The 75-person trap: too big for duct tape, too small for a platform team
Picture the company. Seventy-five people, maybe $15M to $40M in revenue, three or four departments that each bought their own software without telling each other. Sales lives in a CRM. Finance lives in spreadsheets and a half-configured ERP. Ops runs on a shared drive that nobody has audited since the last hire. When you ask a consultant "what will AI cost us," the honest answer is: it depends on how much of that mess we have to clean up before a model can touch it.
That is the part the rate card never shows. A day rate is a day rate. The cost that actually decides your budget is the work underneath it — the diagnostic, the data access untangling, the workflow integration, the security review, the training, and the benefits tracking. McKinsey's State of AI 2025 is blunt about why: the value shows up when you redesign the workflow, not when you bolt a tool onto the side of it. IBM's Institute for Business Value frames the same thing as a capability problem — data, operating model, adoption, measurement. A proposal that lumps all of that under one line called "implementation" is hiding where the money goes. Make them split it. The split is the estimate.
The line item nobody quotes until it's too late: access
Here is the failure mode I see most at this size. A consultant stands up an AI assistant over your documents in week two, demos something slick, everyone claps. Then in week five someone in sales asks it a question and it cheerfully surfaces the comp spreadsheet from the shared finance folder, because nobody scoped permissions first. Now you have a trust incident instead of a pilot.
At 75 people you have just enough sprawl for this to bite and not enough IT staff to have already fixed it. AI assistants inherit whatever access boundaries already exist in your stack — Microsoft's documentation on Copilot data protection is explicit that the tool reads what the user can already read. If your SharePoint, Teams channels, CRM exports, and finance files are loosely permissioned today, the AI rollout doesn't create that risk, it amplifies it. So price the controls before the build, not after. NIST's AI Risk Management Framework gives you a usable sequence even without a governance team: map the context, measure the failure modes, manage the controls, and name an owner for each. And PwC's 2025 Responsible AI survey makes the practical point — this only works if the controls live with the people making rollout decisions, not in a policy doc nobody opens. A good estimate has a real number next to "access and controls." A bad one calls it a final-stage review.
Buy one proven workflow, not a tour
For a company your size, the first engagement should be narrow on purpose. You are not funding a transformation. You are buying evidence that one workflow got materially better, with a number attached, so you can decide whether to fund the next one. Bain's research on agentic AI transformation is clear that the ambitious stuff depends on foundation work being done first — which, at 75 people, you have not done yet. So scope a first engagement that delivers four things: a ranked backlog of candidate use cases, one governed workflow actually running in production, a baseline measurement of what it was before, and a stop-or-scale decision date. Give that workflow exactly one owner. If two departments own it, nobody does, and the result evaporates the week the consultant leaves.
That structure turns a vague "what will AI cost" into a budget your CFO can defend: here is the spend, here is the one thing it bought, here is the metric that moved. Start by sizing the opportunity with the AI Opportunity Score, model the payback with the AI ROI Calculator, and when you want a scoped engagement built around a single provable workflow, see Human Renaissance AI transformation services. Finance, operations, and technology should all be able to inspect the case — that's the whole point of scoping before you spend.
