Agentic AI Sprawl: 94% of Enterprises Report Rising Risk, Only 12% Have Centralized Control

See also (wiki): shadow-ai · agentic-ai-governance

Executive Summary

• OutSystems surveyed ~1,900 global IT leaders (Dec 2025–Jan 2026) on agentic AI adoption, governance, and risk.
• 96% of organizations are already using AI agents in some capacity; 97% are exploring system-wide agentic strategies. Deployment is effectively universal.
• 94% report that AI sprawl is increasing complexity, technical debt, and security risk. Only 12% have implemented a centralized platform to manage it. The 82-point gap is the most actionable number in this report for a CIO/CISO audience.
• Governance architecture has not kept pace with deployment velocity: 52% rely on a human-on-the-loop model, but the agents those humans oversee are running across uncoordinated tool sets with no centralized control plane.
• Source caveat applies: OutSystems sells enterprise application platforms and has a commercial interest in centralized AI governance. The concern quantification (94%) still has diagnostic value when read directionally rather than as a precise benchmark.

Agentic AI Deployment Has Reached Near-Universal Penetration

96% of organizations surveyed report using AI agents in some capacity. 97% say they are exploring system-wide agentic AI strategies.

Those numbers are consistent with the broader 2026 corpus. Gartner projects that 40% of enterprise applications will include task-specific AI agents by end of 2026 — up from less than 5% in 2025. Forrester’s April 2026 CISO briefing already names agentic sprawl a current challenge for 56% of generative AI decision-makers (Forrester Q4 2025 AI Pulse Survey).

The deployment curve is steep and compressing. What took SaaS five years to achieve in enterprise penetration, agentic AI is replicating in under 24 months.

The Governance Gap Is Structural, Not Temporary

The headline number from this report is not the 96% adoption rate. It is the 82-point gap between the 94% who report sprawl-driven risk and the 12% who have implemented a centralized platform to manage it.

That gap is not a lag — it is a structural mismatch. Enterprise agentic deployments are decentralized by origin. Business units deploy agents through product-specific interfaces (Salesforce Agentforce, Microsoft Copilot Studio, ServiceNow, vendor-specific tools) without a shared identity layer, audit trail, or policy enforcement point. Centralized governance requires either retrofitting controls onto distributed deployments or standardizing the deployment platform before the deployment happens. Neither is fast.

The 12% who have implemented centralized platforms are not ahead of schedule. The 88% who have not are not behind. The industry has not yet built the default tooling for this problem. This is the CIO’s actual 2026 governance gap.

Cross-references from the corpus:

• Grant Thornton AI Impact Survey (n=950, Feb–Mar 2026): 73% of organizations give agentic AI access to live data and processes; only 20% have tested an AI incident response plan.
• EY Technology Pulse Poll (n=500, Mar 2026): 52% of department AI runs without formal approval; 45% report confirmed or suspected data leaks via unauthorized third-party AI tools.
• Forrester Q4 2025 AI Pulse Survey: 56% of GenAI decision-makers already call agentic sprawl a current challenge.
• IBM IBV / Palo Alto Networks (n=1,000, Mar 2026): Average enterprise runs 27 AI solutions from 10 vendors — tool sprawl is the structural enabler.

Maturity Self-Assessment Is Likely Overstated

49% of respondents describe their agentic AI capabilities as advanced or expert. 31% say AI is already integral to their development practices.

That self-assessment warrants skepticism. The same survey shows 88% lack centralized governance — a prerequisite that most frameworks (NIST AI RMF, MIT CISR Minimum Viable Governance) treat as a basic maturity requirement. Advanced/expert maturity without centralized governance and tested incident response is better characterized as advanced deployment with immature operations.

The McKinsey Responsible AI maturity benchmark (2025) puts average enterprise RAI maturity at 2.3 on a 4.0 scale. The Grant Thornton finding that 80% of organizations deploying live agents lack a tested incident response plan is a harder maturity measure than self-report. The 49% advanced/expert self-assessment likely reflects deployment sophistication, not governance maturity.

