How IT teams are putting AI agents to work

I’ve spent a lot of time inside enterprise AI deployments, and one thing that has become clear is that IT departments are leading the charge. Of course, enterprises are starting to consolidate licenses for AI platforms within the IT team budget. But inwardly, while other parts of the enterprise are still debating the use case to start with, IT teams are rapidly building agents that run thousands of times a month.

According to a new Dataiku survey, 74% of CIOs say their role will be at risk if their company does not deliver measurable business gains from AI within the next two years. This pressure, from my perspective, has encouraged experimentation: IT teams are a hotbed of innovation, iterating on workflows to see what will achieve the fastest time to value and the highest level of operational savings. So, here’s what I’m seeing in the most successful deployments — often workflows that used to require a human at every step but now take mere minutes to run.

24/7 ticket triage

The highest-volume deployments I come across in enterprise IT are in ticket management. One financial services firm I worked with built a workflow where incoming support tickets are automatically analyzed, categorized, prioritized and updated in their ITSM system, without any human intervention.

The system uses multiple large language models (LLMs) in parallel to assess category, priority, urgency and recommended next steps, then compares those recommendations against existing ticket values. This workflow has processed over 900 tickets; it runs about 68 seconds per ticket. To an outsider, this sounds slow, until you consider the manual human effort it has helped relieve.

Often, I see teams integrating with their existing platforms, like Zendesk. I helped build a SaaS company’s webhook-triggered triage agent that fires the moment a new ticket lands in Zendesk. It reads the ticket, attachments and all, generates a structured JSON object. Then, it recommends next steps and writes a comment directly back to the ticket with tags applied automatically. IT team members wake up to pre-triaged tickets, ready to act on.

Advanced chatbots 

RAG-based IT support bots are everywhere now, but the deployments I find most impressive go well beyond a single PDF upload. I’ve seen enterprises build support bots that pull simultaneously from four Confluence spaces, SharePoint and uploaded internal files. Employees ask questions at any hour of the day and get answers grounded and cited in documentation that has been continuously refreshing for the highest level of accuracy.

One team built a chatbot where IT staff type plain English questions and get back executed Snowflake query results, with the AI handling SQL generation under the hood. Similar chatbots can also be done with Azure connections. Query completion time clocks in at about 60 seconds for these use cases.

Something I’ve realized is that IT teams are often those who can best see around the corner when it comes to safety and security. One example: a team that smartly layered PII protection directly into their agentic chatbot. Every employee question passes through a PII-scrubbing step before it ever reaches the language model. Architectures like this will become increasingly common as the best practices for AI governance develop. 

Security reviews at scale

Security and compliance is one of the areas where I’ve seen AI agents create the most immediate time savings. One bank deployed a workflow for information security document review that runs three different LLMs over uploaded security documentation simultaneously. Each model checks the accuracy of the other models, with a 133-second average runtime. This is a good example of how determinism and autonomy can be built into an agent architecture: there are three defined steps for each LLM; but within each step, the LLM will use its own reasoning skills for analysis and interpretation of unstructured data.

Another use case I’ve seen gaining traction is ISO audit preparation. One team built a workflow that first classifies which ISO standard applies to a given submission, including 27001 for InfoSec and 20000 for IT service management. This creates a pre-audit checklist that used to take a whole morning and now takes 30 seconds.

Automated alerts

Some of the most technically ambitious deployments I’ve come across are in monitoring and alerting. One financial services IT team built a data governance alerting system that queries multiple cloud databases, uses multiple LLMs to generate summaries of failures, creates Excel attachments with failure data and emails the whole package to the appropriate data steward automatically.

The system uses text-to-SQL generation to build database queries dynamically, which means it adapts to new failure types without code changes — impressive!

What the best deployments have in common

After seeing thousands of workflow runs across IT teams, a few patterns consistently separate the successful deployments from the ones that stall out.

• Multi-LLM architectures improve reliability. Many of the high-stakes workflows I’ve reviewed in this article use three or more different LLMs to break down a complex task into bite-sized steps and then compare or combine outputs to produce a single result. For security reviews and compliance analysis especially, this reduces the risk of a single LLM’s blind spots causing problems.
• Choosing the right use case is key. Looking across these deployments, none of the underlying tasks are novel: ticket triage, document review, audit prep, alerting and answering internal questions are all things IT teams have been doing manually for years. The fastest ROI comes from starting small by automating high-volume, repetitive tasks, then expanding to more complex tasks that may involve legacy portals, forms and human-in-the-loop.
• Integrations help determine ROI. Workflows that read from and write back to systems of record, whether that’s Jira, ServiceNow or Zendesk, deliver compounding value over time. Read-only workflows are useful; read-write workflows are genuinely transformative. In the future, I believe IT teams will have hundreds of agents running workflows that actually act in the background, while they focus on work that requires human judgment and discernment.

The IT teams getting the most out of AI agents right now are the ones who did the unglamorous work of mapping their processes, organizing the right knowledge bases and building integrations that fit how their teams actually operate. That’s what I keep seeing, and it’s what I’d tell any CIO looking to get started.

This article is published as part of the Foundry Expert Contributor Network.
Want to join?