Size, scale and maturity do not offer an out on manual engineering work. At Thoughtworks we execute an “automate everywhere” ethos; when the engineering task is repeated, ideally it is automated so it is repeatable and scalable.
The time, toil and tears caused by approvals, pipeline babysitting and policy checks slow delivery and drain energy. Traditional deterministic automation is effective when steps are clear, data is clean but when ambiguity arises, teams are forced to jump back in. Agentic AI operates in this messy non-deterministic space and is capable of reading unstructured data and documents, interpreting intent, taking the next best action across systems of record, differentiation and engagement.
What Agentic AI Actually Is
Agentic AI systems own objectives using models like LLMs to understand context, choose tools and take action. LLM workflows are linear and triggered by users or system events while agents are persistent, stateful and proactive; determining which steps matter, when to escalate and how to handle ambiguity. While the practical difference is autonomy the strategic difference is a shift in operating models, not just upticks in productivity.
People and Culture First
Technology alone is not able to rewire or reinvent an operating model, social scaffolding must be built first. This scaffolding should articulate when teams should trust the agent, question it or take control because human-in-command beats human-out-of-the-loop. Upskilling product owners, engineers and risk leaders in crafting prompts, safe escalation and red teaming closing the loop and driving insights back into the system. Proactively addressing the socio-technical and cultural dimensions organizations can avoid glossy demos and brittle POCs that fail effective operationalization.
Operational Playbook: Launch, Run, Enhance, Retire
What problem are you trying to solve? If looking for agentic use cases start with one sharp objective, ideally a value stream with clear metrics.
Consider the journey from supervised automation human-in-the-loop, to human-as-an-exception-handler to human-as-auditor. Piloting agents with supervision allows teams to review decisions ensuring trust. The agent’s prompts, tools and memory can be refined and iterated, setting up a shift into human-in-the-loop management with kill switches at the ready.
Aligning business and technology strategies. Agents are software and should be managed with the same rigor and principles as versioned products with published roadmaps, named owners and planned budgets. Observability is key to understanding metrics such as cost, performance, satisfaction, and risk. Models will continue to evolve so continuous evaluation and guardrails are critical. Skip these and agents can have unintended consequences like sprawling into shadow IT, runaway cost controls and erosion of brand value or worse; operational impact.
Once brilliant at the basics, enhancing and taking advantage of multi-agent orchestration, dynamic trust contracts and adaptive permissions becomes achievable. Agents can learn from the telemetry inside the guardrails testing new tactics, failure modes and compliance checks prior to production preventing runaway behaviors.
Every agent needs an inception to retirement path, measurement should be ongoing and longitudinal. If not achieving outcomes it should be refactored or retired.
Sourcing Strategy
Thoughtworks recently delivered an agent-based solution for a global manufacturer that automates contract renewals across demand planning, procurement, customer service and support. The system uses a network of AI agents with well-defined scopes so each agent understands its approved actions and limits while working side by side with human teams.
Organizations typically adopt one of three approaches:
- Vendor-embedded agents
Selected when differentiation is low and tight platform integration is essential. Examples include SFDC Agentforce, ServiceNow Agent Fabric and SAP Joule. - Framework-based agents assembled in-house
Chosen to balance speed with greater architectural control. Common toolkits are Google AgentSpace, Microsoft Agent Builder and AWS Bedrock Agent Builder. - Fully bespoke agents for core domains
Required where intellectual property, risk or domain complexity demand full ownership. Teams often build with CrewAI, LangChain/LangSmith or DSPy.
Select the model that fits your risk tolerance, compliance obligations and need for strategic differentiation. Partner with vendors on your own terms rather than letting them frame the problem.
AgentOps Playbook
Successful deployments start with clarity on who does what. A cross-functional AgentOps team will run the control plane, policy gateway and observability stack, while every agent has a named product owner who owns the value hypothesis, backlog and sunset criteria. Decision boundaries should be explicit: spelling out what agents can do autonomously, when they must seek human approval and triggers that force escalation. Teams should publish human-in-command steps so operators and auditors see accountability chains within the agent’s logic.
Governance should be run on an understood cadence. Monthly reviews of guardrail strikes and fixes, spending trends, and which agents are ready for retirement. Quarterly exploration and reporting on model drift, security posture, and sourcing choices.
