What I'm Building Next

Everything I’ve been writing about — architecture as foundation, structure enabling speed, governance moving to first-class, the evolving human role — it’s converging into what I’m building next.

Agentic governance systems. Not the kind that produce compliance reports nobody reads. The kind that actively drive risk management, architectural oversight, and quality assurance as part of the workflow itself. Governance that operates at the speed of the business it’s governing, because it’s wired into the same infrastructure.

I’ve spent the last year building production AI systems and figuring out what works through practice, not theory. What works is architectural discipline applied to agentic systems — modularity, clear interfaces, continuous validation, documentation that maintains itself.

The next step is applying that same approach specifically to governance, risk, and compliance. Building the agentic harnesses that make NIST and SOC 2 and ISO operational instead of aspirational. Making the frameworks live and breathe in production, not sit on a shelf.

This is where enterprise architecture meets agentic GRC. And I think it’s where the most interesting work is going to happen over the next year.

More on this soon.