June 2, 2026
Community Voice
.png)
The biggest AI failures of 2025 were not technical failures. They were governance failures. ISACA’s year-end analysis concluded that the root causes were weak controls, unclear ownership, and misplaced trust. Not insufficient compute. Not bad algorithms. Unclear ownership. That finding should sound familiar to anyone who has spent time inside CM2, the configuration management framework developed by IpX, the Institute for Process Excellence. While most management frameworks define what must be controlled, CM2 goes a step further: it prescribes that, for every element of that control, the owner must be defined at every level of the product structure, without exception. Its central organizing principle is that without clear human ownership, nothing works. Not the data. Not the change process. Not the implementation. Certainly not the culture.
The AI-in-CM conversation has accelerated. Vendors demonstrate automated impact analysis, intelligent change routing, and AI-generated documentation. The efficiency gains are real. But a dangerous assumption has taken root in the discourse: if AI can perform a task faster, it should bear responsibility for that task. That assumption collapses the moment you examine what configuration management actually requires. Speed is a property of tools. Accountability is a property of people. CM2 embeds that distinction into its structure rather than keeping it an aspiration.
In the CM2 model, every dataset below level one must carry two named individuals: a Creator and a Designated User. Not a department. Not a role title. A specific person. The Creator is accountable for ensuring the dataset is clear, concise, and technically correct. The Designated User bears a distinct and non-delegable duty: to evaluate whether the dataset is free of difficulty for every user who will depend on it — not just confirm it looks complete, but actively assess usability across the full downstream population.
This is not administrative metadata. It is the load-bearing structure of data integrity across the enterprise. When something goes wrong downstream, there must be a person who can answer: Did you read this? Did you evaluate whether it was free of difficulty for every user? Do you stand behind it?
An AI system can draft a procedure, generate a parts list, or propose a configuration baseline faster than any human. What it cannot do is bear accountability for those outputs. Accountability in CM2 is not correctness at the moment of generation. It is the ongoing commitment of a specific individual who has the expertise, context, and judgment to anticipate downstream problems before they materialize. The Audit and Release Analyst (ARA) does not substitute for that accountability. Neither does an algorithm.
Research from Harvard Business School reinforces this distinction. Their 2025 study found that AI cannot reliably distinguish good ideas from mediocre ones or independently guide long-term business strategies. More concerning, companion research demonstrated that AI produces evaluations so convincing that both expert and novice reviewers are equally susceptible to accepting incorrect conclusions. People failed proposals 9 percent more often with AI assistance than without it. The technology did not augment judgment. It overrode it.
This creates a specific risk for CM2 implementations. When AI dramatically accelerates output generation, the natural organizational pressure is to compress the review window proportionally. A practitioner who spent two hours validating a manually drafted procedure may spend twelve minutes reviewing an AI-generated equivalent. The accountability label remains on the paperwork. The substantive judgment behind it may not. The value of a CM baseline depends entirely on the integrity of its contents. Substituting algorithmic generation without protecting the conditions for meaningful human review does not accelerate configuration management. It hollows it out.
The Change Review Board (CRB) evaluates proposed changes based on business impact, cost, benefit, and risk. AI can and should accelerate the Enterprise Change Assessment (ECA). Compiling affected parts, tracing configuration relationships across product structures, and surfacing patterns from historical change data are high-volume, pattern-matching tasks where AI provides genuine value. Impact analysis done well depends on comprehensive, traceable data, and AI can make that data more accessible than any manual process.
But the CRB’s function extends beyond what an ECA can surface. Human executives must weigh changes against corporate reputation, strategic initiatives that exist in boardroom conversations rather than enterprise data systems, brand positioning that has not been quantified, and confidential risk considerations that no AI model should be trusted to contextualize unsupervised. Research published in the Springer Business Research journal found that humans outperform machines at judgment, the analysis of political situations, psychological influences, flexibility, creativity, and visionary thinking. Even when machines can identify an optimal decision, they are less likely to sell it to a diverse set of stakeholders.
