If you remember nothing else:
- Maturity frameworks start at the level where the billable work is. They skip phase zero, the unglamorous job of getting the tool safely into people's hands.
- Phase zero is four jobs in order: lock the account, connect it safely, limit what it can reach, and prove what it did.
- High usage is not the summit. A rollout can succeed straight into a cost or exposure crisis.
- The test: can IT produce the tenant policy, the egress allowlist, the tool allowlist, and the audit log on demand? If not, you built on air.
I lost a deal recently by leading with phase three to a buyer who was standing on phase zero.
They already had Claude in people’s hands. What they needed to hear was whether IT could prove the thing was locked down: who could sign in, what it could reach, what it had touched. What I led with instead was the clever part. The org-wide instruction files, the custom skills, the stuff I find fun to build. Wrong room. They wanted the floor laid, and I turned up demoing the furniture.
That sting is the reason for this post.
Every enterprise-AI maturity model I have read starts a rung or two above where most companies actually stand, and skips the rung that holds the rest up. Call it phase zero: the dull, un-billable job of getting the tool safely into real hands. Not safe in a sandbox where it can’t touch anything. Safe in the actual hands of the finance analyst and the support rep, doing real work, where IT can see it. If your users already have Claude and your big internal debate is which skills to ship, you skipped the floor. You’re building on air.
So here’s the test, and the rest of this post earns it. Your team has Claude. Can IT produce, today, the policy for who’s allowed to sign in, the egress allowlist, the list of tool servers the agent may call, and the log of what it did? If not, you’re at phase zero, whatever the slide calls you.
Maturity models sell you the summit
Read enough of these frameworks and the trick shows itself. They begin at the level where the expensive engagement begins. The bottom rung, the one labelled “ad hoc” or “experimenting,” gets drawn as a problem to escape, and your eye is pulled straight up the pyramid toward the centre of excellence and the platform team and the multi-year programme. I’ve been handed those decks. I’ve presented versions of them.
The shape is convenient for whoever is selling the climb.
John Cutler said it better than I can. He says explanations like crawl-walk-run “infantilize people” and don’t match how experienced adults actually learn, and he’s blunt that “no healthy and experienced team works this way.” The stages feel rigorous because they are numbered. Numbers aren’t truth.
The deeper problem is what the climb measures. It counts what you bought. A team that deployed ten thousand Copilot licences reads as more mature than one with a hundred, and that’s mostly rubbish. One enterprise guide says it flatly: “deployment is not visibility”, and the licence count tells you nothing about who uses the tool, on what, or whether anyone can see it. I made the long version of that argument in why maturity scores mislead: they measure capability, not value. This is the other half.
Even when the score is straight about value, it never counts the floor.
And the floor is where companies actually stand. An IBM survey found that 86% of employees now have access to AI tools at work while only about 25% use them regularly. A 61-point gap between having the thing and using the thing.
The deck wants to sell you stage four. Most of the org hasn’t finished stage zero.
What phase zero actually contains
Phase zero is one job with a boring name: get the tool safely into people’s hands. It gets skipped for a reason that’s almost charming. The work is plumbing. Tenant settings, certificates, allowlists, log pipelines, none of which makes a leader feel like they’re leading a revolution. So it falls to “IT will handle it,” and IT, reasonably, asks for the requirements nobody wrote down.
There’s a real cost to skipping it, and it isn’t abstract. An AI agent amplifies whatever you point it at. Point an ungoverned one at your systems and it will amplify your worst exposure as happily as your best workflow. The teams I work with that stalled did not stall on strategy. They stalled because Legal, Risk, and Security couldn’t get a straight answer about what the tool could reach, so the whole thing sat in a holding pattern while the slideware promised the big wins upstairs. The strategy was fine. The floor was missing.
That’s the thing about a floor. Nobody admires it. You only notice it when it isn’t there.
The four stones, in order
Phase zero breaks into four jobs, and the order matters, because each one assumes the last is done.
First, lock the account. Decide who’s allowed to sign in and from where, enforce it through your identity provider, and claim your email domain so a personal account can’t quietly stand in for a corporate one. This is the hardest stone to retrofit and the easiest to wave off. Turns out that’s exactly why so much work ends up routed through personal logins your tools never see. The mechanics of shutting that path, enforced SSO and a domain claim you can’t walk back, are their own post; the principle is the same fight I described in stopping shadow AI: identity is the only door, so put the lock there first.
Second, connect it safely, which mostly means teaching the tool to trust your corporate CA rather than punching a hole in the proxy. I wrote the full runbook in configuring Claude Code behind a TLS-inspecting proxy.
Third, limit what it can reach. An agent’s real power is the tools and servers it can call, and every one of those is code you didn’t write, running with the agent’s access. Pick which it may use and deny the rest by default. A registry of approved servers with nothing enforcing it is a memo, not a control.
Fourth, prove what it did. The answer to “what did the tool touch last quarter” exists only if you wired the logging before anyone asked, which is the case I laboured in logging Claude for compliance. Wire it the same week as the rest, or you’ll be rebuilding it under pressure straightaway.
Lock it, connect it, limit it, log it. None of it is clever. All of it holds weight.
But isn’t high usage the goal?
You’d think so, and the pyramid agrees, which is why it’s wrong. Here’s a question I didn’t expect to be asking in 2026: what happens when the rollout works too well?
A mid-2026 account of one large engineering org described usage jumping from 32% to 84% of the team, with individual engineers burning between $500 and $2,000 a month on tokens, and a major employer telling its people to migrate off the tool by the fiscal year-end on cost grounds. Read that again. The failure wasn’t low adoption. It was the opposite. The summit of every maturity model is “everyone uses it,” and here that summit turned out to be a cliff edge.
So spend governance and exposure control aren’t stage-four refinements you bolt on once you’re mature. They’re phase-zero plumbing, because the thing most likely to kill a working rollout is the rollout working. A team that hit 84% adoption with no cost guardrails didn’t skip strategy. They skipped a stone.
I’ll correct myself, because “skip” undersells it. Most teams don’t decide to leave phase zero out. They assume it happened, the way you assume the building you walked into has a foundation. Nobody chose to omit it. Everybody decided it was somebody else’s job.
Lay the floor, then climb
So, the test again, because it’s the thing to carry into your next steering meeting. Your team has Claude. Can IT produce, on demand, four artifacts: who may sign in, the egress allowlist, the list of tool servers the agent may call, and the log of what it did? Four files, more or less. If they exist, you’ve got a proper floor and you can build with a straight face. If they don’t, no maturity score means a thing, because the number is rating a building with nothing underneath it.
Once the floor holds, climb. The compounding stuff is real and I’m the first to enjoy it: an org-wide instruction file every surface reads, skills that encode how your teams actually work, the deployment patterns I wrote up separately. All of it pays off. It just pays off on top of phase zero, not instead of it.
That was my mistake in the room I lost. I love the top of the building, so I led with it, to someone still standing on bare concrete.
Mind you, the floor will never be glamorous. No vendor is going to sell you a keynote story about certificate trust stores, and that’s kind of the point. The un-billable, nobody-owns-it work is the work that decides whether any of the exciting work is safe to do at all.
You don’t climb a maturity model. You pour a floor. Then you build.
