About
Senior judgement.
One voice. Built to ship.
I get AI products through enterprise procurement and security review. When a real deal stalls behind a Responsible AI assessment or a security questionnaire, I produce the governance evidence the buyer's procurement and legal teams need to sign off, so the deal proceeds. I know what those teams need because I have spent three decades building and governing technology inside regulated industries (Volvo Group, Nokia, AstraZeneca), and I am AIGP certified through the IAPP. I have lived on the enterprise side of procurement, risk, and privacy, so I know what reviewers look for before they will sign.
IAPP-certified · AIGP
AI governance advisor
Who you work with
I do the work you hire me for.
I am Troy Norcross, founder of SER Team. I work as an AI governance advisor to mid-market technology firms selling into enterprise, and I hold the AIGP certification from the IAPP. I have run SER Team since 2006. The focus today is AI governance. The discipline behind it, enterprise architecture in regulated industries, goes back three decades.
When you sell an AI product into a large enterprise, the buyer puts it through an AI governance review. Their procurement and legal teams want to see how your AI is governed: how you classify and manage AI risk, how your models handle data, how you evaluate outputs and keep a human in the loop, and how you oversee the AI in your own supply chain. I close the gap between how your AI actually works and the evidence an enterprise reviewer will accept, mapped to the frameworks they use: ISO 42001, the EU AI Act, NIST AI RMF, and the rising bar of European data sovereignty under CADA. Then I leave you with the templates to clear the next AI assessment yourself.
There is no junior team behind a senior face. You deal with the person doing the work. That matters in governance, because the position you hand a buyer has to be one voice, internally consistent, and able to survive scrutiny from people whose job is to find the gaps.
The standard I hold
Earlier in my career I advised a client to turn down revenue, because the data position behind it would not have survived privacy law. It was the harder conversation and the right one. They kept the trust, and the relationship, that the short-term revenue would have cost them. I bring the same judgement to AI governance. A governance position is only worth producing if it is true.
The SER operating model
Clear the threshold once. Keep the capability.
Mid-market firms cannot carry a permanent governance function. The model is built so external load is heaviest at the start and falls away as your own capability rises.
01 · TRANSLATE
Clear the gate
Render your engineering reality as governance evidence the buyer can validate.
02 · TEMPLATE
Transfer it
Hand over reusable frameworks so the next assessment is yours to run.
03 · OVERSEE
Stay on call
Bounded senior judgement, in hours per quarter, only when the stakes warrant it.
Track record
Three decades building and governing technology in regulated industries
I am an AI Governance Professional, certified by the IAPP, and I work to the EU AI Act, GDPR, PECR, and data-sovereignty requirements every week.
Behind that sits three decades of enterprise and data architecture in regulated industries. I co-founded and led the enterprise architecture for a blockchain logistics network at Volvo Group, running a 26-person team and live operations of more than 2,000 shipments a day with no service disruption, including ERP integration, payments, and e-money licensing preparation. At Nokia I led a six-country joint venture with Intuit, owning regulatory compliance, intellectual property, and consumer data protection, and I am a named co-inventor on a Nokia patent. At Publicis I was product owner for an AstraZeneca healthcare platform built under clinical and privacy constraints. Across the practice I have advised more than fifty founder and leadership teams, from scale-ups to listed companies.
I work between London and Lisbon.