What the Deployment Pattern Reveals

• 38% mix custom-built and pre-built agents — creating exactly the heterogeneous environment where centralized governance is hardest to apply.
• 42% have embedded AI into specific phases of the software development lifecycle — suggesting phase-specific tooling decisions rather than platform-level choices.
• 52% use a human-on-the-loop model — which in practice means asynchronous review of agent outputs, not pre-authorized containment authority. Grant Thornton data shows that containment confidence at the piloting stage is 7%, versus 74% at full integration. Most enterprises are at the piloting stage.

Financial services and technology organizations report the highest production deployment levels. These are also the sectors with the most regulatory exposure from ungoverned autonomous AI.

Source Credibility Assessment

Rating: LOW-MEDIUM. Apply vendor caveat throughout.

OutSystems is an enterprise application platform company. Its product line benefits from a market consensus that agentic AI requires centralized platform management — precisely the conclusion this report supports. The survey methodology is not independently audited. The APAC sub-sample (527 of ~1,900) appears to have driven regional cuts in the press release, suggesting the sample may skew toward OutSystems-adjacent markets and networks.

The governance-risk finding (94% concern) has partial corroboration from Forrester (56%), EY (52%), and IBM IBV (76%) across different methodologies. The 12% centralized-platform figure is plausible directionally but should not be cited as a precise benchmark.

Use the 94%/12% gap as a directional diagnostic — not as a certified measurement. Pair with Grant Thornton (n=950, independent) and Forrester (Q4 2025 AI Pulse) for corroboration in client-facing work.

Key Data Points

What This Means for Your Organization

The OutSystems finding confirms what the 2026 corpus has been building toward: agentic AI deployment has outrun the governance infrastructure required to manage it. If 94% of IT leaders at organizations actively deploying agents report that sprawl is creating complexity, technical debt, and security risk — and only 12% have a centralized platform to address it — that is a description of current operating conditions, not a future risk.

The practical implication for a CIO or CISO at a 200–2,000 person company: the absence of a centralized AI governance platform is not a gap relative to best practice. It is the statistical norm. The question is not whether to build governance — it is whether to build it proactively before an incident, or reactively after one. Grant Thornton’s data on incident response readiness (20% have tested a plan, 80% have not) indicates most organizations are on the reactive path.

The minimum viable response does not require a platform purchase. It requires three things: an inventory of all deployed agents with their data access permissions, a designated authority who can pause any agent without further approval, and a tested incident response procedure. The MIT CISR Minimum Viable Governance framework and the Grant Thornton five self-assessment questions both provide actionable starting points executable without a vendor contract.

If this raised questions specific to your organization’s agentic AI governance posture, I’d welcome the conversation — brandon@brandonsneider.com

Sources

1. OutSystems “State of AI Development 2026: The Move to Agentic AI” — Primary report, April 7, 2026. n=~1,900 global IT leaders, survey conducted Dec 2025–Jan 2026. https://www.outsystems.com/1/state-ai-development/ | BusinessWire announcement: https://www.businesswire.com/news/home/20260407749542/en/ | Vendor caveat: OutSystems sells enterprise application platforms; findings align with its product positioning. Treat as directional with corroboration required.

2. Grant Thornton “2026 AI Impact Survey” — n=950, Feb–Mar 2026. Cited for corroboration of agentic deployment without governance. research/04-consulting-firms/grant-thornton-ai-impact-survey-2026.md

3. EY Technology Pulse Poll — n=500 US tech-industry director-level+, Mar 4, 2026. Cited for 52% department AI runs without approval. research/04-consulting-firms/ey-autonomous-ai-tech-pulse-2026.md

4. Forrester “The AI CISO” (Amy DeMartine) — April 9, 2026. Cited for 56% agentic sprawl as current challenge. research/04-consulting-firms/forrester-ciso-ai-driven-future-2026.md

5. IBM IBV / Palo Alto Networks — n=1,000 C-level, Mar 2026. Cited for average 27 AI solutions / 10 vendors. research/06-security-frontier/ibm-ibv-agentic-ai-cybersecurity-2026.md

6. MIT CISR “Minimum Viable Governance for GenAI” (van der Meulen, Jewer, Levallet) — Mar 19, 2026. Cited for governance framework reference. research/06-security-frontier/mit-cisr-minimum-viable-governance-2026.md

7. Gartner — Projection cited by OutSystems: 40% of enterprise apps to include task-specific AI agents by end of 2026.

Brandon Sneider | brandon@brandonsneider.com April 2026