Richard Hill

Judgement for AI-mediated work

Category: Governance

  • Drafting Is Not Deciding

    When text becomes cheap, organisations start making decisions by accident.

    That is the central governance risk of generative AI in everyday work. Not hallucinations. Not “bias” in the abstract. The more common failure mode is quieter: fluent drafts begin to function like commitments. The pause where judgement normally sits is compressed, displaced, or skipped entirely.

    This is not primarily a technology problem. It is an operating problem.

    Judgement is a decision, not a view

    Judgement is what you do when there is no clean rulebook, the evidence is partial, and the consequences matter.

    It has four features.

    • Uncertainty is real, not cosmetic
    • Trade-offs are unavoidable
    • Reversibility is limited
    • Accountability attaches to someone, whether you like it or not

    That is why judgement cannot be reduced to “good writing” or “better thinking”. It is organisational work that needs roles, boundaries, artefacts, and review.

    If you want to find judgement in the wild, look for moments where the organisation cannot simply “follow the process”, and somebody must own a choice.

    The draft–decision collapse

    Modern organisations already run on documents. Emails, policies, proposals, HR notes, risk assessments, customer communications. These texts do not merely record decisions. They often trigger action as if a decision has been made.

    Generative AI accelerates this because it produces text that is fast, fluent, and socially credible. The fluency is the trap. A draft that reads well feels complete. That feeling is not evidence.

    The result is what I will call the draft–decision collapse. The boundary between “we are drafting” and “we are deciding” erodes. A piece of text is circulated, and the organisation behaves as if commitment has occurred.

    You can see this in small, expensive moments.

    • A customer email includes a deadline, a refund, or an exception that nobody consciously authorised.
    • HR notes drafted for “professional tone” drift into inference about motive, and later become evidence under subject access or dispute.
    • A policy update makes a subtle shift in risk posture because the wording sounds reasonable.
    • A procurement response contains unverified claims that then become part of the audit trail.
    • An internal briefing becomes “the plan” because it looks coherent, even though it is assembled from fragments.

    The AI did not decide. The organisation acted as if it had.

    Speed now, rework later

    The immediate benefit is throughput. The downstream cost arrives later, and it is distributed across teams.

    Typical outcomes include:

    • rework, because the exception is discovered after it has been implied in writing
    • stress, because accountability lands on whoever clicked send
    • reputational exposure, because polished language reads as official position
    • legal and compliance risk, because records contain unauthorised commitments or loaded statements
    • erosion of trust, because nobody can trace who approved what

    This is why “productivity” can become a misleading metric in AI-assisted environments. Output rises, but coherence can fall. You get more text and less clarity about what is true, what is agreed, and who owns the consequences.

    Decision rights are the core unit of governance

    A lot of AI governance is principle-heavy and operationally thin. Principles matter, but organisations fail at the level of decision rights.

    Decision rights answer questions such as:

    • Who can commit money, deadlines, or service levels?
    • Who can approve exceptions to policy?
    • Who can accept risk on behalf of the organisation?
    • Who can publish statements that external parties can treat as official?
    • Who is accountable when this goes wrong?

    Generative AI blurs decision rights because it enables decision-shaped text to be produced by people who do not hold authority to commit. The remedy is not panic, and it is not simply training. It is to rebuild the boundary between drafting and deciding into the workflow.

    Evidence discipline, applied

    Judgement quality is strongly linked to evidence discipline. What counts as “enough” evidence to justify commitment?

    AI-assisted drafting increases the risk that evidential standards become implicit and inconsistent. The text looks finished before the claim is justified.

    A practical way to restore evidence discipline is to make standards explicit in categories:

    • Must verify: facts, figures, dates, prices, terms, references, compliance claims, clinical or legal assertions.
    • Must attribute: sources, datasets, assumptions, and who supplied the information.
    • Must log: rationale, uncertainty, trade-offs, dissent, and alternatives considered.
    • Must escalate: exceptions, novel risks, reputational exposure, and anything difficult to reverse.

    This is what “epistemic governance” looks like when you take it out of the seminar room and put it into operations. It is governance over how claims are formed, justified, and validated inside the organisation.

    Without it, the organisation drifts into a substitution: it treats fluent text as evidence of adequate reasoning.

    Judgement as an operating model

    If judgement is organisational work, it belongs in the operating model. Not in a slide deck about values.

    A workable operating model for judgement has a few visible components.

    Tempo

    Where do decisions actually happen?

