Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Agentic AI is automating enterprise work and bringing with it many efficiencies, but it’s also exposing where governance, data and process design have not reached the ideal maturity to properly support deploying AI at scale. Those CIOs who can rapidly fix their foundations will be faster to reach their AI ambitions and to realise the full value of their AI deployments.
Hertz is actually an example of an organisation that is leveraging Agentic AI to modernise its core technology and operations which in turn is helping Hertz accelerate decision making, improve reliability and deliver a faster, more seamless rental experience to customers
In reality, organisations need the operational foundation to run AI at scale as the technology is advancing much faster than the environments it runs in. Most enterprises were built for people-led operations (ticketing systems, manual approvals, etc.), not people-led autonomous systems—so they’re trying to run high-speed AI on infrastructure designed for a world of the past. This gap is most visible in core enterprise environments such as mainframe, where decades of embedded business logic, regulatory controls and operational dependencies leave little tolerance for opaque or poorly governed automation. So, the key will be closing that gap so they can scale AI responsibly and reliably.
Autonomous systems reveal hidden weaknesses
Leveraging agentic AI can make existing weaknesses such as inconsistent data quality and legacy infrastructure impossible to ignore. It is a natural consequence of a business that grows organically.
Some workflows are fragmented with manual hand-offs and unclear decision rights. Many organisations experience some level of inconsistent data quality, and – aside from the latest cloud and AI-native start-ups – most will face varying challenges with legacy infrastructure that will only grow in complexity and dependencies that can impact operational resilience. Weak accountability across various systems can exacerbate this and slow down decision-making
Layering agentic AI onto an already technical debt filled foundation should not be expected to fix workflows or business processes. And yet enterprises want to reap the benefits of agentic AI.
The Kyndryl Readiness Report uncovered that trusted deployment is being slowed by security, compliance and control concerns, with 31% citing regulatory or compliance concerns as a barrier to scaling their recent technology investments. Unsurprisingly, in regulated sectors, these constraints are especially visible.
Put compliance and control to the front and centre
Compliance, control, and explainability are the central themes of fixing enterprise foundations. If agentic systems are to be deployed seamlessly and responsibly across an enterprise, then organisations need to formalise their policies, decision rights and accountability. The implicit must be made very explicit - for example, policy cannot sit in a PDF or within a governance committee, it must be operationalised within actual workflows.
Policy as code (PaC) is the route to alleviating many of these challenges in the AI era.
A PaC capability addresses these concerns by defining operational boundaries and designing agent actions to remain explainable, reviewable, and aligned with business and regulatory standards. This combination can also help to drastically reduce costs, accelerate decision-making, eliminate errors and power AI-native workflows under defined policy guardrails.
The capability also helps overcome the limitations of conventional AI agent controls and provides the structure users need as they adopt agentic AI solutions. By embedding and codifying business and regulatory requirements directly into AI agent operations, they can execute AI workflows with governance, transparency and explainability aligned with their organisation’s values. The aim is a logical enforcement layer dynamically governing how AI agents execute, interact, and operate across systems.
Example of policy as code differentiated capabilities
Deterministic execution: Agents only execute actions permitted and enforced by pre-defined policies, reducing operational risk.
Reduced hallucination impact: Guardrails block unpredictable or unauthorised actions, significantly reducing the operational impact of agentic hallucinations.
Audit-by-design transparency: Each agent action and decision is logged and explainable, supporting compliance and oversight.
Human supervision: Agents execute tasks aligned with established and testable policies that are observed by humans via a dashboard to ensure consistency.
This creates an environment where agents work within defined operational boundaries, maintain human supervision, and move away from the major problem with LLMs, non-deterministic outputs, to offer deterministic execution -- a long‑standing expectation in mainframe operations -- that reduces operational risk.
It’s a maturity shift from discussing principles to encoding them as governance into the autonomous workflows, to run without excessive oversight in the real world.
Learn from a previous paradigm problem
Consider the private cloud parallel and see the lesson it offers CIOs navigating the current challenge.
Many organisations adopted early private cloud models before their operating models were fully ready to support them. It’s the same kind of risk with agentic AI if placed on top of broken end-to-end processes. And turning back to our report data, 95% of leaders said they would change how they implemented their cloud strategy with the benefit of hindsight.
The private cloud lesson is that the value of ambitious technology is delayed when transformation starts with tooling instead of the operating model, process redesign and integration.
Hertz managed this process by modernising its core technology, streamlining its critical processes and consolidating multiple platforms. It improved reliability and integrated automation into its workflows rather than bolting it on.
In general, too many proofs of concept are built as leadership showcases - they depend on idealised data and narrow demo conditions, and they break under real operational constraints. Modest and careful principles are the wisest when managing a large and risky transformation.
Start small and stay controlled
Narrow the scope enough to describe in one sentence
Use manageable infrastructure
Use datasets simple enough for human inspection and the expertise you have at hand
Build on AI-ready foundations including governed data and embedded security
The problem is often not the model, it’s the gap between a polished demonstration and the complex realities of enterprise operations.
What CIOs should do now to scale agentic AI responsibly
The path to success should always be, at a high level, very simple.
First, identify where agentic AI depends on any weak processes, poor data or unclear ownership. Then, put governance into execution through clear policy, oversight and explainability. Third, scale only from controlled use cases that sit on strong infrastructure with clear business outcomes.
Agentic AI success will ultimately come from sound principles as with other major transformations. Reimagine the outcomes first, align the classic technology, talent and process factors, and build flexibility in - which matters as much as the tools themselves.
The organisations that get value from agentic AI will not be the ones that move fastest to deploy it everywhere, but the ones that use it to force clarity into how work is governed and executed.
