The Agent Sprawl Problem Is an IRM Problem

AI AgentsAutonomous IRMIRM Market Trends
Written By Ori Wellington

FICO’s chief information officer told The Wall Street Journal this week that his company’s 3,500 employees are creating dozens of new AI agents every single day. DaVita’s employees have created more than 10,000. GitLab’s CIO says their existing governance guardrails are “holding the line” — which is another way of saying the pressure is real and building. The Wall Street Journal is calling this “AI agent sprawl.” Risk professionals should recognize it by a different name: a governance failure in progress.

The mechanism is not complicated. Platforms like Claude Cowork and open-source orchestration tools have made it trivially easy for nontechnical employees to spin up independent AI agents. That accessibility is, by design, a feature. The problem is that features do not come with governance structures. When every employee at every tier of an organization can create an agent that writes briefs, manages data sets, or executes workflows, the organization does not have an AI strategy. It has an AI population.

Ori Wellington

Orion “Ori” Wellington is the lead editor for The RiskTech Journal and The RTJ Bridge, where he helps shape editorial direction, guide strategic narratives, and support media relations across Wheelhouse Advisors. As a digital editorial advisor, Ori synthesizes trends in risk, technology, and governance, drawing from roles modeled on information security, risk analytics, and IT leadership.

Part of Wheelhouse’s AI-augmented research team, Ori works to distill complex signals into actionable intelligence—bridging expertise across domains and elevating the voice of integrated risk thinking.

https://wheelhouseadvisors.com
Sign up to read this post
Join Now
Previous

Cyber Regret at the Gartner Security & Risk Management Summit: From Risk Dysfunction to Risk Agency
Next

The NC State ERM Summit Just Proved the COSO Survey Right