    • Which meetings and checkpoints function as decision points in practice?
    • Where are exceptions approved, and by whom?
    • What is the minimum pause required before a draft becomes a commitment?

    Artefacts

    What gets produced when a decision is made?

    If the artefact is only a polished email, then decisions will be enacted without rationale, evidential trace, or clear ownership. Stronger artefacts include short decision notes, sign-off records, risk acceptances, and decision briefs that make the basis of commitment explicit.

    Controls

    Controls should be selective and proportionate. They should sit where irreversible cost lives.

    Examples include pre-send review for customer communications with financial implications, second-person review for HR notes, approval gates for policy changes, and escalation triggers when language shifts from exploratory to committing.

    The goal is not bureaucracy. The goal is to prevent unauthorised commitments wearing the disguise of professional prose.

    Feedback and learning

    Judgement improves when it is reviewed.

    • Were the assumptions warranted at the time?
    • Did the decision produce the intended effect?
    • What was missed or mis-weighted?
    • Should evidence thresholds change?

    Without review, organisations do not learn. They repeat the same failure patterns at higher speed.

    Make judgement visible

    One of the most effective interventions is simply to make judgement visible and inspectable.

    A judgement log is a lightweight record of:

    • the decision being made
    • options considered
    • evidence available at the time
    • uncertainties and risks
    • who owned the decision
    • what would change the decision
    • when it will be reviewed

    Used properly, this improves decision-making in the moment by forcing explicitness. It also improves learning later by reducing hindsight reconstruction.

    There is an obvious failure mode. Logs can become performative, post-hoc justification. The difference is follow-through. A judgement log without review is just a nicely formatted opinion.

    So the practice needs review tempo, scheduled points where judgements are confirmed, refined, or reversed, with explicit notes on what was learned.

    The point

    The risk is not bad AI. It is invisible decisions.

    When drafting becomes effortless, organisations start committing to things without noticing, and then cannot trace who approved what. The response is not to ban tools or publish vague principles. It is to design operations so that drafting and deciding are separated, decision rights are explicit, evidence standards are operational, and judgements are recorded and reviewed.

    Text is getting cheaper. Accountability is not.

     

  • A Comprehensive Guide to Governance for Small Businesses Considering Agentic AI

    A Comprehensive Guide to Governance for Small Businesses Considering Agentic AI

    Why even the smallest companies need robust governance to succeed with AI adoption.

    Table of Contents

    1. Introduction: The Rising Importance of Agentic AI
    2. What Is Agentic AI?
    3. Why Governance Matters, Even for Small Businesses
    4. Key Components of Governance in the Context of Agentic AI
    5. Pitfalls of Ignoring Governance
    6. A Five-Stage Readiness Assessment (With Governance at the Core)
      6.1 Strategic Alignment and Goal Setting
      6.2 Data Maturity Assessment
      6.3 Technology Infrastructure and Security Evaluation
      6.4 People and Culture Readiness
      6.5 Governance and Change Management
    7. Case Study: How a 12-Person Marketing Firm Implemented AI with Strong Governance
    8. Final Thoughts and Next Steps

    1. Introduction: The Rising Importance of Agentic AI

    Small businesses are often hailed as the backbone of the global economy. They account for a significant portion of employment, innovation and local community growth.

    As technology evolves, these businesses must also evolve to remain competitive and efficient. Artificial intelligence (AI), in particular, has become increasingly accessible, with applications ranging from chatbots to stock management tools.

    Agentic AI is the next big leap in this realm.

    It refers to AI systems capable of taking autonomous actions, such as initiating workflows, making decisions, learning from outcomes and adapting processes, all with minimal human oversight.

    By harnessing agentic AI, small businesses can automate repetitive tasks, free their staff for more strategic work and potentially outmanoeuvre larger competitors through speed, insight and innovation.

    However, with great opportunity comes substantial complexity.

    Many small business owners are sceptical of the concept of governance, often viewing it as a corporate-level concern with little relevance to their day-to-day operations.

    This guide aims to dispel that myth, showing why governance is absolutely essential for small businesses adopting agentic AI.

    By implementing the right governance structures, even the smallest firms can mitigate risks, ensure ethical practices and foster sustainable growth in the rapidly changing AI landscape.

    2. What Is Agentic AI?

    Before examining governance in detail, let us clarify what we mean by agentic AI.

