Most pros have seen AI hallucinations in IT operations

Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to approve the step. The capability is spreading at the same time IT professionals are reporting frequent encounters with AI output errors that can carry operational impact.

Ivanti’s 2026 AI Maturity Report, drawn from responses by 1,500 IT professionals across six countries, finds that 68% have personally seen AI produce hallucinations with potential operational impact. About 52% of those respondents say their team caught the errors before they caused issues. The remaining 16% report cases where the errors slipped through and reached production environments.

Trust grows alongside exposure

The same population that has witnessed these failures continues to extend significant trust to AI-generated outputs. Among the most advanced AI users in IT, 49% say they completely trust AI-generated outputs that influence IT decisions. Trust climbs with individual AI experience, and exposure to AI failures climbs along with it.

Autonomous action is also widening across IT operations. Among IT professionals surveyed, 52% report AI autonomously adjusting performance settings, 50% report AI isolating risky devices, 47% report AI restarting services or processes, and 46% report AI applying patches or fixes. For scaled, mature AI organizations, these autonomous applications run at more than double the rate of less mature peers. Across all organizations, 46% of IT operations are expected to be automated by AI within 18 months.

Areas requiring human review

IT pros draw firmer lines around high-severity work. 55% say they would never rely on AI without human review for high-severity incidents, and 52% say the same for communicating incidents to executives or stakeholders. These boundaries map to a two-tier model: routine remediation runs autonomously, and consequential decisions require human validation.

The governance gap

Governance has become the most commonly cited barrier to AI deployment. 27% of IT professionals identify governance, security, or compliance concerns as their organization’s biggest deployment obstacle, ahead of skills shortages (20%), technology limitations (17%), and data challenges (14%).

Most organizations report having baseline governance structures. 65% have AI risk review processes, 59% have policies for evaluating and approving new AI solutions, 58% have acceptable AI use policies, and 49% have AI oversight bodies. Adherence is uneven. Among companies that have AI policies, 24% of employees say the policies are followed very consistently in day-to-day work.

Accountability presents an even larger gap. 85% of IT pros claim there is a named, accountable owner for every AI agent and workflow inside their IT organization. Only 42% report that accountability holds up in practice. The 43-point gap exists alongside the speed at which AI capabilities have moved into IT operations and the lag in matching ownership and escalation structures.

Shadow AI adds another layer. Employees using unsanctioned AI tools to route around slow approval processes bypass existing governance structures. Regulated industries including government, healthcare, and education show the highest rates of unsanctioned AI tool use and the lowest rates of employer-provided tools. Organizational leaders hide their AI use at a rate of 42%. Among other employees, that rate is 23%. 52% of leaders who hide their AI use cite a desire for a “secret advantage.”

Codified trust thresholds

Governance maturity climbs alongside AI maturity. 69% of organizations at scaled, business-critical AI use report comprehensive governance in place. At early-experimentation organizations, that figure is 15%.

Ivanti recommends codifying trust thresholds by workflow. Allow AI to autonomously restart failed services or apply routine patches. Require human validation for system-wide configuration changes or emergency incident responses. The approach lets organizations capture autonomous remediation gains and contain the operational blast radius from hallucinations or faulty signals.

Download: The IT and security field guide to AI adoption