← All notes
LeadershipAI

Protect Reliability While Shipping AI Faster

A decision framework for balancing feature delivery with the maintenance, evaluation, and operational capacity dependable AI systems require.

A team has capacity for 100 units of work next quarter. Product requests consume 70. Security remediation needs 12. Model evaluation, dependency upgrades, incident follow-ups, documentation, and on-call improvements need another 30.

The arithmetic does not work, but the roadmap can still be made to look as if it does. Move the upgrades. Reduce the evaluation set. Leave two incident actions open. Assume the experienced engineer will answer questions that were never documented. Call observability a later enhancement. The plan now fits on a slide.

Nothing has become cheaper. The cost has only moved from the roadmap into operational risk.

This is a common leadership problem in AI, data, and software work. Visible features have names, sponsors, deadlines, and demonstrations. Reliability work is often described as background maintenance until its absence interrupts the business. Leaders therefore need more than a reminder to “invest in quality.” They need a way to decide how much operational capacity is safe to reallocate, what must remain protected, and what the business will give up when demand exceeds capacity.

My recommendation is to establish a reliability floor: a small set of measurable conditions that a service must satisfy before a team takes on more delivery risk. It is not a fixed percentage for every organization. It is a decision boundary tied to users, failure impact, and evidence.

Start with the capacity decision, not the backlog

The useful planning conversation begins before individual tickets are ranked. First decide which kinds of work must continue for the service to remain supportable.

Capacity claimEvidence to reviewDefault leadership response
The service is healthy enough to accelerateSLO performance, error-budget trend, incident load, support demandAllow more change, but preserve monitoring and regression tests
Repetitive operations are absorbing the teamInterrupt hours, manual steps, recurring ticket categoriesFund automation or simplification before adding more scope
AI quality is uncertainEvaluation coverage, failure categories, human overrides, production feedbackLimit rollout and reserve capacity for evaluation and fixes
A critical capability depends on one personOwnership map, runbooks, access, recovery rehearsalReduce concentration risk before increasing dependency
Maintenance can be postponedUpgrade deadlines, vulnerabilities, vendor support dates, data freshnessRequire a dated exception, an owner, and a recovery cost estimate
New delivery is still mandatoryBusiness impact, regulatory deadline, opportunity costRemove or degrade another commitment explicitly

This table changes the unit of discussion. Instead of asking whether maintenance ticket 143 is more important than feature 82, leaders ask what evidence permits the organization to accept more change. It also prevents every tradeoff from being framed as engineering resistance. A product leader can challenge the reliability target. An engineering leader can challenge the delivery assumption. Both sides have to discuss consequences.

Google’s Site Reliability Engineering guidance formalizes one version of this idea through service-level objectives and error budgets. A service with an agreed reliability target has a limited tolerance for failure. When that tolerance is consumed, a written policy can shift effort from releases toward stability. When the service is comfortably within its objective, the team can take more delivery risk.

The important lesson is not that every team must copy Google’s process. It is that reliability and speed need a shared control mechanism. Without one, the stakeholder with the nearest deadline usually wins.

An AI service has more foundations than its interface reveals

A normal application already relies on source code, infrastructure, data, deployment systems, security controls, and people who know how to operate it. An AI application adds another set of changing parts: prompts, models, retrieval indexes, evaluation data, tool definitions, safety policies, and provider behavior.

Consider an internal support agent. To a user, it may be one text box. Operationally, it may depend on:

  • current and correctly permissioned source documents;
  • a parsing and indexing pipeline with freshness checks;
  • a model endpoint with rate, cost, and latency limits;
  • tool calls that handle timeouts and malformed responses;
  • regression tests for retrieval, answers, refusals, and actions;
  • traces that make a failed answer reproducible;
  • a human escalation path for ambiguous or high-impact cases;
  • an owner who can disable or roll back the workflow.

Removing time from any one of these areas rarely breaks the demonstration immediately. That delay makes the decision feel safe. Yet skipped work accumulates as stale context, weak tests, noisy alerts, undocumented dependencies, broad permissions, and slower recovery.

