AI Glossary for Executives
90+ AI terms, in plain English.
Deeper than the glossary in the book. Organized by category with cross-links. Bookmark this page — it is the reference we use with clients when the jargon starts piling up in a meeting.
Glossary terms
A
AgentsAgent
An AI system that can take actions on your behalf — sending emails, updating records, calling APIs, waiting for approvals — rather than just producing text. Agents combine a language model with tools and memory. Useful when a task involves multiple steps across multiple systems.
GovernanceAgentic AI
AI that takes sequences of actions autonomously. Higher risk profile than chat AI because the AI can affect the real world. Every agentic system should have human-in-the-loop checkpoints for high-stakes decisions.
GovernanceAIMS (AI Management System)
The full operational apparatus around your AI — leadership commitment, risk assessment, data governance, lifecycle controls, continuous improvement. The ISO term used in ISO 42001.
GovernanceAI RMF (NIST AI Risk Management Framework)
A voluntary US-government framework for AI risk organized around four functions: Govern, Map, Measure, Manage. Widely referenced in US regulatory conversations. Free to adopt. See the Governance pillar.
EconAPI (Application Programming Interface)
How two software systems talk to each other. When we say "Claude API" or "OpenAI API," we mean the programmatic connection that lets your business systems call an AI model.
GovernanceAudit Trail
A permanent, tamper-resistant log of what an AI system did, when, with what inputs, and who approved it. Required for governance in regulated industries. Standard in every Heed AI deployment.
B
ModelsBenchmark
A standardized test (MMLU, HumanEval, GSM8K, etc.) used to compare AI models. Useful for technical comparisons, mostly irrelevant for business buyers — real-world performance on your data is what matters.
ModelsBias (Algorithmic)
When an AI system produces systematically different outputs for different groups, often because its training data reflected historical bias. A governance concern, especially for hiring, lending, and healthcare decisions.
C
GovernanceCAIO (Chief AI Officer)
A C-level executive responsible for AI strategy, governance, and outcomes. At SMB scale, usually filled as a fractional CAIO retainer rather than a full-time hire.
GovernanceCCPA (California Consumer Privacy Act)
California privacy law affecting how businesses handle consumer data. Relevant for AI systems that process California residents' data.
GovernanceCISA (Certified Information Systems Auditor)
A globally recognized certification in information systems audit, control, and security. Michael Bowers holds this. Relevant because AI governance extends from information security principles.
ModelsClaude
The family of AI models from Anthropic (Haiku, Sonnet, Opus). Known for long-context reasoning, strong tool use, and carefully-tuned safety behavior. Our default choice for enterprise and governance-sensitive workloads.
DataContext Window
The maximum amount of text an AI model can process in a single request. Claude Sonnet 4.5 supports 1M tokens; GPT-4 Turbo supports 128K. Larger context windows let you send entire books, codebases, or customer histories in one request.
DeploymentCopilot (Microsoft)
Microsoft's family of AI assistants embedded across Office, Windows, GitHub, and Dynamics. A fast path to basic AI for organizations already on Microsoft. The Custom vs SaaS comparison covers when Copilot is enough and when you need more.
D
DataData Pipeline
The infrastructure that moves data from source systems (CRM, ERP, databases) into the AI system. Often the hidden cost of an AI project — if your data is not ready, the AI cannot be either.
DataData Residency
Where your data physically lives (US, EU, on-prem). Matters for regulatory compliance. Often a deal-breaker in healthcare, legal, and financial AI.
ModelsDeterministic vs Non-Deterministic
A deterministic system always produces the same output for the same input. Language models are non-deterministic by default — a design choice that affects testing, reproducibility, and governance.
DeploymentDiscovery Project
A short, structured engagement (typically 2 to 4 weeks) where we map your operations, identify AI opportunities, and produce a written ROI model. The right first step for most SMBs.
E
DataEmbedding
A mathematical representation of meaning. Words, sentences, or documents are converted to embeddings (vectors of numbers) so the AI can compare them semantically. The backbone of retrieval and search systems.
GovernanceEU AI Act
The European Union's comprehensive AI regulation, effective 2024-2026 in phases. Applies to any company selling AI-assisted products in the EU. Introduces risk tiers (prohibited, high-risk, limited, minimal) with different obligations.
GovernanceExplainability
The ability to describe why an AI system produced a given output. Low for deep neural networks by default; required for regulated decisions. Techniques include feature attribution and structured reasoning traces.
F
ModelsFine-Tuning
Training an existing foundation model further on your specific data to improve domain performance. Less common now that long-context prompting and RAG cover most use cases without the cost.
ModelsFoundation Model
A large pre-trained AI model (Claude, GPT, Gemini, Llama) that serves as the base for many downstream applications. "Building on a foundation model" means using an existing model rather than training your own.
EconFractional CAIO
A part-time Chief AI Officer retained for ongoing strategy, governance, and vendor oversight — typically 10 to 40 hours per month. Our vCAIO retainer.
G
ModelsGemini
Google's family of multimodal AI models. Strong at multimodal (text + images + video + audio), tightly integrated with Google Workspace.
ModelsGenerative AI
AI systems that produce new content (text, code, images, audio, video) rather than just classifying or predicting. Distinct from traditional machine learning that outputs probabilities or categories.
GovernanceGovernance
The set of policies, access controls, audit trails, and human checkpoints that make an AI system defensible to boards, auditors, and regulators. Full detail in the Governance pillar.
