The fundamental tension in enterprise AI adoption is becoming impossible to ignore. While 51% of global VC funding was deployed in AI-focused companies in Q4 2024 (a 100% year-over-year increase according to FDI Intelligence), only 23% of leaders feel their organization's risk management functions are ready to support scaling AI initiatives (Deloitte).
This widening gap isn't merely a statistical curiosity—it's the leading indicator of what we call "velocity loss."
When AI acceleration collides with necessary controls, innovation stalls, resources are wasted, and competitors gain ground. This velocity loss represents the core challenge in AI adoption today.
At ServiceNow, we encountered this challenge firsthand. Our journey toward building the AI Control Tower began by experiencing exactly what our customers are now facing: the need to balance innovation velocity with responsible control.
The Missing Foundation: Data First
At ServiceNow, we learned early that data, not algorithms, form the critical foundation for successful AI. Our first milestone was establishing the Data for Responsible Testing (DART) program, allowing data contributions from customers with explicit consent, recognizing that sustainable AI requires disciplined data strategies.
We hired specialized AI Data & Strategy PMs who quickly advanced our data footprint through additional data initiatives. Through their work, we realized something profound: scattered data initiatives were insufficient.
Unlike traditional software development lifecycles, AI development at ServiceNow required a more comprehensive approach. We needed a formal Data for AI program with executive buy-in, quarterly steering committee oversight, and a robust governance framework.
This wasn't just another infrastructure or data play. As Sam Altman observed about AI development: "The cost to use a given level of AI falls about 10x every 12 months... Moore's law changed the world at 2x every 18 months; this is unbelievably stronger."
With this exponential acceleration, robust AI governance quickly became an essential requirement.
The Coordination Problem
Next, we addressed what we refer to as the "coordination problem" - what we often call the "AI Roundabout.” AI doesn't respect organizational boundaries, but our companies are still organized in functional silos.
We established our AI Data Strategy that brought together Tools, Data, Compute and appropriate controls. Only the combination of the 4 allowed ServiceNow to move fast but mitigate risk. Additionally, we gathered cross-functional leaderships panning legal, data governance, risk, compliance, security, engineering, and product management—creating a unified approach to AI development.
The appointment of our first AI Steward marked a pivotal moment. Rather than relying on ad-hoc decisions, we created independent oversight of data usage and use case approvals. Supporting this, our Data Operations team translated governance decisions into operational reality.
This may sound bureaucratic and may slow progress, but it's the opposite. Like rock climbing, a rope enables faster ascent through safety. The right controls accelerate innovation by building trust.
From Fragmentation to Framework
As our AI ecosystem expanded, fragmentation became our enemy. We established dedicated development teams for AI environments and created Data as a Service (DaaS) Central—our first AI control portal—to manage approvals and data usage centrally.
We developed comprehensive Standard Operating Procedures governing AI SDLC, deployment protocols, and data usage. This operational backbone culminated in our enterprise-wide AI control program and first AI Governance Policy aligned with National Institute of Standards and Technology (NIST)'s AI Risk Management Framework.
All this allowed the magic to happen - we shifted from a needs-based to a risk-based approach. Instead of applying uniform controls to all AI initiatives, we calibrated oversight based on the specific risk profile of each use case. Lower-risk innovations proceeded with appropriate velocity, while higher-risk scenarios received more rigorous controls.
Building the Trust Bridge
The most critical—and often overlooked—factor in AI scaling is trust. By positioning product teams and business units as the focal point for cross-functional alignment, we transformed potential friction points into collaborative partnerships.
We extended this trust-building to our customers through red-teaming exercises to proactively identify vulnerabilities, proper data classification frameworks and transparent control processes.
Interestingly, we found that internal audits, rather than slowing progress, actually accelerated it by building confidence. The audit process became an accelerator of trust rather than a hindrance to progress.
From Air Traffic Control to AI Control Tower
This journey led us to a powerful metaphor: effective AI management must function like air traffic control—enabling maximum throughput while ensuring safety through centralized visibility and distributed action.
Our vision crystallized: to enable enterprises to actively manage, optimize, control, secure, and measure the value of their AI investments, ensuring performance, compliance, and workforce transformation while seamlessly embedding AI into enterprise strategy and reducing time to value.
Like air traffic control, the AI Control Tower creates managed complexity rather than imposed simplicity. It delivers inventory awareness, workflow orchestration, compliance verification, and continuous measurement—all built on a unified data model connecting controls to actual systems.
In the next post (Part 1), we'll explore how these insights led to the architectural foundations of the AI Control Tower—transforming our internal journey into a solution that helps enterprises navigate the complexity of scaling AI responsibly without sacrificing velocity.