This is why feature count is a poor measure of capacity. Two teams can ship the same interface while carrying very different operational exposure. One has tested fallbacks, clear ownership, a current index, and a rollback path. The other depends on a prompt nobody wants to touch and an engineer who remembers how the ingestion job works. The screenshots look identical.

Define the reliability floor in user terms

A reliability floor should describe the minimum acceptable state of a service, not a general ambition to make it robust. Begin with the user outcome and the failure that matters.

For a data pipeline, the floor might cover freshness, completeness, recovery time, and the accuracy of business-critical transformations. For an AI extraction workflow, it might cover schema-valid output, field-level accuracy, review rates, sensitive-data handling, and a safe path for low-confidence cases. For an agent that can take actions, it should include permission boundaries, step limits, approval points, audit records, and a tested stop mechanism.

Five questions help make the floor concrete:

  1. Which user outcome must remain dependable? Availability alone is not enough if the service is responding with stale data or unsupported answers.
  2. How much failure can the workflow tolerate? A drafting assistant and a system that changes customer records should not share a threshold.
  3. How will the team detect deterioration? Name the signal, its owner, and the review cadence.
  4. What action follows a breach? Pausing rollout, narrowing scope, adding human review, or prioritizing remediation should not be invented during an incident.
  5. Who can approve an exception? The person accepting the risk needs enough authority and business context to own the consequence.

The floor will not eliminate judgment. It makes judgment visible. It also gives technical leaders language that is more useful than “we need more time.” They can say, for example, “The retrieval freshness objective has failed for three weeks; expanding to another department would expose more users to outdated policy answers. We can delay the rollout or fund the ingestion fix.”

Measure the work that disappears from plans

Maintenance capacity is often hard to defend because teams do not consistently measure it. Interrupts arrive through chat. Senior engineers help people privately. A flaky pipeline is restarted manually. A model response is corrected by an operations employee. Each event looks small, and the planning system records none of them.

Google SRE’s guidance on measuring and eliminating toil recommends objective, continuous measurement because intuition is neither repeatable nor easily transferred between people. That principle works well beyond formal SRE teams.

Track a few signals that expose where capacity is going:

  • hours spent on interrupts and repeated manual recovery;
  • incidents and support requests by recurring cause;
  • age and completion rate of incident action items;
  • deployment rollback and change-failure patterns;
  • evaluation failures introduced by prompt, model, or retrieval changes;
  • time required to diagnose and restore a service;
  • dependencies with expired support or urgent security updates;
  • systems without a second operator, current runbook, or tested restore path.

Do not turn this into time-sheet theater. The goal is to find structural demand, not to account for every minute. If engineers spend six hours each week correcting the same data-quality failure, that is not merely six hours of support. It is evidence for a data contract, validation rule, ownership change, or redesign.

When I teach data and AI, learners understandably concentrate first on producing the visible result: the dashboard, prediction, or model response. The harder shift is learning to inspect the inputs, test failure cases, and make the result reproducible. Organizations face the same temptation at a larger scale. The output earns attention; the controls make it dependable.

For a deeper look at that difference, The Hidden Work Behind Reliable AI Projects explains why evaluation, data preparation, monitoring, and integration belong in the estimate rather than after it.

Do not let AI-generated code create imaginary capacity

AI coding tools can shorten some implementation tasks. That is useful, but saved typing time is not automatically spare organizational capacity.

Generated code still enters an operating environment. Someone must understand its dependencies, review security implications, test behavior, deploy it, monitor it, and maintain it. Faster code creation can even increase the number of changes competing for review and the number of services a team is expected to support. Local acceleration can create system-level congestion.

The same distinction applies to AI automation. A customer-service agent may reduce the time required to draft replies while adding model spend, evaluation work, knowledge-base maintenance, exception handling, and supervisory review. The business case may remain strong, but the new operating costs belong in it.

Leaders should ask where the saved capacity actually appears:

  • Did cycle time improve from request to safe production release?
  • Did operational demand fall, or did work move to review and exception queues?
  • Did the change reduce total effort across engineering, operations, security, and users?
  • Did quality remain within its agreed threshold?
  • Can the team support the additional output over time?

