/how-we-work  ·  Long-form operating model · ~12 min read · For technical evaluators
SentinelEdge / How We Work

Inside an engagement.

A long-form walk-through of how we actually run a project — from the first conversation to the system that keeps producing after we leave the room. Written for the operator who's been asked to vet us.

Read time 12 minutes Written for Technical evaluators
Operations leaders
Compliance officers Last updated May 2026

What's covered.

Ten sections · Read top-to-bottom or jump around
  1. The question this page answers
  2. Five operating principles
  3. The shape of an engagement
  4. Phase one — audit
  5. Phase two — evals
  6. Phase three — deployment
  7. After deployment — the ops layer
  8. What we don't do
  9. The stack underneath
  10. If this sounds like the model you need
01 — Intro

The question this page answers.

When a CFO at a regulated mid-market company is told they need to "do something about AI," and they like the first conversation with us, the next step is almost always the same: they loop in someone technical. An IT director. A controller who actually understands how the systems talk to each other. Sometimes the COO. Sometimes the CEO themselves.

That person comes to the website with one question. Are these people serious, or are they slinging buzzwords?

This page is the long answer. It walks through what an engagement with us actually looks like — what we do in the first week, what we do in the third month, what we hand off, what we keep running. It names tools. It names trade-offs. It tells you what we won't do and why.

If you're the technical evaluator we're trying to convince, the goal is for you to finish reading and have a clear sense of whether this is a shop you'd let into your environment. If you're a peer in this space, you'll recognize most of what's here. Some of the specifics will still be useful.

02 — Principles

Five things we believe, before we touch anything.

Every engagement we run is shaped by the same five operating principles. They're worth naming up front because most of what we do — and almost everything we refuse to do — comes back to one of these.

1. Intelligence is a commodity. Deployment isn't.

The model you're considering using next quarter will be cheaper and better six months from now. The thing that doesn't get cheaper is the work of figuring out where it goes in your business, what it should be allowed to touch, and how you'll know it's working. We sell the second thing.

2. You don't rip out the systems you already paid for.

Most of our clients have spent years and a lot of money getting onto whatever ERP, EHR, or RMM they're on. The last thing they want is to replace it. We build over what you already have. An integration layer. An orchestration layer. A model sitting on top of the data your existing systems already manage. The legacy stack stays. The pain of running it goes away.

3. The smallest unit of autonomy first.

We don't ship automations that take actions on day one. We ship automations that observe, then automations that recommend, then — only after evals hold — automations that act. Most failures in AI deployments come from skipping the first two steps. We won't.

4. The compliance boundary is the product.

Half of what we deliver in regulated industries is the boundary itself — the hosted environment, the access controls, the audit trail. AI capability inside an undefended boundary is not a feature, it's a liability. We host everything we build inside our own CMMC-aligned or HIPAA-aligned environment, on infrastructure we operate, in a Dallas datacenter we can walk into.

5. Operators using AI, not an AI company learning ops.

We came up running infrastructure for regulated mid-market clients. We started using AI because it made the operations work better, not because we wanted to start an AI company. That bias shows up in everything we ship — we will always pick the boring durable solution over the impressive demo.

If you take one thing from this page

Our advantage isn't a model, a framework, or a prompt library. It's that we run the infrastructure underneath the AI work, and we know what breaks at 2am because we're the ones the phone rings for. That's a different business than what most AI consultancies are selling.

03 — Shape

The shape of an engagement.

Every engagement we run, regardless of vertical, follows the same three phases. Audit, evals, deployment. The duration of each phase varies — a CMMC enclave build looks different from a healthcare revenue cycle automation — but the shape doesn't change.

Phase 01 · Audit
Two to six weeks. We sit inside the workflows we're going to touch, map them as they actually run, and decide what should be automated, what should be left alone, and what needs to be fixed before AI gets near it.
Phase 02 · Evals
Two to four weeks. Before anything reaches production, we build evaluations that grade the system against outcomes that matter to your CFO. This is what the CFO signs off against, and what tells us the system is safe to leave running.
Phase 03 · Deployment
Four to twelve weeks. We layer the new system over your existing data and tools, start with the smallest possible unit of autonomy, and scale only as the evals continue to hold.
Ongoing · Operations
We don't hand the system off and leave. We stay on as the operations layer underneath it, hosting it inside our compliant environment and running it the way an in-house team would, if you had one.

