Lack of AI governance could force 40% of enterprises to roll back autonomous AI agents by 2027

News
By published

Poor governance could cause widespread AI reversal

A woman out of focus in the background touches the word AI, lit up in glowing yellow light, in the foreground. The woman is wearing smart glasses
(Image credit: Getty Images)
  • Two in five companies could have to scale back AI agents by 2027
  • Companies urged to reconsider basic governance policies
  • Thorough, four-stage framework introduced

Gartner has warned that as many as two in five enterprises will have to decommission their AI agents by 2027 due to gaps in their governance frameworks that might only be discovered after incidents occur.

This is because organizations are either treating AI agents as completely locked down or fully trusted – it's these uniform controls that could end up causing the biggest headaches for companies in the next few years.

The report reveals that this could actually present two risks – as well as the obvious miscalculated trust that affords agents access to systems they shouldn't have access to, overly strict policies could lead human workers to other, unapproved tools, adding to the potential data exposure risks.

Latest Videos From

Governance is a crucial consideration for agentic AI

To move forward, Gartner is advising companies to adopt a four-stage framework for more granular access controls, starting with 'Level 1: Observe'. This would grant AI agents read-only access to defined data sources, with outputs only available to the requesting user.

'Level 2: Advise' would add to this by generating recommendations or proposed actions that must be reviewed manually by humans – under this policy, agents would still have no write access to systems.

For full read-write access, 'Level 3: Act with Approval' would let agents carry out actions, write data and send communications, but only after explicit human approval every single time.

The final policy, 'Stage 4: Act Autonomously', is where AI agents can truly come into their own by executing actions by themselves. Humans would still be involved at the exceptions, audit logs and aggregated outcome levels.

"Because accountability for outcomes remains with the organisation, this level requires the most rigorous governance, including continuous monitoring, enforced guardrails, rapid rollback mechanisms, circuit breakers that halt agent operation on threshold violations and clear ownership for agent behaviour," Senior Director Analyst Shiva Varma explained.

Gartner's report essentially serves to remind enterprises that rushing into autonomy without careful consideration into what agents can read and write could harm security later on. With a calculated approach to governance, enterprises can avoid reactive rollbacks entirely.

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.