TL;DR: AI approval cycles can stretch from under two minutes of user adoption to eleven weeks of security review, driving Shadow AI and pilot purgatory when governance cannot keep pace with business demand, according to WitnessAI. The core problem is not AI usage itself but the mismatch between manual review models and the velocity of modern AI adoption.
At a glance
What this is: This is an analysis of why enterprise AI approval cycles stall and how risk-tiered review and runtime controls can compress governance without removing oversight.
Why it matters: It matters because the same approval bottleneck now affects AI tools, agentic systems, and the identity governance processes that must keep sanctioned use from turning into Shadow AI.
By the numbers:
- 95% of organizations surveyed reported no measurable return from their generative AI investments despite an estimated $30-40 billion in collective spending.
- 69% of cybersecurity leaders had evidence of, or suspected, employees using public GenAI tools at work.
👉 Read WitnessAI's analysis of the AI approval cycle problem
Context
The AI approval cycle problem is the gap between how fast employees adopt AI tools and how slowly enterprises review them. When business users can start using a tool in minutes but governance takes weeks, the control model no longer matches the way AI enters the organisation, and unmanaged use fills the gap.
For IAM, this is a governance problem as much as a security one. Approval authority, data handling, and runtime control all sit inside the same decision chain, so delays do not just slow procurement, they create Shadow AI, weaken trust in security teams, and leave sanctioned AI projects stuck in pilot purgatory.
The article frames the answer as proportionate governance rather than blanket restriction. That is the right starting point, because AI approval is now part of the broader identity lifecycle for human users, AI apps, and autonomous agents.
Key questions
Q: How should security teams speed up AI approval without weakening governance?
A: Use risk-tiered review lanes, clear production authority, and sanctioned catalogs for common low-risk use cases. Then reserve deep review for systems that touch sensitive data, external vendors, or write access. The goal is not fewer controls, but controls that match the actual risk level and the speed at which the business is adopting AI.
Q: Why do AI projects get stuck in pilot purgatory?
A: They usually stall because approval authority is unclear and manual review processes cannot keep pace with business demand. The pilot may be technically sound, but no one is formally empowered to move it into production. When governance is slow and ambiguous, teams either wait indefinitely or route around the process.
Q: What do security teams get wrong about AI governance reviews?
A: They often treat every use case as if it needs the same level of scrutiny. That creates bottlenecks and does not reflect actual risk. Effective governance separates routine, low-risk activity from higher-risk systems and uses runtime controls for interactions that can be governed continuously instead of repeatedly reviewed.
Q: Who should own AI production approval in the enterprise?
A: A single function should not own it alone. Security, legal, compliance, risk, and data governance each have a role, but one clearly named decision owner must be able to approve the move from pilot to production. Without that authority, governance becomes a queue instead of a control.
Technical breakdown
Why manual AI approval workflows break under adoption velocity
An AI approval cycle is a multi-stage governance process that typically routes intake through security, legal, compliance, risk, and data governance before production use is allowed. The failure point is not the existence of review, but the assumption that periodic human review can keep up with conversational AI adoption. Legacy controls such as DLP, CASB, and firewalls were built for files and network paths, not prompts, responses, and intent. When policy depends on manual case-by-case judgment, the queue becomes the control surface.
Practical implication: replace one-size-fits-all review with risk-tiered approval lanes and clear decision ownership.
How risk-tiered review lanes and pre-approved AI catalogs work
Risk-tiered governance separates low-risk use cases from higher-risk systems before the review begins. Low-risk tools on pre-approved infrastructure can move through a fast lane, while use cases that touch sensitive data, write access, or external vendors go to a slower, deeper review. A pre-approved catalog reduces repeated reviews for common requests by giving employees a sanctioned path. This is governance design, not just process tuning, because it removes ambiguity about which cases need full scrutiny and which do not.
Practical implication: define risk tiers, assign owners, and maintain a sanctioned AI catalog that can be reused across teams.
Runtime controls for prompt injection, intent classification, and auditability
Runtime governance shifts control from pre-approval alone to continuous enforcement at the point of interaction. Intent-based classification tries to understand what a user is trying to do, while four-action enforcement allows allow, warn, block, and route decisions instead of a binary permit or deny model. Bidirectional inspection covers both incoming prompts and outgoing responses, which matters because AI risk can appear in either direction. Continuous audit trails then turn policy into evidence, which is what reviewers and regulators need to see.
Practical implication: use runtime controls to reduce the number of interactions that need manual review while preserving evidence for audit.
NHI Mgmt Group analysis
AI approval delay is a governance failure, not a user-behaviour anomaly. The article shows that when approval takes eleven weeks while adoption takes minutes, employees route around the sanctioned process and create Shadow AI. That is a control design problem, because the enterprise is asking manual review to govern a deployment velocity it cannot physically absorb. Practitioners should treat approval latency as a signal that the governance model is out of phase with the business.