The rest of this page walks through each phase in detail, using a composite example drawn from real engagements. The composite is a regulated mid-market operator running a dozen different source systems — picture a multi-location healthcare group, a defense contractor, or an investment firm. The specifics differ but the shape is consistent enough that one walk-through covers most cases.

04 — Phase one
A
Phase 01 · 2–6 weeks Audit

Most of the value of an engagement gets locked in during the audit. This is unintuitive — clients expect the value to come from the AI, not the analyst sitting with their billing team — but it's true. By the time we finish the audit, we know exactly which workflows should be automated, which should be left alone, and which need to be fixed in the underlying process before AI would help at all. The deployment phase is then mostly execution.

What we actually do in week one

We embed with the team whose work we're going to touch. For a healthcare RevOps engagement, that's the billing and AR team. For a CMMC build, that's the IT and compliance leads. We sit in their meetings. We watch them work. We don't take over a conference room and demand a "kickoff workshop" — we go where the work happens.

Each person we shadow, we're looking for three things:

  • What does the job actually look like. Not the org chart version. The actual sequence of steps a competent person performs to get a thing done.
  • Where are the bottlenecks. What's the step that takes hours and produces nothing. What's the thing they hate doing.
  • Where could automation create value. Where would removing manual work meaningfully change the throughput or the accuracy of the function.

What we map

By the end of the audit, we deliver a workflow map for every process we touched. The map names every system involved, every human decision point, every handoff, and every place where data crosses a boundary between systems. For a typical mid-market client, this map covers between twelve and twenty source systems — an EHR, an HRIS, a billing platform, a payroll system, a clearinghouse, a document management system, half a dozen spreadsheets that have become load-bearing over the years.

A real example

In one composite engagement, the audit revealed that the revenue cycle team was spending roughly thirty hours a week reconciling census data across three systems — because two of those systems had been integrated by a vendor who left, and the integration had been silently failing for eight months. No agent could fix that. The integration needed to be rebuilt first. We found that in week two of the audit, before anyone had written a line of agent code.

The hardest decision in the audit

Deciding what not to automate. We turn down automation candidates more often than we accept them. The three filters we use, in order:

  1. Volume and leverage. If the workflow runs five times a month, an automation won't pay for itself. We look for high-volume work where each automated execution saves measurable human time.
  2. Pattern of the inputs and rules. If the rules are predictable and the inputs are predictable, write code. If the rules are clear but the inputs vary widely — one is an email, one is a PDF, one is a scanned image — that's where an agent earns its keep. If the rules themselves require judgment and pattern recognition, leave it manual. Those decisions belong to your operator, not to a model.
  3. Cost of being wrong. What happens if the automation gets it wrong twice in a row. If the answer is "we file an incorrect Medicare claim," the automation doesn't get to act unsupervised. It can recommend. A human signs.

What you get at the end of the audit

  • A workflow map of every process we observed, system-by-system
  • A prioritized list of automation candidates, ranked by leverage and risk
  • A list of underlying integration or data problems that need to be fixed first
  • A written recommendation on which candidates we propose to build, with rough scoping for each
  • A sign-off conversation with the executive sponsor — usually the CFO or COO — where we walk through the recommendations and align on what gets built

The audit is also the off-ramp. If, at the end of the audit, we think the engagement won't produce real ROI — because the volume isn't there, because the underlying systems are too broken to build on, because the team isn't ready to act on the findings — we say so. We've ended engagements at this point. It's better than building something the client can't use.

05 — Phase two
E
Phase 02 · 2–4 weeks Evals

Evaluations are how we, and you, know the system works. They're also the thing that most AI deployments skip, and it's why most AI deployments quietly fail twelve months in. We build evals before we build the production system, not after.

What a good eval actually does

Most teams, when they evaluate an AI system, check whether the final output is correct. That's not enough. A model can get the right answer for the wrong reason and then fail catastrophically the moment the inputs shift slightly.

A good eval grades the system the way a senior operator in your business would grade a junior employee. It checks not just what the system decided, but how it got there. Did it pull the right data. Did it apply the right rule. Did it flag the right exception. We trace the steps a competent human would take through a problem, and we score the system on each of them.

A model can get the right answer for the wrong reason and then fail catastrophically the moment the inputs shift.

The golden dataset

The first thing we build in this phase is the golden dataset. We sit with the best operator on your team and walk through twenty to fifty real examples of the workflow we're automating. For each one, we capture the perfect outcome — not the typical outcome, the perfect one. This becomes the standard the system is held to. Anything less than the golden answer is a miss, and every miss is investigated.