    Traditional AI systems usually focus on a single task, such as image recognition or recommendation engines, and require ongoing human intervention for updates or decision-making. Agentic AI goes further by being:

    • Autonomous: It can initiate actions or decisions without waiting for human prompts.
    • Adaptive: It learns from real-world feedback and refines its processes continuously.
    • Context-Aware: It understands the broader environment (for example, market trends or user preferences) and can shift tactics accordingly.

    Imagine an online shop that uses agentic AI to manage inventory. The system does not simply generate a report suggesting what to reorder.

    Instead, it automatically places an order based on real-time sales data, seasonal trends and supplier relationships. If it detects a sudden spike in demand, perhaps due to a viral social media post, it might expedite shipping or dynamically adjust pricing.

    All this happens without human intervention, significantly reducing the time and errors associated with manual processes.

    3. Why Governance Matters, Even for Small Businesses

    The word “governance” often conjures images of large corporations with layers of bureaucracy.

    However, governance is not about unnecessary complexity; it is about clarity and accountability.

    For small businesses, governance provides a framework to make consistent, ethical and strategic decisions, especially when deploying powerful technologies like agentic AI.

    1. Risk Management
      Even small businesses face risks: data breaches, legal liabilities and reputational damage. A governance structure helps identify these risks early and implement policies to mitigate them.

    2. Ethical Usage of AI
      AI systems, especially those that act autonomously, can inadvertently perpetuate biases or engage in unfair practices if not monitored. Strong governance ensures that AI decisions align with your business’s values and legal standards.

    3. Customer and Stakeholder Trust
      In an age where data privacy is under increasing scrutiny, having transparent policies builds trust. Customers are more likely to do business with companies that handle their data responsibly.

    4. Long-Term Sustainability
      Without governance, technology initiatives can become ad hoc and short-sighted. Establishing guidelines, responsibilities and processes ensures that your AI adoption is sustainable and adaptable as the business grows.

    5. Regulatory and Legal Compliance
      Data protection laws, such as the UK’s Data Protection Act and GDPR (where applicable), can affect companies of all sizes. Proper governance helps small businesses remain compliant and avoid costly fines or litigation.

    In short, governance is not a luxury reserved for large corporations. It is an essential protective and guiding mechanism that can save small businesses from costly mistakes, ensuring that agentic AI remains an asset rather than a liability.

    4. Key Components of Governance in the Context of Agentic AI

    Governance involves setting up frameworks that guide how decisions are made, who is accountable and how outcomes are measured and reported. In the realm of agentic AI, several core governance components stand out:

    1. Roles and Responsibilities
      • Designate clear owners for AI-related decisions. This might be a specific staff member (an “AI champion”) or a small steering committee.
      • Outline who is responsible for approving AI deployments, reviewing performance and managing risks.
    2. Ethical Guidelines
      • Document how your business intends to use AI ethically, ensuring no group is unfairly targeted or disadvantaged.
      • Address transparency. For example, if your chatbot interacts with customers, do they know they are speaking to AI?
    3. Data Policies
      • Define how data is collected, stored, shared and protected.
      • Clarify who has access to sensitive data and how you will handle data breaches or violations.
    4. Performance Measurement
      • Establish KPIs (Key Performance Indicators) for AI projects, for example cost savings, time savings or accuracy of predictions.
      • Monitor these metrics regularly to ensure the AI is delivering the intended value and not drifting into undesirable behaviour.
    5. Compliance and Regulatory Monitoring
      • Identify relevant regulations (consumer privacy, financial reporting, industry-specific rules) and integrate these into your AI processes.
      • Update policies as regulations evolve.
    6. Continuous Improvement
      • Governance is not a one-off exercise. As your business and AI capabilities expand, revisit governance policies periodically to ensure they remain effective and relevant.

    5. Pitfalls of Ignoring Governance

    Without a structured governance framework, small businesses can encounter serious problems:

    1. Unintended Bias or Discrimination
      If an AI model bases hiring or lending decisions on incomplete or skewed data, it might discriminate against certain groups, leading to legal actions and reputational harm.

    2. Security Vulnerabilities
      Autonomous systems with minimal oversight can become gateways for cyberattacks or data breaches if not properly secured.

    3. Reputational Damage
      Customers may lose trust in a business that misuses or carelessly handles their data. Negative reviews and word-of-mouth can drastically harm a small operation.

    4. Financial Losses and Legal Risks
      Inefficient AI projects can waste resources, and non-compliance can result in heavy fines.

    5. Employee Resistance
      Without proper guidelines, employees may resist or misunderstand AI adoption, seeing it as a threat rather than a tool. This impedes the realisation of potential benefits.

