Production AI Institute · Public record

AI Adoption Guide · For companies

Move from gated AI access to safe, scaled autonomy.

A vendor-neutral guide to five operating stages: what each stage looks like, what blocks progress, which capabilities help, and the guardrails required before you scale.

Built for engineering, operations, research, service, and knowledge work. Provider names are intentionally omitted: the operating disciplines should survive a vendor change.

How to use the guide

Find the stage your operating system can support today.

Agent count is a signal, not the objective. Place the company at the highest stage where the operating description and guardrails are both true. Then use the transition gate to decide what must change next.

01Diagnose honestly

Use observed behaviour, not an AI strategy deck or a handful of impressive demos.

02Close the control gap

Add verification, context, ownership, and rollback before adding more autonomy.

03Scale proven loops

Automate work only after its evidence and exception path have earned trust.

Stage 0

Gated

Executive sponsor removing blockers

Active agents0

What it looks like

AI access is restricted to older, smaller, or heavily mediated models. Gateway latency, custom authentication, and process-heavy approval paths make useful work difficult.

There is no approved path for agents, governed tool connections, or hosting AI-created code and artefacts. Most outputs remain local and disconnected from normal company systems.

Unlock at this stageCreate a secure, approved path so teams can use AI inside the organisation's identity, data, budget, and deployment controls.

Capabilities that help

  • Approved enterprise AI workspace
  • A documented path for hosting agent-created code, reports, and artefacts
  • Provider access through an approved API, cloud, or managed service
  • A governed connector and tool-access layer

Guardrails required

  • Single sign-on, lifecycle management, and role-based access
  • Organisation-level budgets and usage limits
  • Deployment through existing identity, infrastructure, and approval controls
  • A data governance package covering allowed data, retention, logging, and incident handling

Framework focus

The controls that carry the most weight at this stage.

Gate to stage 1

Align the executive buyer, security, legal, finance, and technical owner on a controlled launch. Escalate blockers and define what safe use means before expanding access.

Stage 1

Assisted

You and an agent, working as a pair

Active agents~1

What it looks like

One person works with one agent in a mostly supervised session. The human reviews nearly every material response, decision, or change before it moves forward.

Work is synchronous: the operator watches the agent rather than starting another task. This applies to code, research, drafting, design, operations, and analysis.

Unlock at this stageA task that once filled an afternoon can be completed between meetings, while a named person remains responsible for every material output.

Capabilities that help

  • Agent interfaces in the desktop, command line, IDE, browser, or workflow application
  • Collaborative workspaces for documents, design, analysis, and operational tasks
  • Approved access through provider APIs or managed cloud services
  • Usage analytics and compliance reporting APIs
  • Plan or review modes that expose intent before the agent acts

Guardrails required

  • Per-user and per-team spend limits
  • Centrally managed model, effort, and tool settings
  • Centrally managed acceptable-use and access policy
  • OpenTelemetry or equivalent usage export into the existing SIEM and observability stack
  • Human approval for material, external, high-impact, or irreversible actions

Framework focus

The controls that carry the most weight at this stage.

Gate to stage 2

Run more than one isolated agent at a time. Establish a self-verification loop you trust, including tests, build, lint, security checks, citations, reconciliation, and end-to-end testing in a real environment. Automate review and pre-approve common safe actions.

Stage 2

Parallel

Orchestrator

Active agents5-10

What it looks like

One person directs several agents at once, each in an isolated task, workspace, or worktree. Agents check their own work before a human sees the result.

The operator reviews final evidence and diffs rather than keystrokes. Backlogs shrink because maintenance and delivery work can proceed in parallel.

Unlock at this stageA backlog that once took a team weeks can become one operator's afternoon of structured orchestration.

