insights

From pilot to production: why enterprise AI stalls at proof of concept

A production-readiness framework for enterprise AI covering governed data, evaluation, human controls, security, ownership, reliability and cost.

MENTARA principlePriority → accountable ownership → delivery → continuity
Decision context

A production-readiness framework for enterprise AI covering governed data, evaluation, human controls, security, ownership, reliability and cost.

On this page

01

Overview

On this page

Enterprise AI loses momentum when a persuasive demonstration is mistaken for a production-ready service. Moving forward requires governed data, measurable acceptance criteria and an accountable product owner.

A proof of concept answers a narrow question: can a model produce a useful response under selected conditions? Production asks a different set of questions. The service must work with governed enterprise data, behave within agreed limits, protect sensitive information, recover from failure and remain economically sustainable as usage changes.

The gap between those two states is an operating-model gap. Teams often continue tuning prompts because model behaviour is visible, while ownership, data quality, evaluation, security and service operations remain unresolved. The initiative then reaches a decision gate with no accepted definition of ready.

Treat the AI capability as a product and service, not as a model experiment. The accountable product owner holds the value case, acceptance criteria, risk decisions and run budget together.

The pilot explores a broad capability instead of improving one workflow, user decision or service outcome with a defined owner.

Source data lacks clear ownership, access rules, provenance, freshness or permission for the intended use.

A small set of hand-picked prompts replaces repeatable tests, failure categories and acceptance thresholds.

No bounded business decisionUngoverned informationDemonstration-only evaluationUnclear human controlMissing service budgetsFragmented ownershipSource controlRetrieval qualityDataset governanceData boundariesAssistApprove
  • Approved systems of record
  • Document-level access enforcement
  • Version and freshness metadata
  • Removal and correction workflow
  • Relevant source selection
  • Citation or provenance capture
  • Permission-aware retrieval
  • Fallback when evidence is insufficient
  • Named owner and review cadence
  • Representative user journeys
  • Sensitive and edge-case coverage
  • Change history and release linkage
  • Permitted model and region
  • Prompt and response retention
  • Training-use restrictions
  • Audit and deletion requirements
  • Request volume and completion
  • Latency by component
  • Failure and fallback route
  • Token and tool consumption
02

A demonstration proves interest, not readiness

A proof of concept answers a narrow question: can a model produce a useful response under selected conditions? Production asks a different set of questions. The service must work with governed enterprise data, behave within agreed limits, protect sensitive information, recover from failure and remain economically sustainable as usage changes.

The gap between those two states is an operating-model gap. Teams often continue tuning prompts because model behaviour is visible, while ownership, data quality, evaluation, security and service operations remain unresolved. The initiative then reaches a decision gate with no accepted definition of ready.

Treat the AI capability as a product and service, not as a model experiment. The accountable product owner holds the value case, acceptance criteria, risk decisions and run budget together.

03

Why enterprise AI stalls after proof of concept

The pilot explores a broad capability instead of improving one workflow, user decision or service outcome with a defined owner.

Source data lacks clear ownership, access rules, provenance, freshness or permission for the intended use.

A small set of hand-picked prompts replaces repeatable tests, failure categories and acceptance thresholds.

The design does not state when a person reviews, approves, corrects or stops an AI-assisted action.

Latency, availability, recovery, model usage and cost per completed task remain outside the product decision.

Business, data, model, application, security and operations teams each hold part of the risk without one accountable product owner.

A production plan closes these gaps in parallel. Solving them sequentially creates late surprises: an accurate workflow that breaches data policy, a secure workflow that users reject, or a useful workflow whose operating cost cannot be governed.

No bounded business decisionUngoverned informationDemonstration-only evaluationUnclear human controlMissing service budgetsFragmented ownership
04

Build governed data foundations and golden datasets

Data readiness begins with the workflow and the decision it supports. Inventory the information the service retrieves, generates, stores and sends to tools. For every source, record the accountable data owner, permitted purpose, classification, retention rule, freshness expectation and path for correction.

A golden dataset is a versioned, governed set of representative inputs and expected behaviours used to evaluate change. It should cover normal work, difficult cases, policy-sensitive content, incomplete information, adversarial inputs and known failure modes. The dataset evolves as production monitoring identifies new patterns.

They belong in version control or an equivalent governed repository, are tied to acceptance criteria and are rerun whenever prompts, retrieval, tools, models or policies change.

Source controlRetrieval qualityDataset governanceData boundaries
  • Approved systems of record
  • Document-level access enforcement
  • Version and freshness metadata
  • Removal and correction workflow
  • Relevant source selection
  • Citation or provenance capture
  • Permission-aware retrieval
  • Fallback when evidence is insufficient
  • Named owner and review cadence
  • Representative user journeys
  • Sensitive and edge-case coverage
  • Change history and release linkage
  • Permitted model and region
  • Prompt and response retention
  • Training-use restrictions
  • Audit and deletion requirements
05

Define evaluation and acceptance before release

Evaluation must reflect the business task rather than a generic model score. Start with the failure that matters: an unsupported answer, an incorrect classification, missed evidence, policy-violating content, an unsafe tool action or a response that arrives too late to support the workflow.

