AboutBlogBusiness First AIFounder FreedomBook a conversation

The 90-day data and knowledge readiness roadmap for SMEs

May 11, 2026
A founder at a desk with a one-page plan in her hand, checking items off, with a three-block wall planner behind her
TL;DR

Data and knowledge readiness work fails at SME scale when treated as an open-ended programme and succeeds when treated as a ninety-day sprint. Three phases of roughly a month each, audit then foundation then discipline, with named outputs at every gate. The output is not perfect data, it is information clean enough that the next AI tool does not stall at the data layer, with a maintenance rhythm to keep it that way.

Key takeaways

- Open-ended data improvement programmes stall at SME scale because they have no defined endpoint and lose to revenue work every quarter. A ninety-day sprint with a firm deadline, named scope and an explicit maintenance pattern after day ninety is the version that actually finishes. - Phase one, days 1 to 30, is the audit. A one-week structured inventory of where data lives and what is broken, a three to four hour prioritisation workshop, and a one-page scope charter naming the three to five issues that will get fixed in the next sixty days. - Phase two, days 31 to 60, is the foundation. Typical workstreams are customer record deduplication, a five to ten entity glossary, video walkthroughs of the top category one processes, and a naming convention applied from a chosen start date forward. - Phase three, days 61 to 90, is the discipline. A named owner for each artefact, a quarterly review built into the existing business rhythm, and a five-minute data health item in the weekly operations huddle. The transition from project to operating rhythm is the point. - At day ninety the goal is data and knowledge that does not block the next AI use case the business takes on, with a maintenance pattern that survives the quarter after the sprint ends. Perfection is not the standard, direction of travel is.

She has agreed the work is needed. She has read the foundation posts, recognised three of the four exposures in her own firm, and accepted that the next AI tool will fail at the data layer if nothing changes. Now she has thirty minutes and one question. What does the plan look like.

The honest version is short. Ninety days, three phases of about a month each, no new hires and no specialist software at the outset, a maintenance pattern at the end that costs the team about two hours a week. The work is real and it requires discipline, but it fits on a single page and it ends on a known date. Open-ended data programmes lose to revenue work every quarter. A bounded sprint with a firm deadline at day ninety is the version that actually finishes.

Why does a ninety-day frame work better than an open-ended programme?

Indefinite improvement work has no completion date, no scope discipline, and nothing to prioritise against. Gartner finds 57 per cent of companies judge their own data unfit for AI, yet remediation investment stays low because remediation has no end. MIT Project NANDA reports 95 per cent of generative AI deployments produce zero measurable return, with the failures sitting in data and workflow rather than the model. The fix is a firm deadline.

Ninety days is long enough to deliver substantive work and short enough to keep urgency. Owner-operated firms already run monthly accounts and a quarterly review of some kind. Anchoring the sprint to that rhythm means the work integrates with operating cadence rather than competing with delivery. Johanna Rothman’s writing on timeboxing makes the point well. Once the box is fixed, the question stops being when, and becomes what can we realistically do in the time we have.

What happens in phase one, the audit, days 1 to 30?

A one-week structured inventory of where data and knowledge live, followed by a prioritisation workshop, followed by a one-page scope charter that names the three to five issues to be fixed in the next sixty days. The output at day thirty is not detail, it is clarity. The owner can walk a team meeting through what is broken, why each item matters, what fixing it will require, and who is responsible for each workstream.

Week one is the rapid assessment. One or two people, usually the operations lead and a technical generalist, spend fifteen to twenty hours answering four questions. Where does business-critical data live, which systems and which spreadsheets. Who owns each source. Where are the visible inconsistencies. Where is information most often sought and hardest to find. The Future Processing framework gives a useful six-dimension structure for the assessment, but the deliverable is small, a one-page inventory that gets walked through with the owner in a ninety-minute session.

Week two is the prioritisation workshop. Three to four hours. Each issue scored on frequency, business impact and tractability inside sixty days. The arithmetic is simple, frequency times impact divided by a tractability factor, and it surfaces the three to five items that are both critical and achievable. The charter that comes out names each item, defines what resolved looks like by day sixty, and assigns an owner. Weeks three and four turn that into one-page workstream plans, with expected hours and the resources required.

What gets built in phase two, the foundation, days 31 to 60?

The four workstreams the foundation phase typically produces are customer record deduplication, a working business glossary, video walkthroughs of high-risk processes, and a naming convention rolled out from a chosen start date. Not every sprint runs all four. The scope charter from phase one decides which three to five take priority. The pattern below is what owner-operated services firms commonly land on.

