The Unhinged Librarian

Library Board Toolkit

Essential resources for governance, vendor decisions, AI compliance, and strategic technology planning.

This toolkit is designed for board presidents, board members, and executive directors who understand that vendor decisions are governance decisions.

Your role requires you to exercise fiduciary duty: ensuring that technology investments protect library assets, mission, and patron data. That means you need to:

  • Understand vendor contracts and their long-term implications
  • Manage risks from data breaches, vendor lock-in, and AI-generated harms
  • Ensure compliance with emerging AI legislation
  • Align technology strategy with mission and equity goals
  • Ask the right questions and demand transparent answers

Everything below is organized to help you fulfill those responsibilities.

Risk & Governance

Vendor relationships expose your library to legal, financial, and reputational risks. Understanding these risks is foundational to good governance.

Contract Red Flags

What contract language should trigger your concern?

Contract Red Flags Checklist The essential contract issues boards must understand before signing anything.

Cybersecurity & Patron Data

What happens when vendors fail their security responsibilities?

Ransomware and Library Risk: What Boards Should Ask Why cybersecurity failures are governance failures. Real incident analysis and prevention strategies.
Cybersecurity Budget Framework How much should you spend on cybersecurity? A data-driven approach for libraries.

Data Extraction & Vendor Exit

Can you leave a vendor without losing your data?

Data Removal Guide: Extracting Data from Vendors Practical step-by-step guide for retrieving your library's data from any vendor system.

AI & Compliance

New AI laws are coming fast. Your board needs to understand the deadlines and what they mean for your vendors.

Key Deadline: Colorado AI Act (SB24-1134) compliance required by June 30, 2026. If you use any AI-based discovery/recommendation systems in patron-facing services, this affects you.

Legislation & Compliance

Colorado AI Act for Libraries: What Boards Need to Know SB24-1134 explained. What the deadline means. How to audit your vendors for compliance.
EU AI Act for US Libraries: When It Affects You If you have EU patron data or international vendors, this law matters to you.
AI Legislation Tracker for Libraries Real-time tracking of state-level AI laws affecting libraries. Deadlines, requirements, and vendor impact analysis.

AI Governance Frameworks

Privacy Policy AI Fixes: Board Approval Template What to add to your privacy policy. Board-ready language. How to monitor compliance.
Library Content in AI Training: Opt-Out Frameworks Vendors may train AI models on patron data and library content. Your options and obligations.

Board AI Governance Checklist

  • Do we have an AI policy? Has the board reviewed it?
  • Which of our vendors use AI systems? (Check their product roadmaps.)
  • For each AI system: Is it compliant with Colorado SB24-1134? What about other state laws?
  • Do our vendor contracts include data privacy protections for AI training?
  • Have we documented which patrons/data the AI systems touch?
  • Do we have an audit/monitoring plan for vendor AI compliance?

Vendor Relationships & Contracts

Vendor decisions define your technology future. These resources help you evaluate, negotiate, and monitor vendors strategically.

Vendor Lock-In & Strategic Risk

Beginning of the End: Vendor Decisions as Exit Strategies How to evaluate vendors with exit in mind. What makes a vendor "sticky"? How to protect yourself.
Vendor Independence Playbook The specific mechanisms vendors use to make leaving difficult (and expensive). How contracts enable lock-in.

Contract Evaluation Tools

Contract Audit Checklist: 50-Point Framework Use this before signing. Every clause your board should question. Red flags and safer alternatives.

Vendor Migration

Vendor Migration Playbook: Planning & Execution You've decided to move vendors. Step-by-step guide. Timeline. Budget. Risk management.

Vendor Evaluation Framework

  • Financial: Multi-year costs (contracts, implementation, training, support, data export/migration)?
  • Risk: What happens if this vendor fails? Can you extract your data? Is there a viable competitor?
  • Mission Alignment: Does this vendor's business model align with your values? (e.g., Do they sell patron data? Train AI on your content?)
  • Operational: Staff capacity to implement and maintain? Training requirements? Integration complexity?
  • Roadmap: Where is this product headed in 3-5 years? Is the vendor committed to this market?

Equity & Mission Alignment

Vendor decisions impact your mission fulfillment and your ability to serve equitably. These resources connect governance to your values.

Mission Impact of Technology Choices

Vendor Decisions & Equity Impact: What Boards Must Consider How vendor business models affect patron equity. AI bias in library systems. Accessibility requirements in contracts.

Legal & Compliance Risk

Library Content in AI Training: Opt-Out Frameworks Your board's liability if vendor-generated AI causes discrimination or harm. Vendor responsibility in contracts.

Mission Alignment Questions

  • Does this vendor's business model conflict with our commitment to intellectual freedom?
  • Does this system exclude or disadvantage any patron populations?
  • Are there accessibility (ADA, WCAG) requirements in our contract?
  • If this vendor generates content (AI, algorithms, recommendations), can we ensure it's equitable?
  • Does the vendor's data practices respect patron privacy and dignity?