ModelsGPT (Generative Pre-trained Transformer)
The family of models from OpenAI (GPT-3.5, GPT-4, GPT-5). A strong generalist model. Microsoft Copilot is built on GPT.
H
ModelsHallucination
When an AI confidently states something that is false. A known failure mode of language models. Mitigated through retrieval (RAG), grounding, structured outputs, and human-in-the-loop review on high-stakes outputs.
GovernanceHIPAA
US law governing protected health information (PHI). Every AI system touching PHI must comply. We build HIPAA-aware workflows with appropriate BAAs, access controls, and audit trails.
GovernanceHuman-in-the-Loop (HITL)
A design pattern where a human reviews or approves AI outputs before they take effect. Mandatory in our deployments for decisions involving customers, regulated data, or material dollars.
DataGrounding
Constraining an AI model's responses to a defined knowledge base (company docs, policies, product catalog) to reduce hallucination. The technical backbone is usually RAG.
I
DeploymentIntegration
Connecting the AI system to your existing tools (CRM, ERP, document store, email, calendar). Usually the largest hidden cost on an AI project.
GovernanceISO/IEC 27001
International standard for information security management. Michael Bowers is a certified ISO 27001 Lead Auditor. Any AI system should inherit ISO 27001-aligned security controls.
GovernanceISO/IEC 42001
The international standard for AI management systems, published December 2023. The first certifiable standard for AI. Increasingly cited in enterprise RFPs. Full breakdown in the Governance pillar.
K
DataKnowledge Base
A structured collection of documents, policies, and data that an AI system can search during a conversation. Combined with retrieval, it is how we give AI access to company-specific knowledge without fine-tuning.
L
ModelsLLM (Large Language Model)
A neural network trained on massive text corpora to predict the next word. Claude, GPT, Gemini, Llama are all LLMs. The engine behind modern generative AI.
EconLock-in (Vendor)
The cost and difficulty of switching away from a vendor. Higher for SaaS platforms, lower for custom builds on open standards. A factor in the build vs buy decision.
M
ModelsModel Card
A document describing an AI model's intended use, limitations, training data, and known risks. Standard practice for published models. Your own deployed systems should have equivalent documentation.
ModelsMultimodal
AI that can process multiple input types (text, images, audio, video) in one system. Gemini and GPT-4o are multimodal. Useful when the input includes scanned documents, photos, or voice.
N
GovernanceNIST AI RMF
See AI RMF above.
O
ModelsOpen-Weight Model
A model whose weights are publicly available (Llama, Mistral, Qwen). Can be self-hosted, which matters for data sovereignty. Quality is now competitive with closed models for many tasks.
EconOperating Cost
The ongoing cost of running an AI system (API calls, hosting, monitoring, maintenance). Typically 10-20 percent of build cost annually for custom builds. See the ROI Measurement pillar.
P
EconPayback Period
Time to recover the upfront investment from an AI project. Average across Heed AI engagements: 74 days on an $8,000 build.
DataPHI (Protected Health Information)
Health data regulated under HIPAA. Any AI touching PHI requires a BAA (Business Associate Agreement) with the AI provider, appropriate access controls, and audit logging.
DeploymentPilot
A short, scoped engagement (2 to 4 weeks) that builds and validates a single AI workflow. The standard first project with Heed AI. See How We Work.
ModelsPrompt
The input to a language model. Can include instructions, examples, and data. "Prompt engineering" is the discipline of crafting effective prompts.
ModelsPrompt Injection
A security attack where malicious input tricks an AI into ignoring its original instructions. Mitigated through input validation, output constraints, and separation of system prompts from user input.
Q
DeploymentQA (Quality Assurance)
Validating that an AI system behaves as expected on edge cases, adversarial inputs, and real-world data. Non-negotiable before production.
R
DataRAG (Retrieval-Augmented Generation)
A pattern where the AI searches a knowledge base for relevant documents, then uses those documents to answer a question. The standard way to give AI access to company-specific information without fine-tuning.
EconROI (Return on Investment)
Gain minus cost, divided by cost. Expressed as a percentage. For AI, gain includes hours saved, errors avoided, revenue captured, and hire-avoidance savings. See the ROI pillar for formulas and worked examples.
S
EconSaaS (Software as a Service)
Software delivered as a subscription over the internet. For AI, common examples include Microsoft Copilot, HubSpot AI features, Zapier AI. The Custom vs SaaS comparison covers when SaaS is the right choice.
ModelsSystem Prompt
Instructions given to a language model that define its role, constraints, and behavior. Invisible to end users, persistent across the conversation. A key lever in production AI.
T
ModelsToken
The basic unit of text a language model processes. Roughly 3 to 4 characters or 0.75 words. API costs are measured in tokens. A 1M-token context window holds about 750,000 words.
AgentsTool Use
An AI's ability to call external functions or APIs (database queries, calendar actions, email sends) during a conversation. Standard in modern agents. Our production agents use tool use extensively.
V
GovernancevCAIO (Virtual Chief AI Officer)
See Fractional CAIO above.
DataVector Database
A database optimized for storing and searching embeddings. Examples: Pinecone, Weaviate, pgvector, Chroma. The storage layer behind RAG.
Z
GovernanceZero Trust
A security model where every access request is verified, regardless of network location. CISA-aligned. The default posture for our AI deployments.
Have a term we missed?
Send it. We update this glossary quarterly based on the questions clients actually ask.