Shadow AI is the predictable outcome of unclear production authority. The article makes production ambiguity central: if no function can clearly approve a use case, the project stalls or escapes the process. That creates a split between written governance and operational governance, which is where risk accumulates. The implication is that AI governance needs explicit ownership, not just committees and policy documents.
Runtime enforcement is becoming a core identity control for AI systems. AI use cases now need policy that operates at interaction time, not just at intake time, because prompts, responses, and tool calls create risk after approval. That changes the governance baseline for AI apps and agents, especially when autonomous behaviour enters the chain. Practitioners should stop thinking of approval as a single gate and start treating it as a lifecycle with continuous controls.
Pre-approved catalogs create the quickest path from AI experimentation to sanctioned use. Common low-risk requests should not require fresh scrutiny every time, especially when the business is already using AI informally. A sanctioned catalog shortens the distance between demand and control, which reduces the incentive to bypass governance entirely. The practical conclusion is that speed and control are not opposites when the approval model is tiered correctly.
Identity governance for AI is moving from human-only review to mixed human and agent oversight. The article already treats autonomous agents as part of the platform’s operational surface, which means governance must cover both human requesters and machine executors. That widens the IAM problem from access approval to runtime accountability across actors. Practitioners need governance that can classify, approve, and monitor behaviour across the full identity spectrum.
From our research:
- 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases, according to The State of Secrets in AppSec.
- Only 44% of developers are reported to follow security best practices for secrets management, which helps explain why approval and runtime governance both matter.
- For a broader view of identity and secrets exposure patterns, read the Guide to the Secret Sprawl Challenge.
What this signals
AI approval is becoming a lifecycle issue, not a one-time intake issue. As AI tools move from experimentation to daily use, governance teams need review models that can absorb repeated requests without forcing every case through the same bottleneck. The operational signal is simple: if approval is slower than adoption, the organisation will create its own shadow path, whether policy permits it or not.
The strongest programmes will pair NIST Cybersecurity Framework 2.0 style governance with continuous evidence and clear ownership, because that is what turns review from a blocker into a repeatable control. A sanctioned path matters more than a perfect policy document when employees are already using public GenAI tools.
Approval velocity is now a control metric. When a common use case can be reviewed in days instead of weeks, security teams are more likely to stay in the path of adoption rather than fighting it after the fact. That is where AI governance becomes practical identity governance, because the same decision chain now touches human users, AI apps, and agent execution.
For practitioners
- Define AI risk tiers before review begins Separate low-risk productivity use cases from higher-risk systems that touch sensitive data, external vendors, or write access. Use the tier to decide whether a request enters a fast lane or a full governance review.
- Create a sanctioned AI catalog for repeat use cases Maintain a pre-approved inventory of common tools and approved patterns so business teams have a safe path that does not require a fresh review every time they want to reuse a known workflow.
- Assign explicit production authority for AI approvals Name who can move a use case from pilot to production, and document the decision rights across security, legal, compliance, risk, and data governance so projects do not stall in ambiguity.
- Add runtime controls for prompts, responses, and tool calls Use interaction-time enforcement so policy can allow, warn, block, or route based on what the system is actually doing, rather than depending only on pre-deployment review.
Key takeaways
- The AI approval cycle fails when manual governance is slower than business adoption, because employees will use unsanctioned tools rather than wait.
- Risk-tiered review lanes, pre-approved catalogs, and runtime enforcement are the controls that reduce delay without removing oversight.
- AI governance now sits inside the broader identity lifecycle, so approval authority, runtime policy, and audit evidence must work together.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST AI RMF, NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST AI RMF | The article centres on AI governance, risk tiering, and continuous oversight. | |
| NIST CSF 2.0 | PR.AC-1 | Approval authority and access to AI tools are identity governance problems. |
| NIST Zero Trust (SP 800-207) | PR.AC-4 | Runtime enforcement and continuous verification align with zero trust principles. |
Map AI approvals to AI RMF GOVERN and MEASURE so review becomes risk-based and continuously evidenced.
Key terms
- AI approval cycle: The AI approval cycle is the governance path a tool or use case follows from request to production use. It usually includes security, legal, compliance, risk, and data governance. In practice, the cycle should balance speed, evidence, and risk so that approved AI is usable rather than trapped in review.
- Shadow AI: Shadow AI is AI software or model use that is not visible to, or formally approved by, the organisation. It often appears when sanctioned routes are too slow or too restrictive. The governance risk is not just loss of control, but loss of audit trail, data handling discipline, and accountable ownership.
- Runtime controls: Runtime controls are policies and enforcement mechanisms that act while an AI system is processing prompts and generating outputs. They can allow, warn, block, or route interactions based on context. For AI governance, runtime controls reduce reliance on repeated manual review and create evidence that the policy was applied continuously.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
This post draws on content published by WitnessAI: the AI approval cycle problem and how to compress it. Read the original.
Published by the NHIMG editorial team on 2026-06-28.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org