Customer deduplication is the first visible win. A typical small business holds three to seven versions of each major entity across CRM, billing, project tooling and accounts. Profisee’s work on duplicated master data documents the revenue and margin friction that follows. Within the sixty-day window the goal is not perfect deduplication, that is a continuing task. The goal is removal of the obvious duplicates, a documented source-of-truth record, and a monthly monitoring report to catch new duplicates at source.

The glossary is concurrent. Five to ten critical entities, customer, product or service line, revenue transaction, staff resource, project, with a business definition for each, the source system, the technical field, the usage rule and the named steward. Atlan’s research on data glossaries makes the design point clearly. A glossary pays back only when it is embedded in the reports and dashboards the team already uses, not when it sits as a standalone document nobody references.

The SOP readiness review is a focused assessment of the top five to seven processes, sorted by risk and documentation state. Category one processes, high risk and known to one or two people, get a ten-minute video walkthrough from the incumbent, transcribed into a checklist with screenshots, then piloted by a different team member while the incumbent observes silently. The naming convention is the lightest workstream. A one-page document, a thirty-minute team training, a chosen start date, and a spot-check over the following month. The ICO’s information governance guide for small business gives the proportionate baseline. Harvard’s biomedical data management guidance reinforces the rule that conventions are set before content is created, not retrospectively.

What does phase three, the discipline, days 61 to 90, actually deliver?

A named owner for each artefact, a quarterly review built into the existing business rhythm, and a five-minute data health item in the weekly operations huddle. The transition the phase is trying to make is from project to operating rhythm. Data governance change management research consistently shows that this is where initiatives die, policies created with enthusiasm and then gradually ignored because nobody has explicit responsibility for them.

Named ownership is the first step. For each artefact, the customer master, the glossary, the documented processes and the naming convention, one person is the steward. The responsibilities are narrow and bounded, respond to questions, maintain version history, communicate changes, spot-check accuracy monthly or quarterly. In a 5 to 50 person business this often collapses to the operations or finance manager, sometimes with help from a technical lead. The deliverable is a one-page stewardship charter that names the owners and the cadence, signed off by the owner-operator and shared with the team.

The quarterly review locks ninety minutes into the calendar in the first or second week after each quarter end. The agenda is short. Duplicates found and remediated, glossary terms questioned or updated, one or two documented processes sampled by someone who did not write the documentation, files spot-checked against the naming convention. The tone is pragmatic. Eighty per cent adoption of the naming convention is good progress. Three glossary terms needing clarification is normal. The weekly operations huddle carries the third mechanism, a rotating five-minute data health item that keeps the work visible without becoming a separate programme. By day ninety the sprint has ended and the operating rhythm has started.

What does good look like at day 90, and what is the next move?

Good looks like data and knowledge that does not block the next AI use case the business takes on. Customer records deduplicated with documented rules. A glossary the team references. The highest-risk processes captured as checklists. New files following a naming convention. A named owner for each artefact and a quarterly review on the calendar. Direction of travel, with a rhythm that survives the quarter after the sprint ends.

The data will still have errors. The documented processes will reveal gaps when somebody new follows them. The naming convention will land at 75 to 85 per cent adoption rather than 100. The glossary will need terms added and refined. None of that is failure. The business has moved from a state where the next AI tool will stall at the data layer to a state where it will not.

The next move is the AI use case the firm has already named, sales forecasting, customer segmentation, invoice processing, a knowledge assistant. Whichever it is, the implementation no longer spends its first month cleaning data that should have been clean. That is the practical case for the sprint. Want a hand pacing this for your own firm? Book a conversation.