Multi-dimensional scoring

A single accuracy number is misleading. We score every output across at least four dimensions:

  • Correctness. Did it get the right answer.
  • Reasoning. Did it get there through the steps a competent operator would have taken.
  • Format. Is the output structured the way downstream systems require.
  • Cost and latency. Did it produce the answer cheaply enough and fast enough to matter.

What you get out of the evals phase

  • A documented golden dataset of expected outcomes
  • An automated eval suite that runs against every change to the system, forever
  • A reporting dashboard your executive sponsor can read in under five minutes
  • A clear written threshold — "the system goes to production when it scores X on these dimensions" — that you sign off on before we start the deployment

This phase is the one CFOs care most about, because it's the one that converts "we have an AI thing" into "we have a measurable, monitored production system." It's also the part of the engagement we're least willing to skip when a client tries to rush us.

06 — Phase three
D
Phase 03 · 4–12 weeks Deployment

By the time we get to deployment, the hard thinking is done. We know what we're building, we know how we'll measure it, and we know what production-ready looks like. The rest is engineering.

Architecture: a layer, not a replacement

We build over what you already have. The integration layer connects to your existing systems — EHR, HRIS, billing platform, document store — through their APIs or, where the vendor was hostile to integration, through MCP connectors we wrote. The orchestration layer is where the actual work happens: a series of tool calls, each one doing a deterministic job, with a model in the loop as the reasoning step where reasoning is actually needed.

Stack notes for the technical reader
  • Orchestration: a workflow engine for execution, with custom nodes where needed
  • Data layer: a relational store, typically a three-layer schema (raw, staging, curated)
  • Application layer: a modern server-rendered framework with typed end-to-end code
  • Authentication: enterprise identity provider with role-based access control
  • Hosting: Dallas anchor facility, per-client VLAN, GPU footprint for inference workloads inside the boundary
  • Monitoring: runtime error capture, silent-failure detection on scheduled jobs, alerts to the on-call channel
  • Testing: browser-automation tooling for deterministic and exploratory testing

When the model is the right tool, and when it isn't

We use models sparingly. Most of what looks like "AI" in our deployments is actually a series of deterministic tool calls with a single model call in the middle as an orchestrating step. Heavy use of AI in places where code would work just as well leads to two problems: token costs that compound at scale, and lower-quality outputs because you've asked a model to do something a function should be doing.

The model earns its keep when the input is variable and the decision requires reasoning that can't be captured in a rule. Everything else is code.

The sandbox before production

Before anything goes near your production systems, we build an execution environment that mirrors your data and runs the automation against it. This is where we burn down the last hundred edge cases. It sits inside our hosting environment, behind the same compliance boundary as production, and it talks to read-only replicas or sample data depending on the engagement.

The autonomy ladder

We never go from zero to "the automation has full authority." We climb a ladder, with explicit sign-off at each rung from the executive sponsor:

  1. Observe. The automation runs against real work and produces a report. A human still does the work. We compare.
  2. Recommend. The automation produces an action and presents it to a human for approval. The human can accept, modify, or reject. Every decision is logged.
  3. Act with review. The automation performs the action automatically. A human reviews a sample of completed actions on a defined cadence.
  4. Act autonomously. The automation operates without per-action review. Evals run continuously. Exception cases are flagged and surfaced.

Most workflows we deploy never reach rung four. That's by design. Some decisions belong to humans.

A note on compliance during deployment

Because the entire system lives inside our hosting boundary, the compliance posture is established once, at the infrastructure level. We don't need to re-evaluate every component against HIPAA or CMMC controls. The boundary holds for everything inside it. This is the single biggest reason regulated mid-market companies choose us over a generalist AI consultancy.

07 — After deployment

The part nobody else talks about.

Most AI consultancies finish their engagement at deployment. They hand you a working system, write a runbook, and leave. Six months later the system is degraded, the runbook is out of date, and the people who built it are unreachable. This is the most common failure mode in AI consulting and it's the one we exist to fix.

We don't hand the system off. We stay on as the operations layer underneath it. Specifically:

  • The system continues to run on our infrastructure, inside the same compliance boundary it was built in
  • The evals continue to run, every time we deploy a change and on a scheduled cadence regardless
  • We monitor for the silent failures that kill these systems — scheduled jobs that stop firing, integrations that quietly break, models whose outputs drift
  • When something breaks, the phone rings to us, not to your team
  • When the underlying tooling changes — a model is deprecated, an API version is bumped, a new compliance control is required — we make the upgrade and document it

The ongoing engagement is priced as a managed service. The pricing is predictable, the scope is documented, and the relationship is structured to give you an in-house equivalent without the cost of building one.

