by Richard James Market Leader, Asia Pacific Japan Middle East & Africa – Consulting & Engineering Services, DXC Technology
1. AI is moving fast from experimentation to real business impact, how are enterprises adapting to this shift?
Enterprises are moving from isolated AI experiments to embedding AI into core operations where it delivers measurable value. The shift is now about scaling agentic systems that optimise workflows and generate operational intelligence across the business.
This requires a change in the operational model. Organisations are governed environments where autonomy is clearly defined and controlled, usually by humans who use tools. AI is different because it can make decisions and take actions, which means it can be treated as part of the operation almost like an employee rather than a tool.
This also means that businesses are reviewing their governance structures to incorporate AI agents into the process, including managing their identities, defining new policies, implementing new risk controls, and orchestrating work at a speed and volume that didn’t exist before.
2. When AI creates insights, content, or workflows, who actually owns that output?
AI systems raise a new issue: who owns the intellectual property when agents optimise processes or generate operational intelligence that no human team can reproduce.
In principle, it seems simple: it’s the company that owns the processes and applies the AI, but if the business is using a foundational tool from a third-party provider, the question then is “Where does that institutional knowledge accumulate?”
If these companies don’t have strong internal governance, they risk losing control over parts of their intellectual property.
This means governance became a critical means of controlling IP. This is why governance is now seen as a form of intellectual property in itself.
3. Do current intellectual property laws fully cover AI-generated content, or are there gaps enterprises should worry about?
Current intellectual property laws in Australia have not kept pace with the rapid evolution of AI, particularly as organisations embed generative and agentic AI into core business processes. Most existing IP frameworks assume human authorship, which creates ongoing questions around ownership and the protection of AI-generated outputs. Not to mention, many existing contracts and compliance frameworks also pre-date widespread AI adoption and often assume outputs are both original and fully owned. As a result, if staff use AI tools to generate content, organisations may not be able to claim copyright over software code, marketing materials, training content, designs or reports produced using those systems.
From an enterprise perspective, a key challenge is defining where human input ends and AI-generated content begins, and whether human effort such as prompting is sufficient to establish authorship and ownership. Since AI is used across software development, content creation and decision-making, this creates uncertainty in how IP rights apply in practice.
As AI becomes more autonomous, organisations increasingly need to demonstrate clear chain of custody across the AI lifecycle, including data sources and models used as well as the level of human oversight applied.
Current laws provide a baseline, but gaps remain, so organisations must strengthen governance and responsible AI practices as adoption scales.
4. What are the biggest risks companies face when using third-party AI models and platforms?
One major risk is loss of control over the governance layer. When AI systems depend on third-party platforms, enterprises may lose visibility over how decisions are made and how data is used.
Another risk is fragmented deployment. AI is often introduced quickly across separate teams, creating gaps in oversight and undermining consistency. This increases exposure to security and compliance issues. That is a problem even when you don’t have shadow AI, when employees use AI tools without telling the employer.
AI agents also expand the attack surface of organisations. As autonomy increases, so does the potential for exploitation if controls are not in place.
5. How can organisations make sure the value created by AI stays within the business?
Organisations need governance embedded into the operating model from the start. Clear ownership of the control plane sits at the enterprise level, with defined accountability for how AI systems are deployed and managed across the business.
The AI systems need to operate within defined identity and policy boundaries. This ensures that decisions remain traceable, enforceable and owned by the enterprise.
This also means the enterprise needs to develop processes to retain institutional knowledge and be able to reuse improvements and acquired capabilities independently of the AI model that is being used.
6. Is governance now becoming more than just risk management? How is it turning into a competitive advantage?
As governance becomes a way to retain and protect IP, it plays a growing role in the company’s competitive advantage. Without it, businesses risk having their knowledge used by competitors who have access to the same AI tools.
Strong governance also allows higher levels of autonomy without loss of control. This improves speed and trust in automated decisions, which is another way companies can become more competitive.
Organisations that achieve this balance can deploy AI at scale more confidently than competitors. In this way, governance becomes a driver of performance.
7. What are some common mistakes companies make when it comes to AI ownership and control?
One common mistake is deploying AI in isolated projects without a unified governance model. This creates fragmented systems that are difficult to control.
Another is treating governance as a post-deployment activity. In those cases, visibility into AI behaviour is limited, and risks are discovered too late.
A further issue is reliance on external platforms for core intelligence. This can reduce control over data and weaken long-term ownership of insights.
8. How can enterprises build AI strategies that protect their data, insights, and intellectual property?
Enterprises need AI strategies built on governed autonomy. This means governance is embedded directly into design and deployment rather than added later.
Key elements include controlled identity for AI agents, defined access to data, and clear policy enforcement. Simulation and testing are also important before deployment into live environments. Digital twins and controlled environments allow organisations to validate how autonomous systems behave under real conditions.
Once deployed, governance continues through monitoring and lifecycle controls that include updates and retirement of agents when they are no longer needed. The goal is to keep data and intelligence under enterprise control while still enabling AI at scale.
9. What role do platforms like ServiceNow play in embedding governance into everyday workflows?
Platforms like ServiceNow help embed governance directly into operational workflows. They support the management of AI agents and the monitoring of risk across systems.
New platform capabilities also help detect issues such as overprivileged or inactive agents. They can restrict unapproved integrations and apply system-wide risk scoring.
When combined with enterprise platforms such as ERP systems, this creates a consistent governance layer across the organisation.
10. Looking ahead, how do you see AI reshaping ownership, control, and accountability in enterprises over the next 3–5 years?
AI is transitioning from a supporting tool to a core operational layer inside enterprises. This will shift ownership and accountability toward those who control AI governance systems.
Autonomous systems will take on more complex decisions across business operations, which in turn reduces the effectiveness of traditional oversight models that rely on manual intervention. Companies will have to treat governance as infrastructure.
