Wm. Jerome Davis
Menu

AI Governance · Risk · Compliance

Builds the systems. Governs the systems. Defends the evidence.

The rare operator at the intersection of DoW program execution, ISO/IEC 42001 & 27001 audit leadership, and hands-on GenAI engineering. I don’t just write the AI policy — I ship the governance software that enforces it and the evidence trail that survives the audit.

Fellow — Management Systems Auditing ISO 42001 Lead Auditor ISO 27001 Lead Auditor ISO 27701 Lead Auditor PMI-CPMAI CompTIA SecurityX

Track record, in numbers

82% first-pass ATO rate across 22 authorization campaigns
9-figure DoW CRM & training portfolio under governance authority
90 days to clear a 2-year cloud authorization backlog
30% cut in compliance overhead via a unified management system
400K+ users on the federal portfolio he stabilized
2 governance-grade systems built end to end — architecture, controls, evidence

Why the bridge is rare

Most AI-governance candidates can do one of these. The value is in holding all three at once — and having the federal program scars to know what a control actually costs.

Builds

The systems

Hands-on GenAI and agentic engineering — governed multi-agent frameworks, a live governance platform, and a software factory. Practitioner depth, not vendor slideware.

Governs

The systems

ISO/IEC 42001 / 27001 / 27701 Lead Auditor directing a corporate AIMS toward certification. Translates EU AI Act, NIST AI RMF, and RMF mandates into executable controls.

Defends

The evidence

22 ATO campaigns, an 82% first-pass rate, and a nine-figure DoW portfolio briefed to the C-suite. Governance that holds up when an auditor — or a federal sponsor — pushes back.

The proof stack

Working systems and a published playbook — architecture, controls, and the evidence behind them. The credential is the artifact, not the claim.

Read the thinking the software is built on.

The Decisions That Come Before Scale