The right level of AI autonomy depends on the task, the risk, and your organisation's comfort. A compliance report draft might sit at Level 1 — the AI drafts, you decide. A client intake assistant that handles referrals and schedules assessments might sit at Level 2 — the AI prepares, you approve. An AI agent that proactively monitors regulatory changes and updates your procedures might sit at Level 3 — with the right guardrails in place.
Most organisations start at Level 1, build confidence at Level 2, and only move to Level 3 for specific, well-defined workflows where the ROI justifies the oversight framework.
The Three Levels
AI operates as a tool — suggests, drafts, organises — but never acts on your behalf.
What it can do
Generate drafts, summarise information, answer questions based on your policies, suggest next steps
What it cannot do
Send messages, update records, make decisions, take any action without explicit human instruction
Best for: First-time AI adopters, high-stakes compliance tasks
Human involvement: Every output reviewed and actioned by a person
AI can take action but only after seeking your approval.
What it can do
Prepare and stage actions — drafts, form fills, calendar entries — present them for approval, execute on confirmation
What it cannot do
Execute without approval, make independent decisions, modify existing records without human confirmation
Best for: Recurring workflows where speed matters but oversight is non-negotiable
Human involvement: Human reviews and approves all actions before execution
AI operates independently within clearly defined boundaries.
What it can do
Execute multi-step workflows autonomously, make routine decisions within defined parameters, escalate exceptions
What it cannot do
Override guardrails, make decisions outside its defined scope, take actions with compliance or safety implications without escalation
Best for: High-volume, low-risk recurring tasks
Human involvement: By exception only
At a Glance Comparison
|
Assist |
Supervise |
Delegate |
| Action |
AI suggests but never acts |
AI prepares and stages actions |
AI executes within defined scope |
| Approval |
Every output approved by human |
Human reviews then approves |
Human handles exceptions only |
| Write access |
No system write access |
Write access only after approval |
Bounded write access |
| Best for |
High-stakes content |
Recurring workflows |
High-volume routine tasks |
| Oversight |
Full human oversight always |
Human-in-the-loop at decision point |
Escalation guardrails built in |
Guardrails Apply at Every Level
"No matter which level of autonomy you choose, every AI solution we build includes the same foundational protections:"
- Pre-programmed boundaries — The AI knows exactly what it can and cannot do, and won't operate outside those lines
- Escalation triggers — When uncertainty or complexity exceeds its scope, it escalates to a human — it doesn't guess
- Human oversight — A real person reviews before any major decision or action, regardless of autonomy level
- Your data stays yours — Hosted on your infrastructure or a secure private environment, never shared with third parties
- Audit-ready logging — Every action, every decision, every escalation is logged and reviewable