Ten Questions to Ask Before Your Firm Deploys AI

Ten questions in ten minutes to find out if your law firm’s AI governance is ready for the real world. Free diagnostic built on NIST AI RMF, ISO 42001, and OWASP.

Imagine you own a building. You hire an inspector who checks the wiring, tests the fire suppression, walks the exits, and signs off on the permit indicating that your building is safe. Two weeks later, a neighbor mentions radon. So, you buy a $15 test kit from the hardware store, and two days later, the results come back hot. The radon was there the whole time. But the inspector never tested for it because it wasn’t part of the checklist. The test was extremely simple and cheap, but wasn’t done because nobody asked.

Your AI vendor might have shown you a SOC 2 report indicating that their platform is secure. They might even also have the ISO 27001 certification. Everyone in the chain of command has signed off on it, and moved on. Except those certifications were built for deterministic software—systems that produce the same output every time from the same input. They check access controls, encryption, change management, and system availability, which are all important. However, they don’t cover what happens when your contract review tool hallucinates a clause that doesn’t exist, or when a research assistant fabricates a case citation that looks plausible until the judge calls you out on it.

The radon is in the building, but no one has tested for it.

Want the AI readiness diagnostic now? [Take it in your browser] (no login, no email gate, private–nothing leaves your browser) or [download a PDF] . Read on for context on what it tests and why.

The Model Gap

Your SOC 2 audit doesn’t ask if a carefully crafted document submitted for contract review can carry hidden instructions that cause the AI to skip adverse clauses. It doesn’t ask if an adversary can reconstruct privileged client information by querying the model the right way or whether your vendor even knows which foundation model sits underneath their product and who has access to the data that flows through it.

These aren’t edge cases meant to scare you. Prompt injection attacks against language models are documented and reproducible. Data extraction techniques have been demonstrated and published in peer-reviewed research. Every one of these risks exists in the space between what your security certifications evaluate and what AI systems actually introduce into your firm’s environment.

I call this the Model Gap—because your governance model probably wasn’t built to handle AI deployment risks. As AI deployments increase, and as they become more autonomous , the gap will keep widening and becoming more dangerous. The gap is not necessarily because your vendor is being dishonest, but because current governance and security frameworks weren’t designed for AI systems. Therefore, it is your responsibility to ask the important questions that bridge the gap before deploying AI.

What Your Firm Needs to Know

I spent the past several months exploring the specific risks that AI introduces into legal practice. These risks go beyond generic “AI might be biased” risks to concrete, verifiable issues that can produce malpractice claims, privilege waivers, and insurance coverage denials. These risks can end a client relationship or even a career.

Several questions can help you find where the Model Gap is widest at your firm. Here are a few.

Can you draw the data flow? When client data enters your AI tool, can you trace every server, every subprocessor, and every cache? Many firms that try this exercise discover data processors they never knew existed.

Has your vendor tested for data extraction attacks? Attorney-client privilege doesn’t survive a training data pipeline. If privileged information can be extracted from a model through targeted queries, you have an ongoing exposure that might remain undetected until it causes real harm. And if the vendor has never tested for it, the truth is they don’t know whether it’s happening.

Do you have technical controls blocking shadow AI, or just policy? Right now, associates at most firms can paste privileged documents into personal Claude, Gemini, or ChatGPT accounts from firm devices. A written acceptable use policy without technical enforcement is wallpaper. It makes the hallway look nice, but stops nothing.

Does your malpractice insurance cover AI-generated errors? Most cyber policies contain exclusions for automated decision-making or third-party AI processing. If you’re not sure about the answer to this, your firm may be carrying uncapped financial exposure from AI tools in production.

The Ten-Minute Test

I have distilled the highest-signal questions from the full 78-item Legal AI Deployment Evaluation Kit—a framework built on NIST AI RMF, ISO/IEC 42001, and the OWASP Top 10 for LLMs—into a free, ten-minute, ten-question diagnostic. Each question targets a distinct risk domain: data flow mapping, privilege protection, prompt injection testing, supply chain transparency, governance structure, shadow AI controls, accuracy benchmarks, human oversight requirements, incident response, and insurance alignment. The questions, if answered honestly, allow you to quantify your firm’s AI readiness in about ten minutes and get a concrete score that tells you where the biggest gaps are.

Score each question on a 0-5 scale, and add it up to get a sense of where you stand:

40-50: Stronger governance than most; the full kit might surface some additional gaps.

25-39: Some controls are in place, but there might be meaningful gaps that don’t look like gaps until something goes wrong. This is where most firms land.

10-24: There are material gaps across multiple domains. Some of these—particularly around privilege and insurance—likely represent exposure right now.

0-9: Consider pausing AI use for client-facing work until you’ve built minimum governance.

Take the AI Readiness Diagnostic PDF version

Why This Matters Beyond Risk Avoidance

These scores matter because we see the consequences playing out already. In 2023, attorneys in Mata v. Avianca were sanctioned after filing a brief full of AI-hallucinated case citations . Numerous similar cases have occurred since then, and courts are no longer inclined to treat it as a novelty. Meanwhile, privilege breaches through unmapped AI pipelines and insurance carriers denying coverage for AI-generated errors are the kind of problems that may not be apparent until the exposure becomes real.

It’s a matter of when, not if, corporate clients start sending AI governance questionnaires to outside counsel. Their own regulators are already pushing AI compliance requirements, and that pressure flows downstream. The firm that can document its governance posture with evidence will gain the competitive edge over firms that fumble the questionnaire.

I call this the vulnerability advantage. Firms that deploy AI with rigorous, privacy-first governance will have fewer attack surfaces and also gain a differentiator that their competitors don’t have yet.

Take the AI Readiness Diagnostic →

If the score worries you, there are two ways forward.

The full Legal AI Deployment Evaluation Kit expands each of these ten domains into 78 detailed assessment items across five modules. It includes scoring rubrics, red flag indicators, evidence checklists, and a 90-day action plan organized into three phases: Stabilize, Build, and Operationalize. It’s designed for firms that want to run the evaluation themselves and build a documented governance posture they can show to clients and insurers.

For firms that want an expert in the room—particularly those scoring below 25—I offer guided evaluations : a structured interpretation of your completed assessment, a prioritization session, and a written remediation roadmap scoped to your firm’s specific risk profile.

But start with the ten questions. Because the worst position in all of this is the one where you don’t know what you don’t know. And the radon keeps seeping through the foundation, doing its damage while the inspection certificate hangs on the wall.