    The key takeaway is that neglecting governance can lead to short-term gains overshadowed by long-term costs. By proactively addressing governance, small businesses set themselves up for sustainable growth and resilience.

    6. A Five-Stage Readiness Assessment (With Governance at the Core)

    Many challenges around AI adoption can be tackled through a thorough readiness assessment. Governance is integral to each step, so here is a structured approach to ensure it remains central.

    6.1 Strategic Alignment and Goal Setting

    Why It Matters
    For agentic AI adoption to bring real value, it must connect firmly with your overarching business objectives. Aimless AI investments often fail to deliver results and can cause confusion or scepticism within the organisation.

    Key Activities
    1. Identify Business Challenges
    – Which processes are most time-consuming? Which areas face the biggest operational bottlenecks?
    2. Define Success Metrics
    – Common examples include reduced operational costs, improved customer satisfaction, increased revenue or faster turnaround times.
    3. Perform Market and Competitive Analysis
    – Understand how similarly sized businesses in your sector utilise AI. Identify gaps or opportunities.

    Governance Consideration
    Set Decision-Making Criteria: Document how AI projects will be approved. For instance, you might require that any proposed AI project tie directly to a clearly stated business goal.
    Ethics Filter: Evaluate AI use cases through an ethical lens, for example data sensitivity and fairness.

    Reflective Question:
    Have you established a formal process for approving AI-related investments or pilot projects to ensure alignment with strategic goals?

    6.2 Data Maturity Assessment

    Why It Matters
    Agentic AI learns from your data. If that data is disorganised, incomplete or biased, the AI’s decisions will be flawed. Small businesses often rely on spreadsheets or disparate systems, making this stage particularly important.

    Key Activities
    1. Map Data Sources
    – Where is your data stored: cloud-based systems, local servers or paper records?
    2. Assess Data Quality
    – Check for errors, inconsistencies or duplications in your datasets.
    3. Data Governance Policies
    – Document who owns which datasets, who holds access rights and what security measures are in place.

    Governance Consideration
    Data Stewardship: Assign roles for data oversight. This could be part-time for someone already handling data-intensive tasks.
    Compliance Checks: Ensure adherence to regulations such as the UK’s Data Protection Act or GDPR, if applicable.

    Reflective Question:
    Have you designated a person or team to regularly audit data quality and usage to maintain ethical and legal standards?

    6.3 Technology Infrastructure and Security Evaluation

    Why It Matters
    Agentic AI can be resource-intensive, requiring robust IT infrastructure and advanced security. Underestimating these needs can lead to system overloads, hacking vulnerabilities or compliance breaches.

    Key Activities
    1. Review Current IT Setup
    – Is your infrastructure on-premises or in the cloud? Evaluate scalability for AI workloads.
    2. Evaluate Integration Points
    – How easily can your systems connect with AI solutions?
    3. Security Audit
    – Check encryption, firewalls and access controls to prevent unauthorised data access.

    Governance Consideration
    Security Policy: Maintain clear guidelines on user privileges, data encryption and security updates.
    Vendor Accountability: If you use third-party AI solutions, incorporate contractual obligations for data security and service-level agreements.

    Reflective Question:
    Do you have documented procedures and escalation paths if a security breach or system failure occurs?

    6.4 People and Culture Readiness

    Why It Matters
    Even the best AI initiatives can fail if the workforce feels threatened or uninformed. Cultural readiness includes skill-building, transparent communication and a clear understanding of how AI complements, rather than replaces, human roles.

    Key Activities
    1. Skills Gap Analysis
    – Assess current team capabilities, such as data analytics, coding or project management, and where additional training might be needed.
    2. Upskilling and Training
    – Offer accessible training or online courses to help employees grasp AI fundamentals.
    3. Cultural Alignment
    – Communicate early and often about AI’s intended uses. Involve team members in pilot projects to build ownership and minimise resistance.

    Governance Consideration
    Code of Conduct: Develop clear guidelines on ethical and responsible AI usage.
    Transparency Measures: Ensure employees know how AI makes decisions and how they can raise concerns.

    Reflective Question:
    Do you have formal channels, such as regular team meetings or suggestion boxes, where employees can report AI-related issues or concerns?

    6.5 Governance and Change Management

    Why It Matters
    Introducing AI into any organisation is a significant change. Proper governance ensures this change is managed responsibly, ethically and with clear oversight. It is not a one-time step but an ongoing commitment to monitoring, refining and scaling AI initiatives.

