it, and you'll waste weeks chasing things that don't matter.

Why Scope Matters

Without a clear scope, three things happen:

Scope creep. The audit expands into areas that weren't part of the plan, eating up time and energy.
Misaligned expectations. The client expects one thing. You deliver another. Trust breaks.
Wasted effort. You spend time mapping processes that won't lead to actionable opportunities.

A good scope keeps everyone aligned, protects your time, and ensures the audit delivers real value.

What You Need Before You Start

Pull out your Intake Summary from the last step. You'll need:

Your top 3 business goals
Your known constraints (budget, compliance, timelines, systems you can't touch)
The type of audit you're running (2-week assessment or 4-week full audit)
A realistic view of how much time and capacity you actually have

Step 1: Decide What You'll Cover

Start with the core areas you need to review.

These might include:

Specific departments (Sales, Support, Operations)
Key processes (customer onboarding, order fulfillment, reporting)
Systems (CRM, ERP, support ticketing)
Decision points (approvals, escalations, bottlenecks)

Here's the key: Every area you include should tie directly back to one of your business goals.

If it doesn't help you hit a goal or remove a constraint, leave it out.

Step 2: Decide What You Won't Cover

This is just as important as what you will cover.

Write a clear exclusion list. Be specific:

Departments you won't review
Systems you won't touch
Experiments you won't try
Outcomes you won't promise

Why this matters: Clear exclusions protect you from scope creep and keep expectations honest. They also speed up delivery because you're not constantly negotiating boundaries.

Step 3: Set the Depth for Each Area

Not everything needs the same level of attention.

For each area you're covering, decide how deep you'll go:

High: Full process mapping + opportunity scoring + detailed analysis
Medium: High-level mapping only, enough to spot opportunities
Low: Context only—just enough to understand how it fits

Never set all areas to "High." You don't have the time, and you don't need to. Focus deep effort on the areas with the highest potential impact.

Step 4: Define What Success Looks Like

What does "done" look like?

Write 3–5 clear statements that define success. Keep them simple and outcome-focused.

Examples:

"We have a ranked list of AI opportunities tied to real ROI."
"Leadership agrees on what to build first, second, and third."
"At least one quick win is ready to implement."

Avoid technical jargon. If a non-technical executive can't understand it, rewrite it.

Step 5: Lock the Timeline

Set hard boundaries.

Define:

Start date
End date
Number of interviews you'll conduct
Number of workshops or review sessions

Then make it clear: Anything outside this window gets deferred. No exceptions.

Why this matters: Without time boundaries, audits drag on forever. Work expands to fill the time available. Lock the timeline, and you force focus.

Step 6: Set Your Guardrails

State the rules up front.

Examples:

No systems over $100k in this audit cycle
No rebuilding core systems unless explicitly approved
No AI where risk outweighs value

Step 7: Create Your Scope Lock Document

Pull everything together into one page.

Your Scope Lock should include:

In Scope: What you're covering
Out of Scope: What you're not covering
Depth by Area: High, Medium, or Low for each area
Success Criteria: What "done" looks like
Timeline: Start date, end date, key milestones
Guardrails: Rules and constraints

Save it as: YourCompany_AuditScopeLock_v1

Keep it to one page. If it's longer, it's too complicated.

Step 8: Get Written Approval

Don't start without it.

Send the Scope Lock document to everyone involved. Get explicit written approval before you conduct a single interview.

Why this matters: Verbal agreements fade. Written approval protects both sides. It's your proof that everyone agreed on what this audit would and wouldn't do.

What You Should Have Now

By the end of this step, you should have:

✅ A one-page Scope Lock document

✅ A clear list of what's in scope and what's not

✅ Depth levels assigned to each area

✅ Success criteria everyone agrees on

✅ A fixed timeline with hard boundaries

✅ Written approval from all stakeholders

Quality Check: Did You Do This Right?

Before you move on, make sure:

Your Scope Lock fits on one page
Every "In Scope" item maps to a business goal
Exclusions are written in plain language (no legal jargon)
Success criteria are outcome-based, not technical
You have written approval documented
There's no ambiguity about time, depth, or cost boundaries

Need Help Defining Your Scope?

We built a tool that generates your audit scope summary quickly.

Use it here: Generate Your Scope Summary