06

A practical evaluation framework

Acceptance criteria combine thresholds and judgement. Automated tests provide repeatability; domain reviewers assess context and consequence. The release decision records both, including known limitations and the owner accepting residual risk.

07

Place human judgement where consequence is highest

The system drafts or recommends. A person remains the decision-maker and the system records edits for learning.

The system prepares an action, but execution waits for an authorized person at a defined control point.

The system acts within bounded rules while exceptions, low confidence and policy signals route to a person.

Authorized owners can suspend a workflow, revoke tool access, roll back a release and communicate an operational incident.

Human-in-the-loop is a control design, not a universal manual checkpoint. Requiring approval for every low-risk response destroys usability, while removing review from consequential decisions creates unmanaged exposure. Classify actions by consequence, reversibility, sensitivity and model uncertainty.

AssistApproveSuperviseStop and recover
08

Make model, application and business ownership explicit

One person can hold more than one role in a smaller programme. The decision rights still need to be explicit. A role name without authority, evidence or escalation responsibility does not create accountability.

09

Engineer latency, reliability and cost per query as product constraints

The user experiences the complete application, not the model in isolation. Retrieval, tool calls, policy checks, model inference and downstream integrations all consume time and create failure points. Define a latency budget across that chain, then set timeout, retry and fallback behaviour for each dependency.

Reliability design includes model-provider failure, quota exhaustion, retrieval degradation, malformed outputs, tool failure and unexpected cost growth. Cost should be measured per completed workflow or transaction rather than only per token. This connects architecture choices to business value and exposes expensive retries, unused context and unnecessary calls.

MENTARA uses OpenTelemetry as a vendor-neutral instrumentation reference for traces, metrics and logs across the application path.

Production telemetryChange telemetry
  • Request volume and completion
  • Latency by component
  • Failure and fallback route
  • Token and tool consumption
  • Human override and rejection
  • Policy and security events
  • Prompt and model version
  • Retrieval configuration
  • Golden-dataset result
  • Release decision and owner
  • Post-release comparison
  • Rollback trigger
10

Integrate security, privacy, governance and regulatory review

Requirements vary by jurisdiction, sector, data type and use. The production plan should map obligations to the actual workflow: who is affected, what information is processed, which decisions are supported, how explanations are provided and where records are retained.

Security starts with a threat model for the full application. Treat prompts, retrieved content, documents and tool responses as untrusted input. Apply least privilege to models, agents and tools; validate structured outputs; separate data domains; protect secrets; and test for prompt injection, data disclosure and unsafe action paths.

Governance should produce usable evidence: a system inventory, data map, risk assessment, evaluation record, model and prompt versions, approvals, incident route and change history. A policy without operational evidence does not support a release decision.

MENTARA uses the NIST AI Risk Management Framework: Generative AI Profile and NIST AI RMF resources to structure risk governance, and the OWASP GenAI Security Project to inform application threat testing.

11

A phased path from experiment to production

Select one bounded workflow, name the product owner, define users and consequences, record the value hypothesis and agree stop conditions.

Validate user need, approved data access, retrieval behaviour and the human-control design with representative work.

Build golden datasets, automated evaluation, security controls, observability, latency and cost budgets, fallback behaviour and runbooks.

Release to a bounded user group or workload, monitor quality and control signals, capture overrides and hold an explicit expansion decision.

Review value, quality, risk, reliability and economics together. Re-evaluate every material change and retire the service when its value or control basis no longer holds.

Frame the product decisionProve the workflow and data pathHarden the serviceLaunch under controlled exposureOperate and improve
12

Executive and delivery checklists

Executive readinessDelivery readiness
  • A business product owner holds scope, value, risk acceptance and run budget.
  • The workflow and affected users are bounded clearly enough to make a release decision.
  • The organization has agreed what the system must never do.
  • Data, security, privacy, legal and operations owners have explicit decision rights.
  • Cost is visible per completed task and tied to an operating budget.
  • Expansion depends on monitored evidence, not demonstration quality.
  • Approved data sources, permissions, retention and correction paths are documented.
  • Golden datasets cover normal, difficult, sensitive and adversarial cases.
  • Acceptance criteria cover task quality, grounding, safety, service quality and economics.
  • Human review, override, stop and recovery controls are tested.
  • Prompts, models, retrieval settings, tools and policies are versioned.
  • Monitoring, alerts, runbooks, escalation and rollback are ready before exposure expands.
Next step

Continue with the decision in front of you.

Share the business context, constraints and expected outcome. MENTARA will identify the relevant accountable route.

Submit your requirement