That last point matters more than it appears. The CRB is not purely evaluative. It is political in the most constructive sense: it builds organizational consensus that a change is the right move, at the right time, for the right reasons. The individuals present are lending their judgment and their organizational credibility to the outcome. That credibility is what makes a change decision carry authority across the enterprise. An AI system can compile the evidence. It cannot put its reputation behind the conclusion.
The emerging concept of decision atrophy makes this more urgent. As automation increases, organizations discover that when systems think for people, people gradually stop thinking critically. Junior employees who never did the underlying work develop thinner judgment than their predecessors. The CRB’s effectiveness depends on board members who have built their judgment through years of consequential decisions. Consider what that erosion looks like in practice. A Change Review Board operating five years into heavy AI-assisted evaluation may have members who have never worked through a manual ECA from first principles. Their analytical instincts were shaped by reviewing AI-generated summaries, not by tracing configuration relationships through the product structure themselves. When an unusual change arrives, one affecting a new product variant where historical pattern data is sparse, and legacy assumptions do not apply, the AI recommendation looks confident. The board has no independent foundation to interrogate it. They approve. Two quarters later, a supplier delivers to the wrong specification because a second-order configuration relationship was absent from the dataset the AI analyzed. The failure traces back not to the AI’s processing speed or data access, but to a board that had lost the judgment to know what the AI did not know. CM2’s insistence on human strategic authority is not a conservative tradition. It is a structural defense against institutional decision atrophy.
The Change Implementation Leader (CIL) must act simultaneously as negotiator, arbitrator, and facilitator to guide the Change Implementation Board (CIB) toward a comprehensive, synchronized, and achievable implementation plan. Within the CIB, divergent stakeholder interests need to be identified, surfaced, and navigated toward consensus. This requires reading interpersonal dynamics, managing personalities across organizational boundaries, and finding paths to agreement that satisfy people as much as they satisfy the plan.
The Maintenance, Repair, and Operations (MRO) phase adds another dimension entirely. Gaining asset access from customers and owner-operators demands relationship management that workflow automation cannot replicate. These are people who own assets they have operated for years, with their own schedules, operational constraints, and organizational priorities. They cooperate when the relationship warrants cooperation, not when a system sends them a task notification. The CIL earns that cooperation through direct engagement built on credibility and trust accumulated over time.
Gathering requirements and defining project objectives in complex enterprises inevitably reveals conflicting stakeholder interests. CM2 addresses this directly: resolving these conflicts requires face-to-face communication, a human Project Manager capable of building relationships across organizational divides, and an individual willing to act as a tiebreaker when negotiation alone cannot produce consensus.
An AI system can map stakeholder positions, generate summaries of conflicting requirements, and propose compromise positions based on historical patterns. What it cannot provide is the emotional intelligence required to manage stakeholder expectations and foster genuine acceptance — the relational presence that makes a compromise feel like a collaborative decision rather than a concession extracted by process. The CIL and CIB must actively manage the people side of execution: personalities in conflict, uncertainties that emerge mid-implementation, and the organizational friction that accompanies any significant change. These are not exceptions to implementation. They are the implementation process. Interchangeability and traceability in a product configuration are technical properties. The organizational conditions that make achieving them possible are human properties, built through relationships that exist outside the system.
The deepest misunderstanding in CM2 implementation is treating it as an IT project. CM2 is a fundamental shift in an organization’s operational DNA and culture. Success is determined by the enterprise’s culture, which ultimately reduces to people: their behaviors, beliefs, and the quality of their interactions.
This is not a soft observation. It is the most data-supported finding in organizational transformation research. McKinsey’s transformation studies consistently find that transformation efforts fail approximately 70 percent of the time, and that organizations investing in cultural change see success rates 5.3 times higher than those focused on technology alone. The failure mode is always the same: organizations treat a cultural challenge as a technical deployment.
The CM2 Corporate Champion role exists precisely because cultural transformation requires visible, sustained human sponsorship at the executive level. A champion buffers implementation teams from organizational friction, navigates political resistance that no process can anticipate in advance, and communicates why the transformation matters in terms that resonate across different parts of the organization. An algorithm cannot inspire a workforce. It cannot buffer a team from corporate politics. It cannot demonstrate through visible personal behavior that information integrity matters more than schedule pressure. Engaged employees must become active participants and change agents for CM2 to take root. Motivation, alignment, and a sense of shared purpose are transmitted through human relationships and demonstrated through visible human behavior at the leadership level. These are not peripheral to implementation success. They are the primary determinant of it.
