1. Cloud Infrastructure
Can your cloud environment support AI agent workloads reliably and cost-effectively?
Infrastructure is defined and managed as code (Terraform, Pulumi, or CloudFormation), with changes deployed through a reviewed pipeline.
Logs, metrics, and distributed traces are collected across cloud workloads, with alerts configured for key failure modes.
Security scanning is integrated into CI/CD, and cloud resources are checked regularly for misconfigurations and compliance drift.
Cloud costs are tracked at the team or workload level, with budgets, tagging, and anomaly alerts in place.
2. Data Quality and Pipelines
Is your data accessible, trustworthy, and governed well enough to power AI agents?
Data pipelines run with defined SLOs, and failures are detected before they affect downstream systems.
Automated quality checks catch missing, malformed, or out-of-range data before it reaches production AI systems.
PII is identified, classified, and handled consistently, with access controls and audit logging enforced across data systems.
Data lineage is tracked for key datasets — you can trace where data came from and how it was transformed before reaching an AI model.
3. DevOps and MLOps
Can your team deploy AI model changes safely and frequently?
CI/CD pipelines cover both application code and AI model changes, with automated testing before every deployment.
The team deploys to production multiple times per week and can roll back a failed deployment within minutes.
AI model versions are tracked in a registry, and rolling back to a previous model version is a routine, tested operation.
There is a documented and tested process for responding to AI model failures or degraded performance in production.
4. Team Capability
Does your team have the skills, ownership, and leadership literacy to run AI agents in production?
The engineering team includes people with hands-on AI/ML experience beyond prompt engineering or basic API integration.
A named person is accountable for AI adoption outcomes, with the authority to make decisions and clear success criteria.
Leadership can articulate which AI investments are in flight, what the expected outcomes are, and what is currently blocking progress.
Engineering, product, data, and operations teams are actively collaborating on AI delivery, not working in separate tracks.
5. Governance
Are you managing the risks of AI agents systematically?
A published AI governance policy covers acceptable use, risk management, and who has authority to approve AI deployments.
Decisions and actions taken by AI agents are logged with enough detail to audit, investigate, and explain them after the fact.
Regulatory obligations related to AI have been formally assessed, including APRA CPS 230, VAISS, and ISO 42001 where relevant.
Human review is required before AI agents take action in high-risk or high-consequence scenarios, and this is enforced, not just policy.
6. Strategic Alignment
Is there a clear, prioritised AI plan connected to business outcomes?
The top AI use cases have been prioritised by measurable business value, not by vendor recommendation or team enthusiasm.
There is an agreed ROI model or measurable success metric for the highest-priority AI initiative, with a baseline to compare against.
Board or executive leadership has endorsed a specific AI plan with milestones, named owners, and a reporting cadence.
Progress against AI milestones is tracked and reported to leadership on a regular cadence, with outcomes measured against the original business case.