Skip to main content

For CIOs, being held accountable for AI systems they can’t see isn’t just a governance problem. It’s a visibility problem. For most CIOs right now, it’s both.

Key Takeaways

  • IBM’s June 2026 IBM Institute for Business Value (IBV) study of 2,000 CIOs and CTOs found two-thirds are accountable for AI systems they don’t fully control.
  • 70% say teams across the business are deploying technology faster than IT can track.
  • Only 11% believe they’re fully ready for the scale of AI agent deployment expected in the next year.

The Accountability-Visibility Mismatch

When a board or CEO asks whether the organization’s AI is governed, secure, and delivers value, the expected answer is yes. The honest answer for many CIOs right now is, “I think so, but I can’t prove it.”

That’s a consequence of how quickly AI has spread across departments, procurement paths, browser-based tools, SaaS platforms, and workflow automations. The June 2026 IBM IBV study put numbers to the problem: two-thirds of surveyed CIOs and CTOs report being responsible for AI systems they don’t fully control, and 70% say business teams are deploying technology faster than IT can track. That gap won’t close on its own.

The root cause is the same dynamic that created shadow AI across enterprise environments. Teams find tools that work and deploy them. IT finds out later, if at all. The difference now is that those tools increasingly include agents that can take actions across business systems, not just employees using unapproved apps.

What “Not Fully Controlling” Actually Means

The control gap shows up most often in three places:

1. Deployed Tools With No Central Inventory

The full picture of AI tool sprawl across the enterprise found that the average enterprise is running 23 different AI tools, yet only 38% maintain a comprehensive inventory. That leaves many CIOs unable to enumerate which AI tools are in operation, who owns them, what data they touch, or whether they’re still producing value. The full picture of AI tool sprawl is one of the most consistent surprises in enterprise AI audits.

2. Agents Operating Without Governance

Gartner projects that 40% of enterprise applications will include task-specific AI agents by the end of 2026, up from less than 5% in 2025. Some agents will arrive inside approved enterprise applications. Others will appear through team-built automations, no-code workflows, and SaaS features IT didn’t evaluate as separate agent deployments. Either way, the governance requirements are different from human-initiated AI use because agents can keep acting after the initial trigger.

3. Spend With No Attribution

When AI spend is scattered across team expense accounts, personal subscriptions, cloud infrastructure billing, and SaaS tier upgrades, the CIO often has no reliable number for total AI cost. Larridin scan data shows an average of 18% of enterprise AI spend is unattributed and can’t be connected to a team, use case, or outcome. That attribution gap becomes harder to defend as finance, security, and the board ask what AI is costing and what value it’s producing.

Why 11% Ready for Agent Scale Is the Number That Matters Most

The IBM finding that only 11% of CIOs and CTOs feel ready for the scale of AI agent deployment coming in the next 12 months is the number that should stay with leadership teams. Agents represent the steepest version of the accountability problem.

Employees accessing unapproved AI tools create data exposure. Agents interacting with business systems, making decisions, and triggering downstream processes create operational risk that scales with activity volume, not headcount. One unmanaged tool can create a visibility problem. One unmanaged agent can repeat a bad action until someone notices.

CIOs who are ahead of this are building visibility infrastructure before the agent footprint grows further. The AI Adoption dashboard and Workflow Intelligence platform together provide the continuous, enterprise-wide view that makes accountability meaningful rather than nominal.

Closing the Gap Without Slowing the Business

The instinctive response to a control gap is to impose controls. But restricting AI access to close a visibility gap creates a different problem: it drives usage underground and recreates the same shadow AI patterns that caused the gap in the first place.

The approach that works is visibility-first governance: automated discovery that surfaces what’s already running, attribution that connects each tool and agent to an owner and budget, and continuous monitoring that updates in real time rather than relying on periodic audits. That gives CIOs the evidence base to answer accountability questions without slowing down the teams generating value. The broader governance framework is covered in our AI governance guide.

Frequently Asked Questions

Why are CIOs accountable for AI systems they don’t control?

AI deployment has outpaced IT governance in many enterprises. Business teams deploy tools faster than central tracking mechanisms can keep up, and the procurement, shadow subscriptions, and agent deployments that result often never enter the official IT inventory. The accountability still exists at the organizational level, even when the visibility does not.

What is the fastest way for a CIO to get visibility into enterprise AI?

Automated discovery that captures browser and desktop telemetry, API activity, and application usage across the enterprise. Self-reported inventories and manual audits are too slow and consistently undercount both the tools in use and the agents in operation.

How do CIOs balance AI governance with business agility?

By building visibility infrastructure rather than restriction infrastructure. Discovery and attribution give CIOs the information they need to make governance decisions without defaulting to blanket access controls that slow teams down and push AI usage into shadow subscriptions.

What should a CIO do if they discover AI tools they didn’t know about?

Start with attribution before enforcement. Understanding which teams are using which tools and why tells you whether you have a shadow AI problem, an unmet need problem, or both. The CIO guide to AI monitoring covers the response framework in more detail.

Take Back Control Without Slowing Down

Larridin gives CIOs a continuously updated, enterprise-wide view of every AI tool and agent in operation, creating the visibility foundation required to be genuinely accountable for what they’re responsible for.

Book a discovery call to see your AI landscape in real time.

  • CIO Guide to AI Monitoring
  • AI Agents Are Operating in Your Business Right Now
  • What Is AI Governance?
  • The Governance Crisis: 77% of Adoption Outpacing Controls