Over the last few years I have sat in strategy reviews where the AI portfolio looked more orderly than it really was.
The spreadsheet was clean. Use cases had owners, estimates, dependency notes, a vendor column, and a status colour. Some had customer impact ratings. Some had draft controls. A few had already attracted executive sponsorship because the demo was good and the operational pain was real.
Then someone asked the question the pack had not been built to answer: why are we doing this one at all?
Not whether it could be governed. Not whether privacy, security, architecture, legal, risk, finance, and procurement could each add a condition. They usually could. The harder question was whether the use case belonged inside the organisation’s chosen AI posture in the first place.
The room became careful. The answer drifted toward feasibility, benefit, and momentum. It was in the pipeline because it was plausible.
That is the gap. Strategy is the negative-space discipline. A portfolio without an excluded-use-case list is not a portfolio; it is accumulation.
The first essay in this thesis blog argued that AI governance becomes real when it can change a decision before the decision becomes something the organisation has to explain afterwards. This is where that test starts. Many AI programmes treat every credible idea as a candidate for governance. A retrieval assistant, an employee case triage workflow, a pricing recommender, a customer-facing agent, and a vendor-embedded copilot all enter the same machinery because each has a business sponsor and a plausible benefit case.
The result is not ambition. It is load. Committees inherit work that strategy did not refuse. Risk teams are asked to design controls for systems the organisation has not chosen to compete through. Technology teams are asked to harden experiments whose value depends on assumptions no one has been willing to kill. Legal and regulatory specialists are pulled into late-stage rescue, when the better operating-model question was earlier and blunter: does this use of AI belong here?
Most maturity models miss this because they reward the presence of governance artefacts. They ask whether there is an AI strategy, a prioritisation process, an intake workflow, a risk classification, a policy, a responsible executive, a register. Those things matter. But they do not prove that strategy has made a choice.
The better evidence is negative space.
Strategic posture, D1.6 in the framework, asks where AI will compete, where it will merely make work cheaper, where the organisation will consume vendor capability without claiming differentiation, and where AI will not be used even if the technology is available. The point is not to produce a defensive blacklist that freezes learning. The point is to define the boundary conditions under which a use case can enter the portfolio at all.
That boundary needs reasons attached. “Not now” is not a posture. “Not in primary credit-decisioning until explanation, adverse-action evidence, monitoring, and human-review economics are proven” is closer to one. “Use generative AI for internal knowledge discovery, but not for unsupervised customer remediation correspondence” is closer again. The wording will differ by sector, risk appetite, capability, data quality, and competitive thesis. The discipline is the same: name the spaces where AI is meant to change the basis of competition, and name the spaces where its plausibility is not enough.
This is also where specialist deferral matters. AI FinOps can show that a pilot’s cost per successful task, review load, vendor pricing, or retrieval design will not survive scale. The accounting treatment, capitalisation questions, and reporting consequences belong with AASB and IFRS specialists. The operating-model question is whether those cost classes are visible before the portfolio treats the use case as value-positive. Competitive intelligence can show that a capability is table stakes, temporary advantage, or strategically irrelevant. The market thesis belongs with strategy and corporate development teams. The operating-model question is whether that thesis has authority to stop the work.
Without posture, the downstream governance questions become noisy.
Authority, D6.1, is the first cascade. The framework is deliberately role-neutral because there is no single correct title for AI leadership. A CAIO can work. An expanded CIO, CDO, or CTO mandate can work. CEO-direct ownership can work where AI is close to business-model change. A regulated three-lines-of-defence arrangement can work where execution, risk challenge, and assurance need separation. But authority cannot be made coherent if the organisation has not decided what AI is allowed to be important for. Otherwise every pause decision becomes a local negotiation between enthusiasm, risk tolerance, and sunk cost.
Reversibility, D6.4, is the second cascade. If a use case affects a customer, employee, supplier, citizen, or internal stakeholder, the organisation has to know how a contested outcome can be challenged, corrected, reversed, or explained. Employment law, anti-discrimination, privacy, and statistical methodology specialists answer their parts of that question. The operating-model issue is upstream: a use case that the organisation should never have admitted will still demand a path back through the decision once it is live.
Notification, D10.5, is the third cascade. There is no AI-specific Australian notification scheme as at May 2026. Existing schemes apply where their preconditions are met. OAIC handles privacy, including the Notifiable Data Breaches scheme (“NDB”) under the Privacy Act 1988 (as amended by the Privacy and Other Legislation Amendment Act 2024). APRA is the prudential regulator; CPS 230 is operational resilience, including critical operations within tolerance levels and material service provider arrangements, while CPS 234 is information security. ASIC is market conduct. The Security of Critical Infrastructure Act 2018 Notification of Cyber Security Incident (“NSCI”, Part 2B) applies where a designated critical-infrastructure asset is involved, and can apply to AI-driven cyber incidents on those assets where Part 2B thresholds are met. DTA reportable-incident pathways apply where a Commonwealth agency is in scope. ASX continuous disclosure applies to listed entities. A separate upcoming change: from 10 December 2026, new APPs 1.7–1.9 will require entities to disclose how personal information is used in substantially-automated decisions affecting individuals. That is transparency, not notification, but it lands on the same accountability surface. The operating model should not blur those bodies into a single generic regulatory actor. It should know which incidents could trigger which pathway, and it should make sure evidence is not being assembled for the first time after harm appears.
Seen through the dependency lens, posture is not a decorative strategy artefact. It is the upstream filter that determines what authority must be able to stop, what reversibility must be designed for, and what notification evidence may be needed later. Weak posture does not remove those obligations. It distributes them badly.
The rest of Pillar 1 still matters. D2 AI-to-Value turns demand into a portfolio with stop and pivot evidence. D3 Data and Knowledge asks whether the organisation can find, classify, permission, retrieve, and defend the information AI depends on. D4 Tech and Platform asks whether approval decisions can actually shape deployment, failover, and provider dependency. The full Strategy pillar belongs at /framework/strategy. This essay is narrower because the failure usually starts earlier than those dimensions. It starts when plausible use cases are allowed to enter without a posture strong enough to refuse them.
There is a useful test for the next AI strategy review. Do not begin with the top ten opportunities. Begin with the excluded list.
If the organisation cannot name what it will not do with AI, it has not yet named what it is doing with AI.
This is the second essay in the thesis blog. The framework sits across three pillars; the next essay covers Pillar 2: Responsible & Agentic AI Governance. New essays publish each Tuesday and Friday morning at 06:00 AEST.