08 — Limits

What we don't do.

Naming what we don't do is more useful than naming what we do. Here's the short list:

We don't replace your ERP, EHR, or core systems.

You spent years and a lot of money getting there. We build over your existing stack, not against it.

We don't sell time-and-materials.

Every engagement is scoped against outcomes, with a defined deliverable and a fixed-fee structure for the build, and a managed-service structure for the ongoing operations. We don't bill by the hour because billing by the hour rewards us for taking longer.

We don't ship automations that act on day one.

The autonomy ladder is non-negotiable. We start with observation, even when the client wants to skip ahead. The cost of getting this wrong in a regulated environment is higher than the cost of waiting.

We don't sell capability we can't host inside our own boundary.

If a workflow requires us to ship data outside our hosting environment to a third-party tool we don't control, we either find a path to keep it inside or we tell you no. Half of what you're paying us for is the boundary. We don't poke holes in it.

We don't take engagements outside our verticals casually.

We're a healthcare RevOps, CMMC compliance, and finance operations shop. We've taken work outside those verticals when the client and the work fit, but the default is to stay where we have the most leverage. If your engagement isn't a strong fit for one of our practices, we'll tell you, and we'll probably refer you to someone better suited.

We don't grow the team to win work we can't operate.

We're a deliberately small firm. The clients we take are clients we can run for, on call, at 2am if it comes to that. Growing the team to take on more work than we can actually operate is how every shop like ours eventually breaks. We won't do it.

09 — Stack

The stack underneath.

For the technical evaluator who wants to know exactly what they'd be inheriting if they brought us in. We make pragmatic choices, not fashionable ones, and we standardize across engagements so the operational burden stays manageable for a small team.

Hosting · Production
Dallas anchor facility. Per-client VLAN isolation. GPU footprint for VDI and inference workloads inside the same boundary. CMMC-aligned for defense engagements, HIPAA-aligned for healthcare engagements. A second East Coast facility in New Jersey coming online to support geographic redundancy.
Hosting · Internal
Commodity cloud VMs and managed databases for our own business infrastructure — knowledge base, internal automations, monitoring. Separated from client production by intent and by tenancy.
Application
Modern server-rendered web framework with typed end-to-end code and a utility-first styling system. Hosted from the same boundary as the data it touches.
Data
A relational store with a three-layer schema convention — raw ingestion, staging, curated. Vector index alongside for embeddings where retrieval-augmented workflows make sense. Daily backups to object storage, weekly off-site exports.
Orchestration
A workflow engine for execution. Custom nodes where the off-the-shelf integrations don't cover the case. Workflows are version-controlled and exported as code.
Identity
Enterprise identity provider with policy-based access controls. Role-based access control to every system we build, mapped against your existing org structure.
Models
Provider-agnostic. We route to whichever frontier model is cheapest and best for the job — prioritizing providers with BAA availability and strong long-context performance — including self-hosted inference on our own GPUs when the workload calls for it.
Monitoring
Runtime error capture. Scheduled-job silent-failure detection. All alerts route to the on-call channel. Every prompt, tool call, and model response is logged with a timestamp for audit.
Testing
Browser-automation tooling for deterministic and exploratory end-to-end testing. Eval suite runs on every deploy and on a scheduled cadence.
Knowledge
A single front-door knowledge platform for client and internal documentation. Per-client collections, daily database backups, weekly JSON exports.

This is a stack designed to be operated by a small team over a long time horizon. Every component is one we've run in production for years. We don't adopt new tools casually, and we don't retire mature tools because newer ones launched.

A note on labels

The model we use for engagements — engineers embedded with operators, building inside the customer's environment, deploying iteratively against measurable outcomes — is sometimes called forward-deployed engineering. We don't lead with that label because it's borrowed from a different lineage and because the label is hotter than the work itself right now. The method is older than the term. We call it the only honest way to deploy AI inside regulated operations.

3.
Phase shape doesn't change.
Audit, Evals, Deployment.
1.
Compliance boundary.
Hosted, operated, owned.
2am.
When the phone rings,
it rings to us.
10 — If this sounds right

If this is the operating model you've been looking for, let's have a real conversation.

Discovery calls are direct with a principal, not a sales rep. Bring the workflow that's eating your team alive — or the audit finding that's keeping you up at night — and we'll tell you honestly whether we're the right shop to fix it. If we're not, we'll tell you who is.