A financial institution rolled out an internal AI assistant to speed up routine work. Within weeks, employees across the company could search its financial models and strategy memos. No attacker breached the network. A security engineer had misconfigured a single permission.
Most boards respond to an incident like this by asking who was responsible. They name an owner, tighten a process, and move on. The next incident arrives anyway.
By now most large enterprises have built defenses against this. They route AI actions through human review. They convene cross-functional governance committees. They run risk assessments against the NIST Cybersecurity Framework. They invest in visibility so leaders can watch what their systems are doing. AI agents have started to act without waiting for human approval, and organizations have answered by placing a person at the end of the loop.
The defenses keep growing. The incidents keep coming. This article traces why.
The Responsibility Gap, as Tenable Framed It
At RSAC 2026 in San Francisco, Stephen Vintz, co-CEO of the exposure-management firm Tenable, delivered a session titled "The Responsibility Gap: AI and the Shift to True Security Accountability." TechTarget Japan covered the talk in June 2026, and it gives us a clean starting point.
Vintz described a failure mode familiar to anyone who has shipped AI inside a large organization. The data science team owns the model. IT deploys it. Legal checks compliance. Security arrives last. Each function holds a piece of the risk, and no single function holds authority over the whole. Authority over AI risk splinters across the org chart until, in practice, no one answers for it. That is the Responsibility Gap.
Vintz pushed the point past digital harm. He cited surgical AI that misidentifies anatomy and injures patients, United Nations warnings that autonomous weapons may outrun human control, and the lawsuits that families in Tumbler Ridge, British Columbia, brought against OpenAI after a school shooting the company's systems had flagged and never reported to police. Mismanaged AI reaches the physical world.
His prescription followed the contours of modern security practice. Shift from firefighting, detecting and responding at human speed, toward fire prevention. Manage vulnerabilities before they chain into an attack path. Regulate outcomes rather than named technologies. Stand up a cross-functional AI governance committee. Monitor against the NIST framework. He closed on a phrase he returned to through the talk: visibility is accountability.
Why Responsibility Fragments
The mechanics are not mysterious. The more functions touch a single decision, the harder it becomes to say who owned it. AI raised the number of functions touching every decision.
A traditional system had a clear owner and a clear operator. An AI model does not. Someone curates the training data. Someone selects the model. Someone promotes it to production. Someone uses its output in a live process. Someone watches it for drift. These people sit in different departments with different incentives.
Vintz's remedies follow from this. Assess risk before deployment. Convene a governance committee that spans functions. Monitor against an external standard like NIST. Make the risks visible. A CISO would nod at this list, and so would most boards.
AI Agents Change the Shape of the Problem
AI agents move the problem. An agent reaches data, and it also executes steps in a workflow without a person approving each one. A machine carries no ethical sense of its own. Set an agent in a situation its designers never anticipated, and it cannot weigh whether its next action is appropriate. It proceeds. Connect several agents into a network where they negotiate with one another, and the surface an attacker can reach expands fast.
Regulators have noticed. Japan's Ministry of Internal Affairs and Communications and Ministry of Economy, Trade and Industry now ask developers to build mechanisms that keep meaningful human judgment inside autonomous AI systems, citing malfunction, privacy violations, and unintended actions. Version 1.2 of their AI Business Operator Guidelines carries the same principle. Keep a human in the loop.
The field has converged on a direction. Insert human oversight. Supervise through a committee. Monitor against a standard. Make risk visible. Assemble all of it, and the Responsibility Gap should close.
The Defenses Run, the Incidents Persist
They do not close it.
Set the defenses side by side again: human review, governance committees, risk assessments, NIST alignment, visibility, a human in the loop. Each runs inside thousands of enterprises today, and incidents keep happening inside those same enterprises.
These measures share a property. Each one organizes who answers for an event after it happens. Visibility records what occurred. A committee assigns who supervises. A risk assessment estimates how far damage could spread. Useful instruments, all aimed at accountability after the fact.
When that financial institution exposed its strategy memos, the missing piece was not an accountable owner. The missing piece was a settled answer to a prior question: under whose authority could that permission change, and how far did that authority extend? Visibility makes the change auditable. It does not decide who should have made it.
From Responsibility to Authority to Judgment
Assigning responsibility and designing authority are separate acts. Boards spend most of their attention on the first. The second goes undone.
Responsibility Looks Backward
Responsibility asks: Who answers for what already happened?
Authority asks: Who had the legitimate right to decide before it happened?
