Why I Built NADOVO
Frameworks have accompanied me through 20 years of process consulting. ITIL, COBIT, various service management methods. Not as rulebooks you tick off, but as orientation tools - as structure that helps make complexity manageable.
It was with exactly this lens that I eventually read the EU AI Act.
What I saw in the regulation
Two years ago I started to engage intensively with AI adoption in service management. Practically, not theoretically. What I observed: ChatGPT was dropped into customer service. AI-based scoring introduced in HR. Copilot rolled out to half the workforce. Without an inventory. Without a risk assessment. Without knowing which obligations were coming for the companies. Even large software vendors integrated AI as a black box into their products - not traceable, not documentable.
Then the EU AI Act came onto my radar. 113 articles, 13 annexes. Many reacted reflexively: too complex, too legal, wait and see.
I saw something else: a requirement to classify AI systems by area of application and risk class. Derive measures. Keep records. Monitor.
That is a process.
Not because I wanted to call it that, but because that is how I think. Process thinking is not a method you apply - it is a lens through which you see problems. And what I saw in this regulation was not a legal text. It was a cycle that needed structure. The logical conclusion was to develop a framework.
From that point on it was clear that I did not just want to talk about it.
Why framework and platform belong together
I developed my own methodology. Five phases: DISCOVER, DEFINE, ASSESS, IMPLEMENT, MONITOR. A cycle that grew out of my process experience, not out of a law firm.
But I knew the pattern from consulting all too well: risk assessments in Excel spreadsheets. Training records in folders. Action plans in documents that nobody finds anymore. Three months later half of it is outdated, and nobody knows which version still applies.
Compliance is not a state you establish once. It is an ongoing process. A methodology only becomes effective once it lives in a running system - not on paper, but in the daily work of teams who have other priorities.
That is why, in parallel to the methodology, I built a platform. NADOVO. Rule-based, not AI-based. Automatic risk classification against Annex I and III of the EU AI Act. An immutable audit trail for ten years, as Article 12 requires. Hosted in Germany, without a US cloud. Not a black box, but deterministic logic that auditors and supervisory authorities can accept.
What the beta teaches
The first companies have been testing NADOVO in a closed beta since April 2026. What I learned could not have been put into words beforehand.
The biggest surprise: the actual problem is not in the risk classification. It is one step earlier. Most companies simply do not know which AI systems they are even using. Not because they are careless, but because AI has long been embedded in standard software that nobody has on their radar as an AI system. A CRM with lead scoring. A translation tool in the communications department. A chatbot the marketing team built in months ago that has simply been running ever since.
The second insight: compliance is teamwork. IT knows the systems, but not the legal basis. Management knows the liability risks, but not the deployed systems in detail. The data protection officer knows the GDPR, but the EU AI Act is a separate body of rules with its own requirements. These perspectives have to come together in a structured way.
Why my background makes a difference
I am not a lawyer. I say that openly, because for me it is not a shortcoming - it is a positioning.
Working through compliance requirements legally is something others do well. What I bring is the experience of 20 years: how to transfer a methodology into running processes that survive the daily grind. That is the gap between a framework on paper and a compliance a company can actually demonstrate.
NADOVO is the attempt to close that gap. Framework, consulting and platform from a single source - tailored to the mid-market, which has neither enterprise budgets nor its own compliance department.
If you want to take a look at the platform: NADOVO platform.
Further reading
About the author
Jochen Stier is co-founder of NADOVO with over 20 years of experience in process management and IT service management. He helps German SMEs implement the requirements of the EU AI Act systematically and pragmatically. His 5-phase framework NADOVO combines regulatory requirements with practical feasibility, without enterprise budgets or complex tools.
More articles
AI Technology Website Migration and SEO Ranking
Many fear a website migration destroys the Google ranking. That is true - if you do it wrong. What really happens and what matters.
read more ...
AI Technology Maintaining a Website Without an Agency
If you have a business website, you should be able to maintain it yourself. Why that does not work for most people - and how it can be done differently.
read more ...
AI Technology What WordPress Really Costs
WordPress is considered a free solution. The actual bill looks different - and that is not only down to hosting.
read more ...