Gartner has warned that applying the same governance rules to all AI agents can lead to the failure of many business projects. The firm argues that organizations are making a mistake by treating these systems as if they all have the same level of autonomy, permissions, and operational risk.
The forecast is clear: by 2027, 40% of companies will decommission or withdraw autonomous AI agents due to governance gaps identified after incidents in production. According to Gartner, the problem often arises when there’s no distinction between the agent’s ability to act and the actual scope of access granted to it.
The mistake of governing all agents equally
The deployment of AI agents has accelerated in many companies, but their internal control systems haven’t always kept pace. Gartner notes that some organizations adopt a binary approach: either overly restrict agents or trust them too much.
Both extremes cause issues. Restricting simple agents too much hampers agility, delays projects, and can lead to parallel developments outside official control. Allowing more autonomous agents to act freely increases operational, security, and compliance risks.
Shiva Varma, a senior Gartner analyst, summarizes the problem by pointing out that agents operate with different levels of autonomy and within varying trust boundaries. Therefore, the same rules should not be applied indiscriminately.
The key is to classify agents based on what they can do, what systems they access, and what the consequences of a mistake could be. For example, an assistant that summarizes documents doesn’t carry the same risk as an agent capable of modifying configurations, sending communications, or executing changes in production systems.
Four levels of autonomy
Gartner proposes a proportional model divided into four levels. The first is observation. In this case, the agent only has read access to specific data sources, and its results are visible to the user who made the request. This is used, for example, to summarize documents, retrieve internal knowledge, or explain code.
Controls at this level should be lightweight but clear: user authentication, limited data access, activity logging, and basic security and functionality tests. The main risks are information exposure and response accuracy.
The second level is advisory. Here, the agent generates recommendations, drafts, or proposals but does not execute actions. A person reviews the output and decides whether to use it. Such agents can be employed to draft emails, create reports, generate code, or support decision-making.
While humans retain final execution authority, Gartner warns of a common risk: overreliance on automatic responses. Therefore, it recommends accuracy testing, hallucination assessments, domain-specific quality controls, and training users to know when to rely on the agent and when to review more carefully.
When the agent starts to act
The third level involves action with approval. In this scenario, the agent can write data, send messages, or modify configurations, but each action requires explicit human authorization before execution.
While this model may seem secure, Gartner warns that human approval only works if it remains a true control. If workflows are confusing, traceability is lacking, or approvers grow complacent, reviews can become pointless formalities. For this level, more robust security tests, well-defined approval processes, audits, and incident response plans specific to agents are necessary.
The fourth level is the most delicate: agents acting autonomously within defined limits. Here, humans no longer review each action individually but monitor exceptions, logs, and aggregated results.
When an agent operates at this scale, it can perform actions at speeds that surpass direct human supervision. Gartner recommends stricter controls: continuous monitoring, automatic barriers, quick rollback mechanisms, emergency stop switches when certain thresholds are exceeded, and clearly assigned responsible individuals for agent behavior.
The warning is particularly relevant as many companies want to move from controlled testing to integrating agents into real processes. Gartner’s message is clear: autonomy must be earned through proportional controls, not granted by default.
Frequently Asked Questions
What risk does Gartner see in AI agents?
The main risk is applying the same governance to agents with vastly different levels of autonomy and access, which can cause unnecessary blocks or incidents in production.
What are Gartner’s proposed levels of autonomy?
Gartner identifies four levels: observing, advising, acting with human approval, and acting autonomously within defined limits.
Why isn’t it enough for a person to approve an agent’s actions?
Because approval can lose value if there’s no traceability, clear criteria, or actual review. Gartner warns of approval fatigue in repetitive tasks or under pressure.
via: Gartner