CIOs Face Governance Challenges as AI Agent Deployments Surge

IT leaders are finding themselves accountable for artificial intelligence systems they don’t fully control, creating a governance gap that threatens enterprise stability. New research from the IBM Institute for Business Value shows that two-thirds of CIOs and CTOs feel responsible for AI agents deployed by employees outside IT departments.

This challenge is amplified by the rapid pace of adoption: 70% of IT leaders report systems being deployed faster than they can track, while expectations are for a 38% increase in AI agent deployments next year—with only one in ten leaders feeling prepared for this scale.

The Hidden Risks of Democratized AI Development

The issue stems from policies that encourage broader AI adoption beyond IT teams. As CIO at IBM’s technology transformation division, Matt Lyteson explains, “Enterprises have made it easier for more people to develop these solutions—it’s not just the two in IT anymore.” This democratization creates visibility problems as employees experiment with agents across various departments.

When marketing connects large language models (LLMs) to content workflows, finance uses AI for forecasting, or product teams grant access to customer data—these actions often occur without central oversight. The aggregate impact becomes invisible to the CIO, creating compliance and security risks.

From Observability to Policy Enforcement

Experts like Ben Schein at Domo emphasize that this isn’t about reckless AI deployment but rather governance models struggling to keep pace. “The challenge is that we’re adopting AI faster than our frameworks can evolve,” he notes.

The solution? Building observability and policy enforcement directly into data infrastructure—rather than treating AI governance as a separate initiative. As Schein puts it, “CIOs who succeed in the next 24 months will be those who embed governance where data already lives.”

Other industry observers echo this need for proactive controls:

  • Aatish Salvi, CTO at Applause, warns of “producing mediocrity at great speed” when agent control sits with non-technical users.
  • Itai Schwartz, cofounder and CTO at MIND data security, points out that unsupervised agents often run without oversight or accountability.

The takeaway for IT leaders is clear: AI governance isn’t just a compliance exercise—it’s essential infrastructure for managing the risks and maximizing the value of enterprise-wide AI adoption.