Using AI to Run the Business, Not Just Write Code

When most people talk about using AI in their business, they mean autocomplete and faster first drafts. We use it for something different: running the operational side of the company — the reviews, the security checks, the supplier tracking, the to-do lists that multiply faster than you can clear them.

This is not a pitch for AI as a magic productivity tool. It is a description of a specific, repeatable setup that works for a small technical team and removes a significant amount of administrative drag. If you run a small software business, a consultancy, or a solo practice, some version of this probably applies to you.

The problem: admin that scales with success

Small technical teams have a particular problem. The better you get at delivering, the more operational overhead you generate. More clients means more contracts, more supplier relationships, more compliance obligations. More code means more security surface, more dependency updates, more incidents to track. More revenue means more HMRC obligations, more board decisions, more things that need a paper trail.

None of this is complex individually. Together it creates a steady drag that costs anywhere from a few hours a week to most of a day. For a team of one or two, that is a meaningful fraction of your productive capacity.

The setup: AI with context

The core idea is simple: give an AI assistant permanent access to your working documents, and ask it to run structured reviews of the things that would otherwise slip through the gaps.

In practice, this means keeping key operational documents — your task list, your supplier register, your security incident log, your project notes — in plain text files that an AI can read. Not in a proprietary system that locks the data away. Not in a shared spreadsheet that requires a login. Plain text, version-controlled, readable by anything.

The AI reads those files at the start of each working session and surfaces what needs attention. Overdue tasks. Suppliers due for review. Security incidents that are approaching their resolution deadline. Items that were "pending" three weeks ago and have been quietly forgotten.

What this looks like in practice

Here are some generic examples of things this kind of setup handles automatically:

• Daily task review — a structured morning briefing that pulls from your task files and highlights what is overdue, due today, or blocked. Not a summary you have to request; one that runs at the start of every session.
• Security incident tracking — a log of active security issues with SLA deadlines calculated from the date they were opened. The AI flags anything approaching breach before you have to check.
• Supplier review prompts — when a supplier relationship is due for annual review, it appears in the briefing. Not in an email reminder that gets buried. In your working context, at the start of your day.
• Weekly review— a structured end-of-week summary that checks open tasks against what was planned, flags anything that slipped, and helps you write the following week's priorities in under ten minutes.

Why version control matters

Keeping operational documents in version control gives you something most business tools do not: a complete, auditable history of every decision. When did you close that security incident? Who updated the supplier register? What was the task list on the day you invoiced that client?

For compliance purposes — ISO 27001, GDPR, client audit requirements — this audit trail has real value. It costs almost nothing to maintain if the documents are already in plain text and already committed to git.

The limits

This is not a replacement for good process. If your task list is a mess, the AI will give you a well-presented summary of a mess. If your security incident log has entries with no resolution plan, the AI will flag them — but you still have to write the plan.

What it replaces is the manual effort of reviewing those documents yourself, remembering what needed attention, and maintaining the discipline to check them regularly. That is the part that tends to slip when you are busy.

Getting started

The minimum viable version of this setup is: a plain text task list in a git repository, and an AI assistant with a standing instruction to review it at the start of each session. You do not need custom tooling. You do not need a workflow platform. You need a text editor and a terminal.

The more sophisticated versions — structured briefings, security SLA tracking, compliance document management — build on that foundation. They are the natural next step once you have seen how much of your admin can be handled this way.