    Key Activities
    1. Establish a Governance Committee or AI Champion
    – This person or group oversees AI strategy, risk management and ethical considerations.
    2. Create Ethical and Compliance Frameworks
    – Define how your business will handle biases in AI, how you will secure customer data and how you will respond to unexpected AI behaviours.
    3. Pilot and Scale
    – Start small with a pilot project. Use lessons learned to refine governance before rolling out AI across other processes.

    Governance Consideration
    Accountability Structure: Clearly outline who is accountable if AI decisions lead to problems.
    Continuous Improvement: Set regular intervals, for example quarterly, to revisit governance policies, update them as needed and track AI performance metrics.

    Reflective Question:
    How will you ensure that governance remains a living, evolving practice rather than a static document that gathers dust?

    7. Case Study: How a 12-Person Marketing Firm Implemented AI with Strong Governance

    Consider a boutique marketing agency in the UK with 12 employees. The firm wanted to adopt agentic AI to automate:

    • Social media scheduling and posting
    • Real-time ad optimisation
    • Customer chat support

    Challenge: Initially, the agency believed they were too small to need formal governance. This led to a disorganised start, with different staff experimenting with AI tools independently. Data was scattered, and no one monitored whether posts or ads were ethically targeted.

    Governance Implementation:
    1. Governance Champion: The Operations Manager became the AI champion, documenting guidelines for data usage and vendor selection.
    2. Ethical Review: They introduced an “ethics checklist” to ensure targeted ads avoided discriminatory language and complied with privacy rules.
    3. Pilot Project: Over three months, they tested real-time ad optimisation for one client, tracking cost per lead, overall spend and audience feedback.
    4. Review and Scale: Following a 20 percent reduction in the client’s cost per lead, the agency applied the same governance framework to social media automation.

    Outcome: By the time the agency expanded agentic AI to all client accounts, it had a structured approach to data handling, performance measurement and ethical oversight. Clients appreciated the transparency (the agency explained how ads were targeted), and staff felt confident using the tools. This improved the agency’s reputation, leading to new clients and better profitability.

    Lesson Learned: Even a small firm can reap substantial benefits from well-defined governance. By outlining roles, guidelines and accountability measures, they avoided pitfalls and grew more efficiently.

    8. Final Thoughts and Next Steps

    Why Governance Is a Must for Small Businesses

    1. Protects Your Reputation
      A single data breach or unethical AI decision can undermine a small company’s trust. Governance helps maintain credibility with customers and stakeholders.

    2. Ensures Ethical and Legal Compliance
      Regulations do not exempt businesses beneath a certain size. If you mishandle data or breach consumers’ rights, the consequences can be just as severe as for a large corporation.

    3. Promotes Sustainable Growth
      Governance structures help you scale AI without descending into disorganisation. As your business expands, so does your capacity to manage risks effectively.

    4. Fosters Team Buy-In
      Clearly defined rules and open communication reduce anxiety over AI supplanting human roles. This makes it clear how AI will be employed and who is responsible for which tasks.

    5. Guides Strategic Decisions
      Governance transforms AI from a buzzword into a true driver of competitive advantage, channelling resources into projects aligned with your core objectives.

    Actionable Steps

    1. Assemble Your Governance Team
      Even if this is just one or two people, clarify roles such as AI champion, data steward and security lead.

    2. Draft a Simple Governance Charter
      Outline basic policies on data usage, ethical principles and accountability for AI deployments.

    3. Start with a Pilot Project
      Keep the scope small. Apply your governance guidelines, then evaluate the outcomes and refine policies before scaling.

    4. Train and Communicate
      Offer AI and data literacy sessions to all staff. Keep communication channels open and transparent.

    5. Monitor and Adapt
      Revisit governance practices periodically. Update them as you gain experience and in response to regulatory or technological changes.

    Closing Reflection

    Many small business owners assume governance is exclusive to large corporations with worldwide footprints.

    In fact, governance is the backbone of responsible AI adoption, no matter how many employees you have.

    By establishing clear guidelines on data, ethics, security and accountability, you ensure agentic AI works in your favour.

    In a market where trust and adaptability can make or break a small company, governance is an investment that quickly justifies itself.

    Final Thought: Embracing governance need not mean bureaucracy for its own sake. Instead, regard governance as a safety net and a compass, guiding your AI strategy so you can innovate confidently, serve customers better and create a workplace where technology and people thrive in tandem.