Govern your bots carefully or chaos could ensue

2026-04-30 · Source: The Register: Enterprise Technology News and Analysis · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Intermediate, quick

Summary

Gartner predicts Global Fortune 500 enterprises will deploy over 150,000 AI agents by 2028, a significant increase from fewer than 15 today, leading to potential "agent sprawl" and chaos without proper governance. Research presented at Gartner's Digital Workplace Summit indicates that organizations limiting AI access to low-risk users report lower returns compared to those expanding access under strong governance, with broader adopters being 3.3 times more likely to report higher value. Investing in third-party governance tools nearly doubles the likelihood of higher AI deployment value. Gartner proposes a two-tier governance model: a centralized committee for strategy and policy, and embedded operational teams for specific controls. The firm also outlines a framework for control, emphasizing clear policies for agent creation and data access, a centralized inventory, AI TRiSM tools for discovery, adaptive controls based on risk, defined agent identities and permissions, lifecycle plans, and continuous monitoring of agent behavior.

Key takeaway

For CTOs and VPs of Engineering evaluating enterprise AI strategies, understand that restricting AI agent access limits value. Your organization should prioritize establishing a robust, two-tier AI governance framework, including a centralized committee and domain-specific operational teams, to manage agent sprawl effectively. Implement AI TRiSM tools to discover and catalog agents, ensuring adaptive controls, defined identities, and continuous monitoring to maximize returns and mitigate risks.

Key insights

Effective AI agent governance, not restricted access, drives higher value and mitigates "agent sprawl" risks.

Principles

• Broad AI access with governance yields higher value.
• Limiting access is not a substitute for governance.
• AI agents require defined identity and lifecycle plans.

Method

Gartner's governance model features a top-tier centralized committee for strategy and policy, supported by embedded operational governance teams that translate policies into specific controls for their application domains.

In practice

• Establish clear policies for agent creation and data access.
• Build a centralized inventory of all enterprise AI agents.
• Implement continuous monitoring for agent behavior.

Topics

• AI Agent Governance
• Agent Sprawl
• AI TRiSM
• Enterprise AI Adoption
• Risk Management

Best for: CTO, VP of Engineering/Data, Executive, Director of AI/ML, AI Architect, AI Security Engineer

Related on AIssential

• The rise and risks of agent management platforms — Agent management platforms are crucial for governing the rapidly expanding ecosystem of enterprise AI agents.
• How to build an agentic AI governance framework that scales — Agentic AI demands a new governance model that balances autonomy with oversight across the entire system lifecycle.
• Mastering Agentic AI: Governance, Trust, and Enterprise Success with Barndoor AI CEO and Founder Oren Michels — Effective agentic AI adoption in enterprises requires robust governance and fine-grained access control to build trust and manage risks.
• Posthuman: We All Built Agents. Nobody Built HR. — Effective enterprise agentic AI requires robust, out-of-band governance infrastructure, not just better models.
• Governance Is Not a Prompt — Existing model risk management frameworks are inadequate for agentic AI, necessitating a new governance paradigm focused on external, enforceable controls.
• Securing AI agents with agent governance — Applying operating system and distributed systems security principles is crucial for governing autonomous AI agents.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by The Register: Enterprise Technology News and Analysis.