Govern the AI you already turned on

GitHub Copilot. Claude Code. Cursor. Lovable. CoPilot Studio. Six members across six industries spent the last 30 days naming the AI tools already running inside their walls, and asking the same question: how do we govern what we already turned on?

This is not category shopping. Nobody is asking which AI platform to buy. A VP of Information Security in Business Services listed five coding agents his team has officially approved and said he is trying to wrap his arms around all of it. A CISO in Holding Companies & Conglomerates is already running CoPilot Studio and worried the guardrails are too thin. An IT Director in Manufacturing has been building agents internally on Microsoft and is now looking for a way to control them. A CISO in Healthcare is evaluating governance that spans the full AI lifecycle because the lifecycle started without one.

The pattern underneath: the buying decision already happened, one developer and one department at a time. The open decision is governance, and it is arriving after deployment, not before. The DoGood network is watching IT leaders reach for a control layer to wrap around tools their own people already switched on.

Most-named vendors and tools in member priority submissions over the last 30 days:

Microsoft, incl. Copilot Studio / Azure / Entra (14), Claude / Anthropic (5), ChatGPT / OpenAI (4), GitHub Copilot (2), Cursor (1), Lovable (1), Heeler (1), Palo Alto (1).

The list is almost entirely AI tools members are already running, and almost empty of anything they would govern those tools with. Microsoft anchors it because members run Microsoft for AI, identity, and cloud all at once. Below that sits a spread of coding agents and copilots. The governance side is a single mention here, a single mention there. Concentration on the problem, fragmentation on the solution: members agree on what they deployed and have no shared answer for how to control it.

Three different industries, one shared sequence: deploy first, govern second.

Two raw asks pulled directly from member submissions in the last 14 days, unedited:

Both members are governing tools that are already in production: one a sanctioned stack of coding agents, the other an unsanctioned wave of employee-built apps. Same gap, opposite ends of the approval line.

34 IT leaders joined the DoGood network in May. The senior cohort included:

The May cohort skews public sector (Government was the densest single industry) and runs 85% senior (CIO, CISO, CTO, or VP titles). Notably, several net-new AI leadership roles joined the room this month, including a Chief AI Officer and an IT AI Center of Excellence lead.

The data in this issue came from priority submissions by 5,000+ enterprise IT leaders. If you run IT or security at a $100M+ company and want to see what your peers are funding — and earn rewards for participating in vetted meetings with the vendors worth your time — apply to join DoGood.

On May 26, Gartner warned that applying uniform governance across AI agents will lead to enterprise AI agent failure, and predicted that by 2027, 40% of enterprises will demote or decommission autonomous agents because governance gaps surfaced only after a production incident. Gartner's point is that the reflexive move, one blanket policy over everything, breaks two ways: over-restrict the simple agents and you slow delivery and push developers into shadow builds; under-restrict the autonomous ones and you take on real security and compliance risk. Its recommended fix is proportional governance that sorts agents by autonomy level, separating what an agent can do from the scope of access it is granted.

That is the headline catching up to what the network already knew. The members above are not asking for one switch to govern Copilot Studio, Claude Code, and a citizen developer's weekend app the same way. They are asking how to tell those apart. The citizen-developer wave one member flagged is the exact shadow development Gartner says blunt governance produces.

Bottom Line: The hard part is no longer deciding to govern AI; it is governing each tool at the level of risk it actually carries, before the incident makes the call for you.

This week, inventory every AI tool currently running in your environment that can write, act, or call an API, not just the ones procurement approved. Tag each one by whether it can take actions or only read, and which credentials it holds. That action-versus-read split is the proportional-governance starting line, and it is the gap most likely to be found for you in an incident first.

Your peers named the AI already inside their walls this week. See what they are reaching for to govern it: apply to join DoGood.

Know a CIO who needs this? Forward it and they can subscribe here.