This governance challenge scales with organizational complexity in ways that single-program thinking fails to anticipate. A single-program CM implementation can succeed on the strength of one committed champion and a well-structured team. Enterprise-scale CM governance, spanning multiple programs, sites, and customer requirements simultaneously, demands a more systematic approach. The human accountability structures CM2 requires must be defined at the enterprise policy level, not inherited program by program through ad hoc adoption. Different customers impose different contractual CM obligations; different product lines operate under different baseline regimes; different sites carry different legacy system constraints that shape what accountability even means in practice. The CM2-600 standard provides the policy architecture, but activating it at enterprise scale is a governance design problem, not a tool deployment problem. AI systems that perform well in one program environment can propagate accountability gaps at enterprise scale if the human governance layer beneath them was designed with a single program in mind. The accountability question for a CM Director is not only “do we have the right people on the right programs?” It is “have we built the policy infrastructure that makes consistent human accountability reproducible across every environment we operate in?”
None of this constitutes an argument against AI in configuration management. The CM2 model states a foundational rule: processes must lead, and tools must follow. AI should be viewed as an advanced enabling software tool, governed by the same principle that IpX codified in the CM2-600 standard for PLM, ERP, and MES systems. The tool must be designed to satisfy process requirements, not the other way around.
Automation alone does not make a change process fast and efficient. It does not inherently ensure dataset integrity, stakeholder alignment, or organizational readiness. What it amplifies depends entirely on the human foundations underneath.
Once robust human-driven processes are defined, owned, and operating with appropriate accountability, AI can make a CM2 team substantially more efficient. The applications are concrete. AI can identify duplicate parts across large datasets, surfacing reuse opportunities that manual search would miss at scale. It can automate task tracking and workflow routing, reducing administrative burden on practitioners. It can support predictive modeling for safety and environmental analytics, identifying risk patterns from data volumes no human team could manually review. It can accelerate the ECA by rapidly compiling configuration data that human CRB members need for informed strategic decisions.
A future where AI handles the data-intensive, pattern-recognition work of CM while human practitioners focus on accountability, judgment, negotiation, and cultural stewardship is not a diminished version of CM2. It is a better-resourced one. As the LSE Business Review concluded: AI is revolutionizing decision-making, but not replacing human leaders. In CM2 terms: AI accelerates execution, but humans retain the authority and accountability that make execution legitimate.
The CM2 framework’s insistence on human accountability reflects a clear understanding of what configuration management actually accomplishes: it creates the conditions under which an organization can trust its information and act on it with confidence. That trust is a social property, built through human relationships, maintained through human judgment, and enforced through human accountability.
The algorithm cannot sign off. Not because it lacks processing speed or data access, but because signing off means something that cannot be delegated to an AI. It means a person has examined this dataset, applied their expertise and judgment to it, accepted responsibility for its integrity, and committed to the downstream users who depend on it. No automation replaces that commitment, because no automation can be held accountable for consequences.
The question for every organization adopting AI tools in its CM workflows is not “how much can we automate?” It is “what accountability structures are we preserving to ensure that AI acceleration serves human judgment rather than displacing it?”
What is the biggest challenge your organization faces in maintaining human accountability as AI tools proliferate through your configuration management workflows? Share your perspective in the comments.
Use code Martijn10 for 10% off training—and don’t forget to tell them Martijn sent you 😉.
Copyrights by the Institute for Process Excellence
This article was originally published on ipxhq.com & mdux.net.
Known by his blog moniker MDUX—Martijn is a leading voice in enterprise configuration management and product lifecycle strategy. With over two decades of experience, he blends technical depth with practical insight, championing CM2 principles to drive operational excellence across industries. Through his blog MDUX:The Future of CM, his newsletter, and contributions to platforms like IpX, Martijn has cultivated a vibrant community of professionals by demystifying complex topics like baselines, scalability, and traceability. His writing is known for its clarity, relevance, and ability to spark meaningful dialogue around the evolving role of configuration management in Industry 4.0.
