← All articles Leadership

Governing AI cost at scale

Governing AI cost at scale

Governing AI cost at scale

There's a pattern that shows up in organization after organization. Leadership decides that everyone gets a license — that's the AI transformation. A budget is set, usually assuming a fraction of people will really use the tools and the rest won't touch them. Then, months in, the budget is blown and nobody can explain why.

Ask what happened and it comes out. They don't know who uses what. They don't know whether it's used for work or privately. The vendors' pricing is moving. Someone wanted the $20 tier, someone else pushed for the $200 tier, and nobody governs it — it just happens. In an organization of thousands, there's no sane way to attribute the cost back to a budget.

What actually happened is that they bought licenses and called it governance. You don't get one by buying the other. You can't govern what you can't see.

Gather deterministically

The first move is visibility, and it's mechanical, not magical. The things worth measuring are measurable: usage per person (commits and lines from the repositories), spend per person (against the API), and which license tier each person is on. Clone the repos, pull the numbers, track the spend. This layer is programmatic and deterministic. There's no judgment in collecting it, which is exactly why you can automate it without a second thought.

Treat the metric honestly

Then resist the temptation to trust the number too much. Commits and lines are a rough signal, nothing more. One of the most senior people on a team will write few lines of high complexity — a day of thinking, four lines, straight to production. Three hundred lines from someone else might mean they never really engaged. The number points; it doesn't conclude. Measure outcomes, and know the limits of the proxy you're using to do it.

Keep the decision human

Here's the line that matters most, and it's where most "AI governance" goes wrong. Gathering is one thing. Deciding is another.

The moment someone asks for the automated report — the one where the model not only collects the data but draws the conclusion and recommends the action — you should push back. You can't act on a conclusion you can't validate, and the model can't tell you what a number means for this organization, this person, this month. That meaning is the decision, and the decision is the thing leadership is responsible for. Automate it and you've automated away the only part that was yours to own.

So: automate the gathering, present the insight, and let a human take the decision. Deterministic visibility plus human judgment is governance an organization can actually live with. A dashboard that decides for you is not.

The job is the judgment

The report is the easy part. The hard part — reading it against what you know about the work, the people, and the moment, and then deciding — is the job. That's why it sits with a human and stays there.

You don't buy governance. You build the visibility, and you own the decision.

Related: Measuring outcomes, not activity and Skills as governance.