Capabilities that help

  • A multi-agent console with parallel task visibility
  • Isolated workspaces, branches, sandboxes, or worktrees
  • Automatic code, quality, policy, and security review
  • Cloud or remote execution with mobile monitoring
  • Single-task delegation for bounded requests
  • Usage analytics across people, agents, teams, and workflows

Guardrails required

  • Automatic tests, type checks, linting, policy checks, and domain-specific validation
  • End-to-end verification with real browsers, simulators, staging systems, or reconciled source evidence
  • Manual approval for merge, release, high-impact decisions, and security-sensitive changes
  • The same quality bar for human-generated and agent-generated work
  • Pre-approved safe commands, tools, and connector actions with everything else escalated

Framework focus

The controls that carry the most weight at this stage.

Gate to stage 3

Give agents governed access to the context they need across code, wikis, discussions, policies, and systems. Improve review speed, define cross-team ownership, turn recurring work into loops, and allow trusted agents to delegate bounded work to other agents.

Stage 3

Supervised autonomy

Manager of managers

Active agents~100

What it looks like

Agents perform nearly all routine production work. The central question changes from 'did a human read every line?' to 'what context or control was missing, and how do we improve the system for next time?'

Maintenance, monitoring, cleanup, documentation, and feedback remediation can run continuously without waiting for someone to start each task.

Unlock at this stageTrusted loops begin useful work proactively, while people supervise outcomes, exceptions, priorities, and organisational learning.

Capabilities that help

  • Hierarchical agents and subagents with collision-resistant isolation
  • Scheduled routines, loops, batches, and goal-driven work
  • Dynamic workflows that adapt to evidence and results
  • Event, channel, and data-source triggers that can start bounded work proactively
  • Governed context connections to code, knowledge, policy, discussion, and operational systems

Guardrails required

  • Automatic quality review and security review on every relevant path
  • Agent sandboxing, least privilege, scoped credentials, and network boundaries
  • Versioned instruction files, skills, policies, and ownership rules
  • Permission classifiers tuned from observed use and incident evidence
  • Token efficiency through model routing, specialist tools, language servers, advisors, and lazy context loading
  • Exception queues, kill switches, rollback paths, and accountable human owners
Gate to stage 4

Turn proven loops into scaled, domain-specific automation for work such as migrations, testing, fuzzing, feature delivery, controls evidence, service operations, and feedback remediation.

Stage 4

AI-native

Executive steering by intent

Active agents1,000+

What it looks like

Most routine agent work is initiated by trusted systems rather than individual prompts. Hundreds or thousands of agents can run across bounded workflows while leaders steer by intent and monitor by exception.

The organisation operates a portfolio of automation with explicit owners, controls, evidence, cost boundaries, and stop conditions.

Unlock at this stageA quarter-long migration or operating change becomes a governed workflow that leaders initiate, observe, and stop when evidence crosses a boundary.

Capabilities that help

  • A provider-neutral agent SDK or orchestration runtime
  • Programmatic scheduling, event triggers, queues, and workflow state
  • A shared observability and control plane across models, agents, tools, and environments
  • Policy-as-code and evidence capture for every automation class
  • Routing across models and specialist systems based on risk, quality, latency, and cost

Guardrails required

  • Portfolio-level cost controls and budgets for automation
  • Risk-based model and tool selection
  • Continuous evaluation, drift detection, incident response, and rollback
  • Human accountability for objectives, exceptions, and high-impact decisions
  • Tested provider fallback, data portability, and exit plans
  • All eight Framework domains operating as continuously evidenced controls
Operating discipline

AI-native is not a finish line. Keep measuring whether each automation remains useful, controlled, reversible, and worth its cost.

A maturity model, not a race

Do not scale agent count faster than trust.

Many companies should remain at Stage 1 or 2 for high-impact work while using Stage 3 loops for low-risk maintenance. Maturity is the ability to match autonomy to risk, not the ability to maximise the number of agents running.

Source and adaptation

Vendor-neutral by design.

The five-stage structure was adapted from Steps of AI Adoption by Boris Cherny, published 16 July 2026. Production AI Institute rewrote the model for companies using any provider, model, cloud, or agent stack, extended it beyond software engineering, and mapped each stage to The Framework.