01Name the authoritative system for each workflow item so AI does not rely on stale exports, duplicate spreadsheets, or unclear owner memory.
02List every inbox, CRM, ERP, helpdesk, document store, spreadsheet, database, portal, or vertical system the workflow reads from.
03Collect normal cases, edge cases, missing-data examples, rejected work, corrections, exceptions, and reviewer notes before testing prompts.
04Check missing fields, inconsistent names, duplicate records, stale statuses, unstructured notes, unsupported files, and fields that need normalization.
05Identify customer, employee, financial, legal, health, credential, payment, or regulated fields that need redaction or stricter access.
06Define read permissions, draft permissions, write-back limits, service accounts, owner approvals, revocation steps, and vendor access boundaries.
07Document what prompts, sources, retrieved records, tool calls, outputs, reviewer decisions, and changed records must be logged or retained.
08Start with the smallest useful dataset, owner group, source system, and permission set that can prove value without broad production access.