A practical conversation guide for any leader — in IT or in the business — putting AI agents and automated workflows into production. Five questions to work through before and after you ship, in plain language. No theory; this is what we ask ourselves on every engagement.
Identity, access, accountability. An agent that can't be named, logged, and switched off doesn't belong in production.
Manage agents with the same tools you already use for people — a directory entry, set permissions, and a record of what they did. An agent no one owns is a risk, not a tool.
Give each agent the minimum it needs to do its job, and read-only access wherever you can. Permissions that quietly widen over time are the most common path to a real incident.
Build on platforms that already handle security (Microsoft 365, Google Workspace, your cloud) and you inherit their controls. Build outside them and you recreate all of it yourself.
Apply one rule to everything and you either smother good work with reviews, or hand off decisions you should have kept. Sort the work by what's at stake first.
Group every workflow by how easily it's undone, how much harm a wrong answer does, and how often it runs. Then decide where a human signs off, reviews, or steps aside.
An agent needs a home before it touches production. Decide where it's built and tested, who's responsible for it, and what it must prove before it's allowed to go live.
Throw messy inputs, trick questions, and chained actions at it before launch. If it breaks in testing, the test did its job. If nothing breaks at all, push harder.
Work built on one vendor's platform shouldn't be stuck there. Write down what the workflow does, apart from how this particular tool does it, so you can move later.
AI is only as good as the information you feed it. These are the hardest calls on this list to get right, and the most expensive to get wrong.
Two trustworthy sources can add up to a misleading answer once combined. Judge trust at the result, not just at each input on its own.
Not every source belongs in every use. HR records inside a marketing agent is a leak waiting to happen. Match sources to uses at the access layer.
A confident wrong answer outruns a careful right one. Where the AI is steadier at a task, let it review the person's work, not only the other way around.
Models drift, data drifts, and people drift. Set a schedule to re-check accuracy before you go live, not after something has quietly gone wrong.
New models arrive monthly, and not every one is worth the retesting. Write down what a new model has to clear, and revisit that bar each quarter.
Hand-labeling data doesn't scale. Tag automatically, have people review the edge cases, and let every agent downstream inherit those labels.
Every AI architecture choice is a bet on a vendor. The real question is whether you're making that bet on purpose — and how long it would take to change it.
Staying model-agnostic costs more to build and less to change later; locking in costs less now and far more the day you must move. Choose the trade on purpose, and write down what leaving would cost.
A neutrality policy that no one enforces is just a wish. Back it with architecture reviews, purchasing controls, and a written process for the exceptions you choose to allow.
It isn't whether an AI system will fail — it will. It's whether you've decided in advance what that failure looks like, and how you keep it small.
Choose for each use. A customer chatbot that shuts down on an error just frustrates people; an approval system that keeps running on an error becomes a compliance problem.
Some decisions should never sit with an agent — firing someone, making a medical diagnosis, signing a contract. Write that list down, and be ready to defend it.
When the agent isn't sure enough, it should hand off — to a person, a simpler model, or a fixed fallback. Design it to ease down gracefully rather than collapse.
Every production agent needs a written stop condition and a named person who can pull the plug. Not in theory — a real switch that someone has actually tested.
As AI turns into everyday infrastructure, leaning too hard on one vendor or model becomes a leadership question — not a line item buried in procurement.
For high-stakes, hard-to-reverse decisions, run the same question through more than one model and look for agreement. The extra cost is tiny next to being wrong.
Measure your concentration by use case, not by platform. A support bot and a fraud model carry very different risk and deserve very different designs.
Design for the outage. The question isn't whether a provider goes down, but how work keeps moving when it does. Every system needs a no-AI way to run.
Teams that govern well ship more AI, not less — because they're not stopping mid-rollout to write policy, or rebuilding what they should have built with guardrails the first time.
Your identity system, data labels, incident response, change process. Most AI governance is the governance you already run, pointed at a new kind of worker — not a parallel universe to invent.
We don't hand you a fifty-page document and walk away. We work through these questions with your team, write down the answers, and revisit them as your use of AI grows.
Governance isn't a tax you pay before launch. It's how you keep moving quickly without stopping to explain yourself to legal, or rebuilding under pressure later on.
Sixty minutes with one of our senior delivery leads. We'll work through the five questions with your environment in mind and leave you with a short written summary. No sales follow-up unless you ask for it.