AI is rapidly becoming embedded across IT portfolios, from automation and analytics to customer-facing capabilities. This introduces a new governance challenge. Traditional portfolio controls are not sufficient on their own; organisations must also assess data sensitivity, model risk, compliance obligations and operational readiness.

The objective is not to create a separate governance framework for AI, but to extend your existing portfolio model so that AI initiatives are assessed, approved and monitored with the right level of control. Fluid provides the core capabilities required to achieve this through structured workflows, embedded approvals and stage gate governance.

Establish a dedicated AI intake workflow

The foundation of effective AI governance is structured intake. Create a dedicated AI workflow within Fluid that captures the key information required to assess both value and risk.

This should include:

• Business objective and expected outcomes
• Type of AI use case (internal, customer-facing, automation, decision support)
• Data classification and sensitivity
• Model type or third-party provider
• Level of human oversight
• Security and compliance considerations
• Estimated cost and delivery complexity

By structuring this upfront, you ensure that governance decisions are based on consistent, high-quality data rather than informal discussions.

Fluid workflows support draft submissions and collaborative input, allowing teams to refine AI proposals before formal submission. Once submitted, the request becomes controlled and auditable, ensuring integrity throughout the review process.

Embed governance using “headless approvals”

Not all governance should be visible as front-door requests. Many approvals are more effective when triggered within the lifecycle of a project.

This is where a “headless approvals” approach becomes valuable. In Fluid, you can configure workflow boards that are not exposed in standard request entry points, but instead are initiated within the project context.

This allows you to:

• Trigger AI-specific approvals from within a project
• Keep the user experience simple and uncluttered
• Apply governance only when relevant

For example, an AI project could automatically trigger:

• Architecture review
• Data protection assessment
• Model risk evaluation
• Production readiness approval

Approvals can be automated based on workflow progression. When a card reaches a defined stage, decision requests are generated and assigned to the appropriate stakeholders. Outcomes then determine the next step in the workflow, ensuring consistency and reducing manual coordination.

Route dynamically based on AI risk

AI governance should be proportionate. Not every use case requires the same level of scrutiny.

Fluid enables dynamic routing using rule-based logic. This allows workflows to adapt based on the characteristics of each request.

For example:

• Low-risk internal automation may follow a streamlined path
• Customer-facing AI or regulated data use may trigger additional approvals
• High-cost initiatives may require financial governance escalation

By defining an AI risk classification and using it to control workflow behaviour, you ensure that governance effort is focused where it matters most.

This approach also improves speed. Lower-risk initiatives can progress quickly, while higher-risk initiatives receive the necessary oversight without slowing down the entire portfolio.

Capture and protect governance evidence

AI governance requires a clear audit trail. Decisions must be supported by evidence, and that evidence must remain intact.

Fluid allows you to:

• Capture structured documentation within workflows
• Lock key properties to prevent post-approval changes
• Maintain read-only records of decisions and supporting materials

Typical evidence captured may include:

• Business cases
• Risk assessments
• Data protection documentation
• Architecture designs
• Supplier evaluations

By embedding this into the workflow, governance becomes part of the delivery process rather than an external exercise.

Use stage gates as formal control points

Stage gates provide the structure required to enforce governance at the right points in the lifecycle.

For AI initiatives, stage gates should align with key risk and decision milestones. A typical model might include:

• Idea qualification – strategic alignment and initial risk assessment
• Data and compliance review – validation of data usage and regulatory considerations
• Solution design approval – architecture, controls and oversight model
• Pilot approval – defined scope, success criteria and monitoring approach
• Production approval – operational readiness and support model
• Post-implementation review – validation of outcomes and controls

In Fluid, stage gates can be linked directly to workflows and approvals. When a project reaches a gate, approval requests are triggered automatically. The project cannot progress until the required approvals are completed.

This ensures that governance is enforced without relying on manual intervention.

Synchronise workflow outcomes with projects

Governance decisions should not remain isolated within workflows. They need to inform the project record and portfolio reporting.

Fluid enables synchronisation between workflow cards and project data. This ensures that:

• Approval outcomes are reflected in project status
• Key governance attributes are recorded at project level
• Reporting remains accurate and up to date

For AI initiatives, this means that critical information such as approval status, risk classification and governance outcomes are always visible within the project.

Manage the AI portfolio by exception

Once governance is embedded at project level, the focus shifts to portfolio oversight.

Effective AI governance at portfolio level requires:

• Visibility of which projects are using AI
• Insight into risk levels and approval status
• Identification of projects failing governance criteria

Fluid supports this through governance reporting and rule-based assessments. This allows PMOs to monitor compliance continuously and intervene where required.

Instead of reviewing every project in detail, you manage by exception:

• Highlight projects with missing approvals
• Identify high-risk initiatives requiring attention
• Track overall governance health across the portfolio

Final perspective

AI governance does not need to slow down delivery. When implemented correctly, it enables faster and more confident decision-making.

By combining structured intake, embedded approvals, dynamic routing and stage gate controls, Fluid allows organisations to govern AI initiatives as part of their standard portfolio processes.

The result is a model where:

• Governance is consistent and auditable
• Risk is managed proportionately
• Delivery teams are not burdened with unnecessary overhead
• The PMO retains clear visibility and control

This is how AI can be scaled across an IT portfolio with both speed and discipline.