IBM’s latest study says enterprise AI is growing faster than the governance, visibility and financial controls around it. The report is based on a global survey of 2,000 C-level technology executives across 33 geographies and 19 industries. IBM says the gap is widening as companies move AI from pilots into enterprise-wide deployment.
The major finding is that many CIOs and CTOs are now responsible for AI systems they do not fully control. IBM says two-thirds of surveyed technology leaders are accountable for systems they cannot realistically supervise, while 70% say teams across the business are deploying technology faster than IT can track.
IBM also says only 11% of respondents feel completely prepared for the scale of AI agent deployment expected over the next year.
IBM’s findings describe a current operational problem within large enterprises, where AI adoption is outpacing internal oversight structures.
[Also Read: 76% of Firms Now Have Chief AI Officers, IBM Research Shows ]
CIOs and CTOs face a growing AI control gap
According to the report, 77% of organizations say AI adoption is already outpacing current governance capabilities. The pressure is also coming from the top: 80% of respondents said they have CEO-driven AI transformation mandates.
IBM’s CIO, Matt Lyteson, said the challenge is no longer just deploying AI faster. In the release, he said organizations now need to redesign how they control, govern and invest in AI, and embed visibility from the start if they want to scale with confidence. That is a clear signal that the old model of centralized IT approval is not keeping up with machine-speed systems.
As AI scales, operational and security risks are growing
The study found that organizations experienced an average of 54 AI agent incidents last year, where an unintended or harmful event required human correction. Of those incidents, 17% were high severity and took more than four hours to contain. IBM says 37% of the incidents led to data exposure or security breaches, 33% caused cascading system failures, and 17% triggered compliance issues.
The report also says organizations that rely on manual governance see incident risk rise as AI adoption scales. By contrast, firms that embed control directly into their AI systems experience 25% fewer incidents. That is one of the more practical findings in the study because it suggests governance cannot remain a manual afterthought once AI systems begin acting continuously.
[Also Read: 70+ AI Statistics 2026: Adoption, Market Size, Enterprise Trends (Global & India) ]
IBM’s report shows that AI spending is rising quickly, but management discipline is lagging. The study says AI spend is projected to rise from just under 15% of IT budgets in 2025 to nearly 25% by 2027. Yet 84% of surveyed technology leaders have not fully operationalized AI financial management, and 85% still lack full visibility into real-time AI spend.
That is important because many companies are treating AI as a growth initiative without building the budget controls that usually accompany a large-scale technology rollout. In practical terms, that means more spending is happening before executives have a full picture of where the money is going or what return it is producing.
Organizations that redesign AI control see stronger outcomes
IBM’s study also shows that companies with stronger structures are getting better results. IBM says organizations that build control into their AI systems deploy 16 times more AI agents than those relying on manual governance, deliver 18% higher operating margins, and spend four times less of their AI budget. The report also shows that firms with strong financial discipline deploy 2.4 times as many AI agents without raising their AI/IT budget and are three times more likely to say they are fully prepared for AI at scale.
The report also shows that organizations that designed for adaptability early, by keeping workloads portable and models replaceable, reported a 10% higher return on AI investment in 2025. That means the winners are not only the fastest adopters, but the ones that built flexibility into their architecture.
[Also Read: AI Is Growing Faster Than the World’s Data Centers Can Handle ]
What it means
The practical meaning is that enterprise AI is entering a control phase. The first question was whether companies could deploy AI at all. The next question is whether they can govern it, measure it and contain its risks without slowing it down. IBM’s study says many organizations are not there yet.
For CIOs and CTOs, AI strategy now has to include architecture, governance, finance and risk control from the start. For enterprises, the report suggests that AI scale will depend less on enthusiasm and more on whether the company has built systems that can track agents, spending and incidents in real time.



