When AI enters a decision, the act of deciding distributes across people and systems. The organization hands part of the decision to the model and keeps the rest with a person. Unless someone draws that line on purpose, the model and the people around it each assume the other holds it.
Visibility will show where the decision slipped. A governance committee will name who supervised. Neither one sets the boundary itself. In an era of autonomous agents, the unresolved question is authority: the legitimate right to decide, its limits, and the point where it passes to someone else.
The Missing Object of Design
Organizations have spent years designing processes. They have designed controls. They have designed oversight. They have designed reporting structures.
Yet one thing remains largely undesigned.
Judgment itself.
Not the quality of judgment. Not the ethics of judgment. Not the auditability of judgment.
But the structure through which judgment authority moves across an organization.
The Responsibility Gap ultimately points toward a deeper absence.
Organizations have governance. They have workflows. They have escalation paths.
But they often lack an explicit architecture for judgment authority.
That is the missing object of design.
Decision Design
I use the term Decision Design for that missing layer—a discipline focused on designing the structure through which judgment authority moves across an organization.
Decision Design is not about improving decisions alone; it is about designing the authority structure within which decisions become institutionally legitimate.
What Decision Design Designs
Decision Design focuses on the design of authority allocation structures. It addresses who decides, who may delegate, who may escalate, who may override, and who remains accountable once the decision is done.
What Decision Design Is Not
Decision Design is not any of the following:
- an AI development methodology
- workflow design
- a governance committee structure
- a compliance checklist
- an ethics framework
It sits beside each of these and does the work none of them does.
What Problem Decision Design Addresses
Decision Design addresses the governance failures that appear once judgment runs across both humans and AI systems. Four gaps recur:
- Authority Allocation Gap. No one has settled which decisions the AI may make and which a person must.
- Escalation Gap. No rule says when a decision returns from the machine to a human.
- Accountability Continuity Gap. As a decision passes between people and systems, no one carries accountability through the handoff.
- Institutional Traceability Gap. The organization cannot reconstruct, later, who decided what and on what grounds.
Most governance approaches try to manage the consequences of these gaps. Decision Design treats the gaps themselves as the design problem.
Decision Boundaries
The core construct in Decision Design is the Decision Boundary.
Decision Boundaries are not operational thresholds; they are institutional demarcations of legitimate authority.
A Decision Boundary does more than an approval step. An approval step pushes a finished decision upward for a signature. A boundary governs four movements: delegation, handing a decision to the AI; escalation, returning a decision the AI cannot carry to a person; override, a person reversing the AI's call; and suspension, stopping the decision process before it completes.
Decision Logs
A boundary needs a record that holds across time. That record is the Decision Log.
Decision Logs do not merely record outputs; they preserve accountability continuity across distributed judgment processes.
A Worked Example: Grant Review
Consider a grant review program. The work splits into four stages.
Formal eligibility review → AI
Substantive review → AI + Human
Boundary cases → Human
Final approval → Authorized decision-maker
The AI runs the formal eligibility review, checking required fields and basic criteria. In substantive review, the AI scores the proposal while a person supplies the judgment the model cannot. Applications that clear the formal bar but fall outside precedent move to a person as boundary cases. An authorized decision-maker signs the final approval under their own name.
The lines drawn between these stages are the Decision Boundaries.
- Between the formal stage and the AI, the program delegates a routine decision to the model.
- Inside substantive review, the program preserves a person's power to override the model's score.
- At the boundary-case handoff, the program escalates an application the AI cannot resolve to a human.
The final approval point is where the Governance Decision Boundary becomes visible. Past that line, one named person answers for the decision in the institution's name. Should an application stray too far from precedent, or the evidence run thin, that person can suspend the review rather than force a call.
Visibility tells you, afterward, what happened at each stage. The Decision Boundaries decide, in advance, where the lines fall and which movements each stage permits. The financial institution from the opening never drew such a line, and the exposure followed.
Authority, Not Aftermath
AI-era governance failures are failures of authority design. In most of these failures, an accountable owner exists. The decision structure does not.
Governance, digital transformation, automation, and AI ethics each earn their place. Governance organizes oversight. Digital transformation rebuilds process. Automation widens what a system can decide on its own. AI ethics names the values. Not one of them designs decision authority. Decision Design exists for that missing layer.
Vintz was right that visibility is accountability. Before an organization can make a decision visible, though, it has to decide who held the right to make it, and how far that right ran. Draw that line first. Everything downstream of it depends on the answer.
Decision Design is a judgment architecture framework proposed by Ryoji Morii, founder of Insynergy Inc., for structuring authority, accountability, and decision boundaries in AI-augmented organizations.