This protects the roadmap from a dangerous assumption: because individual tasks became faster, the team can accept unlimited new commitments. Faster construction does not remove the cost of ownership.

Use explicit degradation instead of invisible erosion

Sometimes a business must reduce cost or meet a deadline. A reliability floor does not make scarcity disappear. It makes the response deliberate.

There are safer ways to reduce demand than quietly skipping foundational work. A team can narrow the supported use cases, reduce service hours, lengthen a noncritical freshness target, keep an AI workflow in draft-only mode, postpone a market expansion, retire a low-value feature, or require human approval for a smaller set of high-impact actions. These choices may disappoint stakeholders, but their consequences can be explained and monitored.

Invisible erosion is different. The public commitment stays the same while the supporting capacity falls. Users still expect the old response time. Leaders still expect the full roadmap. Engineers absorb more interruptions. Risk has increased, but nobody outside the team has agreed to it.

If a reliability target is too expensive, renegotiate the target. If delivery demand is more valuable, name the maintenance item being deferred and record the exposure. If neither can move, the gap is a resource decision for leadership—not a private burden for engineers to absorb.

This is related to cost discipline but has a different purpose from How to Cut AI Costs Without Breaking the Business. Cost optimization asks how to remove waste while protecting value. A reliability floor asks whether the remaining service is still safe to change and support.

Protect recovery capacity, not just prevention

No practical reliability policy prevents every incident. Teams also need enough capacity to learn and recover.

At minimum, a critical service needs an owner, useful telemetry, a response path, backups or rollback where appropriate, and time to complete important follow-up work. AI systems add the need to preserve relevant traces and versions. If a bad outcome cannot be connected to the prompt, model, retrieved context, tool call, policy, and application version involved, diagnosis becomes guesswork.

Recovery capacity also includes people. On-call load that depends on one expert is not a sustainable control. Neither is a runbook that has never been used by someone other than its author. Rotate ownership, rehearse likely failures, and test restoration. A controlled exercise is cheaper than discovering during an outage that access is missing or the backup cannot be restored.

The aim is not perfect documentation. It is reducing the number of failures that require memory, heroics, or luck. Why AI Projects Fail on Hidden Assumptions offers a complementary way to expose those dependencies before an incident does it for you.

Make the tradeoff survive a change in leadership

An informal reliability agreement lasts only as long as the people who remember it. Roadmaps, reorganizations, vendor changes, and new executives can reset priorities while inherited operational exposure remains.

Write down the reliability floor, the evidence reviewed, and the action triggered when a threshold is crossed. Keep exceptions dated. Record who accepted them and when they will be reconsidered. Put major remediation beside feature work in the same planning view. Report a small set of trends to product and business leadership, not only to engineers.

This is not an attempt to protect technology teams from accountability. It creates shared accountability. Engineering must provide credible measurements and avoid using reliability as a reason to pursue endless technical perfection. Product must acknowledge that every service promise consumes capacity. Executives must decide which business outcomes matter when the total demand cannot be met.

The strongest policy is one the organization will actually enforce. Start with one important service and a few meaningful signals. Observe the tradeoffs for a quarter. Adjust targets that produce either constant alarms or no useful decisions. The practice should become more accurate with evidence.

Reliability is a limit that enables speed

Fast teams are not teams that say yes to every request. They are teams that know how much change their systems and people can absorb, notice when conditions deteriorate, and redirect work before recovery becomes expensive.

A reliability floor gives leaders a disciplined way to do that. Define the user outcome. Agree on tolerable failure. Measure operational demand. Decide in advance what happens when the boundary is crossed. Make any exception visible to the people accepting the risk.

This will not make every planning conversation comfortable. It will make the arithmetic honest.

The goal is not to preserve every process or prevent all change. It is to keep delivery from consuming the very capabilities that make future delivery possible: maintained systems, tested recovery, current data, observable workflows, and people with enough time to improve what they operate.

Ship quickly when the evidence supports it. Slow down when reliability is being consumed faster than it is restored. That is not a conflict between innovation and maintenance. It is how durable innovation is managed.

More notes