Federal AI Implementation - OMB M-24-10 Compliant | Ingress IT Services Case Study

The Challenge

AI adoption without governance is risky.

A mid-size civilian federal agency (Department-level) identified 7 AI use cases but had no governance process, no data readiness, and no Chief AI Officer framework to manage risk and ensure compliance with OMB M-24-10 mandate.

The Situation

The agency had identified useful AI opportunities: document summarization for policies, HR screening, budget forecasting, and risk detection. But there was no governance body, no risk classification framework, no data audit, and no way to prove compliance. OMB M-24-10 deadline was approaching. Filing false or incomplete inventory was not an option.

Leadership wanted to move fast, but not recklessly. They needed a structured process to assess risk, prepare data, and deploy AI safely.

The Opportunity

Otonmi's Aizen methodology, Ingress's AI division's proven approach, offered a rapid path to governance and production. Aizen combines use case classification, data readiness assessment, governance process design, and safe first-deployment in a 12-week arc.

Start with a high-value, low-risk use case (document summarization), prove the governance model works, then expand.

Our Approach

Aizen Methodology for Federal AI.

We applied Otonmi's Aizen framework, purpose-built for rapid, governance-first AI adoption in regulated environments.

Use Case Classification

Audited 7 proposed use cases. Mapped each against OMB M-24-10 risk tiers: tier 1 (limited risk), tier 2 (moderate risk), tier 3 (high impact). Document summarization: tier 1. HR screening: tier 2 (fair hiring implications). Budget forecasting: tier 1. Documented risk rationale for each, used to inform deployment sequencing.

Weeks 1-3

Data Readiness Assessment

Conducted 6-week audit of data sources supporting the 7 use cases. Identified data quality issues, security posture, and regulatory alignment. Document summarization had clean, well-organized data (tier 1 ready). HR screening required bias audits and fairness testing (deferred to phase 2).

Weeks 2-8

CAIO Governance Design

Designed Chief AI Officer process: use case intake form, risk assessment checklist, data governance approval gates, model monitoring requirements, escalation criteria. Documented roles and decision rights. Templates for future deployments. CAIO office stood up with executive sponsor and working group.

Weeks 6-10

First Production Deployment

Deployed document summarization using air-gapped GPT-4 via Otonmi on AWS GovCloud. Processed 800+ policy documents monthly. Adjusters review and approve summaries before use. Zero production incidents. Model monitored daily for drift and performance.

Weeks 8-12

M-24-10 Inventory & Filing

Compiled 7 use cases into M-24-10 inventory. Documented risk classifications, data governance, monitoring plans, and responsible officer for each. Submitted to OMB on time. Agency passed compliance review with zero findings.

Week 12

The Outcomes

Governance, speed, and compliance.

Use Cases Classified

All 7 identified use cases assessed and risk-tiered per OMB M-24-10. Clear path forward for each: deploy now (tier 1), phase 2 (tier 2), or further research (tier 3).

Use Case in Production

Document summarization live on AWS GovCloud. Processing 800+ policy documents monthly. 99.8% uptime. Human-in-loop review ensures accuracy and safety.

M-24-10

Inventory Filed On Time

Submitted compliant inventory and governance documentation to OMB within deadline. Zero compliance findings. Positioned agency for future AI deployments with confidence.

Tech Stack

AWS GovCloud + Otonmi + Aizen.

AWS GovCloud

Sovereign cloud for document summarization deployment. Air-gapped environment ensures no data leaves federal boundary. FedRAMP-authorized infrastructure.

Otonmi AI Platform

Orchestration, monitoring, human-in-loop workflow, and governance templates. Built by Ingress's AI division. Enables rapid, safe deployment while maintaining compliance.

Air-Gapped GPT-4

GPT-4 via Otonmi on AWS GovCloud. No cloud API calls outside federal boundary. Document processing occurs entirely within FedRAMP-authorized infrastructure.

Python + Monitoring

Custom code for document ingestion, processing orchestration, and monitoring. CloudWatch logs for audit trail. Drift detection and alerting for model performance.

Key Lessons

Governance enables speed in federal AI.

Risk Classification First

Not all AI is created equal. Mapping use cases to OMB M-24-10 risk tiers allowed us to focus resources on high-risk work and deploy low-risk cases quickly. Document summarization (tier 1) went to production in 12 weeks. HR screening (tier 2) will follow with deeper fairness testing.

Air-Gapped is Feasible

We proved that cutting-edge AI (GPT-4) can run on AWS GovCloud without cloud API dependencies. Document summarization quality rivals public GPT-4. No data leaves the federal boundary. This model can scale to other use cases.

Templates Unlock Scale

We created reusable governance templates: use case intake form, data readiness checklist, risk assessment rubric, monitoring plan template. Now, when a bureau proposes a new AI use case, the intake process is standardized and fast. CAIO office can process tier 1 cases in weeks, not months.

Aizen Works in Federal Context

The Aizen methodology, developed for rapid, human-centered AI adoption, proved equally effective in federal compliance-heavy environments. The structure (Explore, Experiment, Embed, Expand) maps well to governance gates and risk-tiering. We completed in 12 weeks what often takes 18 months.

Start a conversation

Tell us what's worth doing.

// 30 minutes → a written brief.

Bring the problem. We'll come back with a written brief: what to build, what to defer, and where AI actually moves the number. No deck pitches.

Book a 30-min call →All case studies

Emailconnect@ingressits.com

GSA MAS#47QTCA26D000K

Reply< 24 hrs

M-24-10 compliant, in production, in 12 weeks.