Developer reviewing code on two monitors — representing responsible AI usage in software development

AI does not write code we blindly trust.

How we use AI in software development.

AI tools promise speed. What they do not deliver is judgment. Whether a suggestion fits, whether a generated code block delivers what it promises, whether a result remains traceable: those are decisions made by our team.

We use AI where it speeds up analysis, structures requirements, or supports development steps. Not where security, regulation, or accountability are at stake. We draw this line deliberately.

Where AI quickly becomes a risk.

Results without traceability

AI delivers results without making the path to them transparent. In security-critical systems, that is not a minor issue.

Uncontrolled data input

External AI services process inputs outside of your own infrastructure. Project data that should not leave the organization stays internal. For this reason, we run AI on our own servers.

Automation without understanding

Anyone who adopts AI output directly without reviewing it is automating errors. That happens faster than you would notice.

Hype instead of deliberate decision

Using AI out of habit or external pressure creates overhead, not value. Not every tool improves a process.

Where we specifically use AI.

Requirements analysis

AI helps structure requirements and surface contradictions early. The result is always assessed by the team.

Code assistance

Generated code is reviewed, not adopted as-is. AI delivers suggestions that we assess and take responsibility for. Not the other way around.

Documentation & analysis

Texts and summaries can be produced faster with AI. This applies where no confidential information is involved.

AI on our own servers

External AI services are powerful and the right choice for many tasks. For everything that needs to stay internal, we run AI on our own infrastructure.

Not every AI tool improves a process.

Test results that looked coherent and were wrong. Documentation that missed the point entirely. These experiences have shaped how we select our tools. We use AI only where we can assess the output. Where data should not go to external services, the AI runs on our own servers.

Three esatus team members discussing AI-assisted software development at a laptop

AI does not decide.

It delivers suggestions. We deliver the result.

Security is not a promise, it is a system.

How we organize information security and what that means for client projects is shown by our ISMS.

esatus AG contact person for AI usage in software development

ISMS at esatus.