Strategic Planning & Technology Roadmap

Good vendor decisions emerge from clear strategy. These resources help you build a strategic technology foundation.

Technology Strategy Fundamentals

Small Library Tech Stack Essentials What should your library's core tech stack be? How to avoid over-engineering. Long-term considerations.
Strategic Technology Methodology for Libraries A framework for making deliberate technology choices aligned with mission and capacity.

Tactical Implementation

Vendor Migration Playbook: Planning & Execution Turning strategy into action. Budget, timeline, and risk management for major technology changes.

Strategic Planning Roadmap

  • Year 1: Audit current tech stack. Identify pain points. Document all vendor contracts and renewal dates.
  • Year 1-2: Develop IT staffing and budget strategy. Define procurement standards.
  • Year 2-3: Plan major system migrations if needed. Build vendor evaluation criteria.
  • Ongoing: Annual vendor performance review. Compliance monitoring (contracts, legislation, cybersecurity).

Tools & Templates

Contract Audit Checklist

50-point evaluation framework for vendor contracts. Use before signing anything.

View Checklist

Board Presentation Template

Present vendor decisions to your full board. Data-driven format with decision templates.

Download (Consulting Page)

AI Governance Assessment

Audit your library's AI systems for compliance with Colorado SB24-1134 and emerging laws.

Assessment Guide

Vendor Risk Matrix

Evaluate vendor risk across financial, operational, legal, and mission-alignment dimensions.

Risk Framework

Decision Frameworks

When to Hire Consulting

Do you need external expertise for vendor decisions?

Consult an Expert If:

  • You're evaluating a major vendor contract (ILS, discovery system, digital content platform, enterprise software)
  • You're planning a vendor migration and need risk assessment or data extraction planning
  • You're uncertain about AI compliance requirements and your vendors' obligations
  • You don't have IT/legal staff with vendor contract expertise
  • The contract involves sensitive data or high financial risk
  • You want an objective third party to negotiate on your behalf
Learn About Consulting Services

Vendor Evaluation Scorecard

Use this to compare multiple vendors across standardized criteria:

  • Product fit (features, integrations, roadmap)
  • Cost (acquisition, implementation, ongoing, exit)
  • Vendor health (company stability, market position, support)
  • Risk (contract terms, data security, compliance, lock-in)
  • Mission alignment (business model, values, equity impact)

Custom scorecards are included in consulting engagements.

Cost-Benefit Analysis Template

Before approving a new vendor or system, calculate:

  • Direct costs: Software, implementation, training
  • Indirect costs: Staff time, integration work, opportunity cost
  • Benefits: Time savings, patron experience, data quality, mission impact
  • Hidden costs: Exit costs if you need to switch vendors

See vendor migration playbook for detailed cost estimation.

Speaking & Board Training

Bring expertise directly to your board meeting or annual retreat.

Available Topics

  • Vendor Decisions as Governance: Why boards must own technology decisions. Red flags and decision frameworks.
  • AI Compliance for Libraries: Colorado SB24-1134, EU AI Act, and emerging laws. What your vendors must do. Board audit framework.
  • Contract Strategy for Boards: Reading vendor contracts. Recognizing lock-in. Negotiation tactics. Exit planning.
  • Technology Roadmap & Strategic Planning: Building a sustainable tech strategy. Long-term vendor selection. Managing change.
  • Data Security & Patron Privacy: Cybersecurity governance. Breach response. Vendor accountability.
  • Custom Topics: Tailored to your library's specific vendor decisions or challenges.
Request a Board Presentation

Format options: 45-minute presentation, 2-hour workshop, full-day board retreat facilitation. Virtual or in-person.

Quick-Start Guides for Your Board

Pick a time commitment. We'll guide you through the essentials.

If Your Board Has 30 Minutes

Start here. Read these three articles:

  1. Contract Red Flags Checklist
  2. Colorado AI Act for Libraries: What Boards Need to Know
  3. Vendor Decisions & Equity Impact: What Boards Must Consider

Total reading time: ~25 minutes. You'll understand the core governance risks.

If Your Board Has 2 Hours

Deeper dive. Read the 30-minute materials plus:

  1. Vendor Independence Playbook
  2. Contract Audit Checklist: 50-Point Framework
  3. Watch a board presentation on vendor decision frameworks (if available)

Total time: ~2 hours. You'll have tools to evaluate vendor contracts and make strategic decisions.

If You're Planning a Board Retreat

Half-day or full-day agenda:

  1. Read all materials above (board members pre-work)
  2. 90-minute facilitated session on technology strategy and vendor governance
  3. Hands-on activity: Evaluate your current vendor contracts using the checklist
  4. Board action: Create a vendor audit plan and compliance roadmap
  5. Optional: Contract negotiation strategy or AI governance workshop

Result: Your board will have a clear governance plan and decision-making framework for the next 2-3 years.

Ready to Move Forward?

This toolkit gives you resources for self-directed governance. If you need expert guidance on specific vendor decisions or want to accelerate your board's technology literacy, consulting services can help.

Explore Consulting Services Get in Touch