One-size-fits-all AI rules could force 4-in-10 to cut agents

Gartner warned that a one-size-fits-all approach to governing autonomous AI agents will lead roughly 40% of organizations to demote or decommission those agents within the next year. The advisory firm’s report says many governance gaps are identified only after incidents occur in production.

The firm found organizations commonly treat agent governance as binary-either tightly locked down or fully trusted. That produces two failure modes: excessive restrictions that slow delivery and drive work into ungoverned shadow projects, and lax controls that increase operational, security and compliance risk.

Shiva Varma, senior director analyst at Gartner, warned: “Organizations are treating AI agent governance as binary, either locked down or fully trusted, and that is the root cause of failure.”

Gartner recommends a proportional governance model that classifies agents by autonomy level and trust boundary and maps specific controls to each level. The report defines four levels: observe, advise, act with approval and autonomous operations.

Observe agents have read-only access to defined data sources and return outputs directly to the requesting user. Typical uses include document summarization, knowledge retrieval and code explanation. Controls for this level should focus on scoped data access, user authentication, logging of usage and basic functional and security testing because the primary risks are data exposure and inaccurate outputs.

Advise agents generate recommendations, drafts or suggested actions while humans remain responsible for reviewing outputs and executing any actions. These agents generally keep read-only access and are used for email drafting, report or code generation and decision support. Gartner notes automation bias-users trusting recommendations too readily-and recommends adding accuracy and hallucination testing, domain-specific quality checks and user training on appropriate reliance levels to the baseline controls.

“At this level, human review is effective only if it remains a meaningful control,” Varma added, describing the third tier. “Without strong security testing, clear approval workflows with audit trails, and agent-specific incident response procedures, approvals can degrade under time pressure or approval fatigue, creating a false sense of safety while expanding the attack surface.”

“Act with approval” agents can write data, send communications or change configurations, but only after explicit human approval for each action. Gartner says approval workflows must provide clear audit trails and be supported by robust security testing and incident response planning.

At the highest autonomy level, agents execute actions independently within defined guardrails while humans review exceptions, audit logs and aggregated outcomes rather than individual decisions. Gartner says organizations remain accountable for results and must apply the strictest governance here, including continuous monitoring, enforced guardrails, rapid rollback mechanisms, circuit breakers that halt agent operations when thresholds are breached, and clear ownership for agent behavior.

The report says governance failures are often identified only after production incidents, prompting reactive demotions or decommissions. The guidance is directed at IT and risk leaders to align controls to an agent’s capabilities and access rather than applying identical restrictions across all deployments.