There's a specific kind of meeting that's become very common in 2026. A VP or Director — usually Operations, Product, Engineering, or Digital — sits across from someone who wants to know what the organization is doing about AI. The question sounds executive. The accountability is not.
The CEO set the direction. "We're leaning into AI." "We need to move fast here." "Figure out what this looks like for us." And then the CEO moved on to the next priority. You didn't. You're the one who owns the rollout, fields the questions from legal, manages the vendors, and shows up to the board prep session with something coherent to say by Thursday.
That's not a complaint. That's just what it looks like when the AI mandate is real but the governance frame isn't built yet. And that gap — between the directive from above and the structure you actually need to operate — is exactly where most organizations are sitting right now.
The questions below are the ones I hear most often from VPs and Directors who are holding the AI portfolio without a governance frame to stand on. None of them are comfortable. All of them have workable answers.
1. How do I choose a vendor when my CEO already has a favorite?
This is more common than anyone admits. The CEO came back from a conference, saw a demo, had a conversation at a dinner, and now there's a preferred vendor in the room before the evaluation has started. Your job is to make a good decision. That's now complicated.
The answer is not to fight the preference. It's to build an evaluation process that is rigorous enough to either validate the choice or surface a real problem with it — and document both outcomes. Define your criteria before the vendor meetings: what does performance on your actual data look like, what are the contract terms around liability and data use, what does monitoring look like post-deployment. Then run every vendor, including the preferred one, through the same frame.
If the preferred vendor holds up, you've validated the decision and you can move forward. If it doesn't, you have documented evidence — not an opinion — that changes the conversation. Most CEOs want good outcomes. What they don't want is to be told no without a reason. Give them a reason.
2. What do I say when the CEO wants a tool that legal hasn't approved?
Legal hasn't approved it for a reason, and that reason is usually either data handling, liability allocation, or regulatory exposure in a specific jurisdiction. Your job is to find out which one it is.
Don't position this as legal blocking the initiative. Position it as a specific gap that needs to be closed before you can move forward responsibly. "Legal has flagged three items in the contract — data retention language, the liability waiver in section 12, and the EU data transfer clause. We're working through those and expect a resolution by the end of next week." That's a project status, not a veto.
If legal is slow, help them move faster by getting specific: what exactly needs to change in the contract, who on the vendor side can negotiate it, and what's the timeline. Vague concern from legal is a blocker. A specific redline request with a target date is a solvable problem.
3. Who owns it when an AI system makes a wrong call?
This is the accountability question, and it's the one most organizations have not answered before they needed to. The vendor's contract disclaimed the liability. The engineer who ran the integration has moved on. The business unit that deployed it thought the AI was validated. So who actually owns the outcome?
The honest answer is: whoever signed the deployment decision. Which is usually you, or someone who reports to you. That's not a reason to avoid AI — it's a reason to build the accountability structure before you flip the switch.
For every AI system in production or near it, you should be able to answer three questions: who is the named owner of this system's outputs, what is the escalation path when something goes wrong, and how will we know when performance has degraded? If you can't answer those three questions, the system isn't ready to deploy — not because the technology isn't ready, but because the governance isn't.
4. How do I measure whether AI is actually creating value?
This is the question that makes everyone squirm because the honest answer is: most organizations don't know. They have a sense that AI is helping. They can point to the time saved on specific tasks. But they don't have a clean line from AI investment to business outcome, and the board is starting to ask.
The measurement problem is usually downstream of a decision-making problem. If you didn't define what success looked like before deployment — in specific, measurable terms — you can't measure it now without working backward. That's harder, but it's not impossible.
Start with the decisions the AI system is influencing. For each one, ask: what would we have done without this system, what did we do with it, and was the outcome better? Even qualitative answers to those questions are more useful than a productivity estimate that nobody believes. Then pick two or three metrics that the business already tracks and look for signal in the AI-influenced data versus the baseline.
You're not going to have a perfect ROI model. But you can have a credible answer that's grounded in actual outcomes rather than vendor benchmarks.
5. What do I do when I think we're moving too fast?
You raise it. Once, clearly, with a specific concern. And then you document it.
I know that's not the satisfying answer. But "moving too fast" without a specific articulation of what could go wrong is not a governance concern — it's a feeling. Convert the feeling into a specific risk. "We don't have a monitoring plan for this system, which means we won't know if it starts degrading." "The vendor contract has no liability language for AI errors, which creates exposure if this touches a regulated process." "We haven't defined ownership for the outputs, which means when something goes wrong, it'll be a crisis instead of a process."
Those are raiseable concerns. Once you've raised them, you've done your job. If the organization decides to move forward anyway, you've created a record that you flagged the risk. In most cases, though, the specificity of the concern changes the conversation — because now it's a solvable problem instead of an abstract worry.
The thing nobody tells you about the VP role in AI rollout
Here's what I've noticed across a lot of these conversations: the VP or Director who's holding the AI portfolio is often the most informed person in the room about the actual risks. Not because they're more capable than the CEO or the board — but because they're the ones reading the contracts, running the vendor calls, managing the team that has to live with the technology day to day.
That's a position of real influence if you use it right. The governance frame you build, the accountability structure you put in place, the evaluation criteria you define — these become the organization's AI posture. Not the CEO's preference. Not the vendor's pitch. Yours.
Most executives in your position don't have a governance framework handed to them. They build one, question by question, decision by decision, often under time and organizational pressure. That's the work. And it's worth doing carefully, because the organizations that get it right early don't just avoid liability — they build the infrastructure to actually use AI well over time.
If you're working through this without a governance frame and want a starting point, the AI Readiness Assessment gives you an honest picture of where your organization stands in under ten minutes. If you're at a specific decision point and need a second opinion before you commit, the Strategy Session is designed exactly for that. Or reach out if you have any questions — I'm happy to lend a hand.
The questions are not going away. Neither is your responsibility for them. But they're more manageable with a frame.