Investing in professional development specifically in areas like prompt strategy, simulation design, red teaming, and incident response will help keep knowledge, skills, and abilities current. This continuous learning will foster communities of practice, facilitating the circulation of playbooks, near misses, and improvements.
Funding should be linked to outcomes by exposing unit economics so teams have visibility to cost and value side-by-side rewarding them for retiring low value agents as readily as launching new ones. Driving transparent change through internal sessions, showcases and celebrations will help address displacement fears directly highlighting augmentation and new roles instead of quiet replacement.
The Technical Foundation and Control Plane
Think in layers; hardening independent yet well-orchestrated tiers. Separating platform tiers delivers practical advantages. It gives organizations leverage with vendors enabling swapping out of models, stores or pipelines if and when pricing or contractual terms change. Compliance becomes an architectural property enabling new audit or privacy module incorporation into the mesh without taking systems offline.
Financial transparency improves because each tier carries its own budget, enabling traceable return on investment. Innovation accelerates when user-experience, model, and infrastructure teams can ship at pace. The orchestration and policy plane is the heartbeat that synchronizes these moving parts; owning it keeps your organization nimble as costs, suppliers, and regulations evolve.
To sustain that agility you must design for several hard dependencies. Foundation models provide the core reasoning and language capabilities. Agent frameworks such as LangGraph, CrewAI, and ReAct supply planning logic and tool orchestration. Secure, well-documented APIs expose business functions, while memory strategies strike a balance between personalized context and strict privacy rules. Identity services must issue short-lived, scoped credentials for non-human actors. Robust observability is essential for tracing reasoning chains, tracking latency and cost while flagging guardrail violations. Finally, build fallback routines that handle tool failures or policy breaches without human rescue.
Whenever a vendor advertises “autonomous” solutions, ask how they address each of these dependencies. If their answers are vague, they transfer risk to you while withholding the levers you need to stay in control.
Security and Risk Posture
Danger Will Rogers! Beware the risks of not adopting AI agents responsibly. Boards must understand that maintaining their customers’ trust and confidence through responsible and explainable AI is not just a regulatory obligation, it’s a strategic advancement. Practical application of a living Governance Playbook entails adopting a Zero Trust approach, verifying data origins, and regularly engaging in red teaming exercises.
Threat modeling should align with frameworks like NIST AI Risk Management Framework and/or MITRE ATLAS. Executive teams and boards should be regularly briefed using clear dashboards that illustrate risk trends and the effectiveness of implemented safeguards. This governance process should be ongoing, rather than a once-a-year formality.
It is crucial to recognize the dangers associated with failing to implement AI agents responsibly. Boards must comprehend that upholding customer trust and confidence through responsible and explainable AI practices is not merely a regulatory requirement, but a significant strategic advantage.
Economics and Value Measurement
Focusing on ongoing improvement. Treat each agent like a cloud service whose performance and business impact are fully visible. Publish cost metrics such as token consumption, GPU hours, and storage, alongside outcome metrics like cycle time reduction, mean time to recovery, and the frequency and severity of guardrail triggers. Establish unit economics such as cost per incident avoided and cost per ticket resolved, then circulate these figures regularly. Finance and product teams should jointly own the narrative so that funding remains tied to measurable outcomes and the enterprise clearly sees the value delivered.
What Comes Next?
As the state of the art evolves we can expect policy engines that adjust permissions in real time, watermarking and attestation that follows content and agentic decisions. In a model foreshadowed in software quality, blue and gold deployments and paths to production isolated sandboxes testing adversarial scenarios without touching production will emerge. Multi-agent ecosystems will negotiate budgets and schedules within guardrails rather than static allocations. Leading organizations will treat the agent platform as strategic infrastructure enabling operating models, owning orchestration and policy while measuring outcomes relentlessly without losing sight that people matter as much as code.
Executive Closing Thought
Be a technology leader to unlock greater returns. Agentic AI is a new operating layer, not just another feature. Control your orchestration and policy layers, codify your rules and insist on proof-of-value from day one. Move fast where impact is clear, slow down when governance is not ready and build the organization capability to launch, manage, enhance and retire agents as naturally as you ship code. This is how autonomy becomes an advantage that you can scale with confidence.
