Most failed AI programmes did not fail technically. They failed because the people around them were not prepared, supported or trusted. Risk lives in those gaps.
When an AI tool is introduced into a knowledge-work process, three things tend to change. The marginal cost of producing a first draft falls dramatically. The distribution of effort moves from generation to review. And the variance in quality increases — the best output is sometimes better than the human baseline, and the worst is sometimes much worse.
Empirical evidence from large field experiments has shown that experienced professionals using generative AI produce material productivity gains on tasks within the model's competence and material losses on tasks outside it (Dell'Acqua et al. 2023). Outcomes depend on whether the user can tell which is which.
The literature on automation bias goes back decades and is depressingly consistent. Humans tend to over-trust automated outputs when they appear confident, and to under-use them when they have previously been burnt (Parasuraman and Manzey 2010). AI is a particularly hard case because its outputs are typically fluent, plausible and confidently delivered, regardless of whether they are correct.
Effective programmes counter this with deliberate scepticism. They show users the model's failure modes, not only its successes. They preserve channels through which dissent is rewarded. They build review steps into workflows that involve genuinely independent humans, not the same person re-reading their own AI-assisted draft.
When AI takes over the first 70 per cent of a task, the human role changes shape. The junior who used to learn the craft by doing the first draft now reviews the model's first draft. The senior who used to review the junior's draft now needs to recognise a new failure mode. The career ladder, the apprenticeship structure and the basis on which competence is judged all shift.
Organisations that lead this change deliberately — redesigning roles, retraining managers, updating performance frameworks — preserve their pipeline of expertise. Organisations that allow it to happen by accident lose the senior judgement they will need within five years to supervise the AI itself.
The EU AI Act explicitly requires providers and deployers to ensure their staff have a sufficient level of AI literacy (European Parliament 2024). Beyond compliance, this is one of the highest-leverage risk interventions available. A workable programme has three tracks.
For users: what the sanctioned tools do well and badly, what to paste and what not to paste, how to recognise hallucination, how to escalate concerns. Short, contextual, repeated.
For managers: how to set expectations for AI-assisted work, how to measure it without rewarding superficial productivity, how to handle the disclosure and attribution questions that arise.
For executives: the strategic landscape, the principal risks, the governance structure, the decisions that come to them. Enough to ask the questions in our companion guide on board oversight, and enough to recognise a thin answer.
A control set works in a culture that takes it seriously and fails in a culture that treats it as bureaucracy. AI is unusually exposed to cultural moderation because so much of its use is discretionary, individual and unobserved. Investment in the human dimension — leadership behaviour, psychological safety, learning culture — does more to determine AI risk than any single tooling decision.
ISO-STANDARD.app gives the human dimension a structure — competence records, training evidence, role-based controls and the operating rhythm that keeps AI use deliberate.
ISO-STANDARD.app ships a ready-to-adopt ISO 42001 workspace with the risk register, controls catalogue, policies and audit-ready exports already wired together — no spreadsheet sprawl, no consultant lock-in.
Prefer a conversation? Email hello@iso-standard.app — a real human responds within one business day.