Sources

- MIT Project NANDA (2025). State of AI in Business 2025. Cited for the 95 per cent of generative AI deployments showing zero measurable return and the finding that the failures sit upstream of the model in data, workflow and outcome definition. https://sranalytics.io/blog/why-95-of-ai-projects-fail/ - Gartner via My Business Future (2025). Data Quality in SMEs, Why AI Fails Without Clean Data. Cited for the 57 per cent of companies judging their own data unfit for AI and the 60 per cent of AI projects that Gartner predicts will be abandoned through 2026 for lack of AI-ready data. https://mybusinessfuture.com/en/data-quality-in-smes-why-ai-fails-without-clean-data/ - McKinsey via Insighting. Why 90 per cent of data projects fail, the Last Mile Problem. Cited for the pattern where firms invest in collection and dashboards but stall at embedding insights into decision-making workflows, the same failure mode the discipline phase of the sprint is designed to close. https://www.insighting.io/post/why-do-90-of-data-projects-fail-meet-the-last-mile-problem - Johanna Rothman (2022). How and When to Use Timeboxes, Iterations, and Sprints to be Most Effective. Cited for the timeboxing principle that converts indefinite improvement work into bounded execution, the methodological basis for the ninety-day frame. https://www.jrothman.com/mpd/2022/04/how-and-when-to-use-timeboxes-iterations-and-sprints-to-be-most-effective/ - The Sero Group. Data Governance in Action, 4 Challenges for Small and Mid-Sized Businesses. Cited for the SME failure mode of attempting enterprise-scale governance without the organisational maturity to support it, and the case for ruthless focus on critical data elements. https://theserogroup.com/data-strategy/data-governance-challenges-small-mid-sized-businesses/ - Future Processing. Data readiness assessment, checklist and six key elements. Cited as the practical six-dimension assessment framework used in week one of the audit phase, covering infrastructure, integration, quality, accessibility, governance and ethics. https://www.future-processing.com/blog/data-readiness-assessment/ - Profisee. 8 Business Process Problems That Result From Data Duplication. Cited for the documented impact of duplicate master data on revenue, margin and operational efficiency, the rationale for putting customer deduplication first in the foundation phase. https://profisee.com/blog/8-business-process-problems-that-result-from-data-duplication/ - Information Commissioner's Office. Information Governance for Your Small Business. Cited as the UK regulator's small-business reference for proportionate file management, naming conventions and information governance, used as the baseline for the naming convention rollout in phase two. https://ico.org.uk/for-organisations/advice-for-small-organisations/ - Atlan (2025). What Is a Data Glossary and Why Do You Need One. Cited for the principle that glossaries pay back only when embedded in daily workflows and reports, not when maintained as standalone documents, the design rule behind the phase two glossary work. https://atlan.com/what-is-data-glossary/ - Harvard Biomedical Data Management. File Naming Conventions. Cited for the principle that a naming convention must be set before content is collected to prevent a backlog of disorganised files, the rationale for the chosen-start-date rollout pattern rather than a retrospective rename. https://datamanagement.hms.harvard.edu/plan-design/file-naming-conventions

Frequently asked questions

Why ninety days specifically, why not six months or a year?

Ninety days is long enough to deliver substantive remediation and short enough to keep focus and urgency. It also aligns with the quarterly business rhythm most owner-operated firms already run, so the sprint integrates with monthly accounts and quarterly reviews rather than competing with them. Open-ended programmes lose to delivery work every time. A firm deadline at day ninety forces scope discipline at day seven.

Who actually does the work, and how much of their time does it take?

An owner-operator spends three to five hours a week on oversight and decisions. A technical lead, usually the person who already manages IT or finance systems, spends eight to ten hours a week on execution. Frontline staff involved in the relevant data or processes give two to three hours a week for piloting and validation. No new hire, no specialist software at the outset, no external consultant required.

What does good look like at day ninety, and what is not expected?

Customer records deduplicated with documented merge rules. A glossary of five to ten critical entities. Video walkthroughs and checklists for the top three or four high-risk processes. A naming convention in use for new files. A named owner for each artefact and a quarterly review on the calendar. What is not expected, perfect data, comprehensive governance, complete process documentation, or zero errors in adoption. Direction of travel, not perfection.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

An SME owner at a desk reviewing a thirty-seven tab operations spreadsheet alongside a half-configured new system on a second screen

From spreadsheets to systems: when an SME outgrows its data setup

The spreadsheet was the right answer at five people. At twenty-five, it is the bottleneck. Four signs to watch for, and a proportionate migration sequence that does not retire the spreadsheet on day one.

An owner and two colleagues at a small meeting table with a printed sheet of questions, a coffee cup and an open notebook, mid-conversation

Measuring data and knowledge readiness, four questions to revisit each quarter

Owners who measure data and knowledge readiness in a structured way ship better AI outcomes than owners who treat it as a feeling. Four questions, every quarter, no dashboard required.

A woman in her fifties at a kitchen table reading a printed proposal document, pen in hand, with two other proposals beside her and a mug of tea.

When to bring in a data consultant, and when not to

Three situations where external data help is worth the spend, the more common ones where in-house is faster, and how to brief a consultant so the engagement actually lands.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd