Skip to main content
Intelligence | May 12, 2026 | Microsoft Publishes Five-Level DDoS Resilience Maturity Framework for Consume...

CORE CONCEPTS

The distance between what your AI system was supposed to do and what it is actually doing right now.

Intent Gap is the unplanned divergence between organizational intent and production behavior. It appears after deployment, when the system keeps operating, conditions change, and nobody measures whether actual behavior still matches the purpose originally approved.

v1.0 · May 2026Build intent architecture

Free to read and cite with attribution to Sougata Roy and sougataroy.com. Do not republish, rebrand, or claim authorship of any framework, term, or model as your own.

THE PROBLEM

The model keeps moving after approval

A system is approved for one purpose. The record says what it is supposed to do. The controls say what it is allowed to reach. The team believes the original decision still describes production reality.

Then the operating environment changes. Inputs shift. users learn how to ask different questions. Upstream data changes. A workflow expands. A business team begins relying on outputs in a way nobody reviewed. The system is not broken. It is doing something close enough to look normal and different enough to matter.

That distance is the Intent Gap. It is the space between the organizational purpose that was approved and the behavior now occurring in production.

Public AI incidents show why this matters. Oso's Agents Gone Rogue register describes the Replit production database deletion as an example of agent authority exceeding safe operational expectations. The ACLU of Colorado's 2025 complaint against Intuit and HireVue alleged that an automated hiring assessment operated in ways that disadvantaged a deaf Indigenous applicant. These cases show why authorization records must be checked against actual production behavior rather than treated as launch paperwork.

INSIDE THE ORGANIZATION

The governance question

For every AI system operating in production, can your organization show that actual behavior still matches the purpose, boundaries, and review conditions originally authorized? If the answer depends on assumptions, the Intent Gap is already open.

THE CONCEPT

What Intent Gap is and is not

Intent Gap is the unplanned divergence between what an organization genuinely intended an AI system to do and what the system actually does in production. It is not measured at launch. It is measured after use begins, when real users, real data, and real workflows create behavior the original authorization record may no longer describe.

The concept matters because most governance records are static. Production behavior is not. A system can remain inside its technical permission boundary while drifting away from organizational intent. That makes the gap difficult to see if the organization only monitors access, uptime, and incident tickets.

WHAT INTENT GAP IS NOT

Intent Gap is not a hallucination, a generic model quality issue, or a failed launch checklist. It is not the same as Agent Sprawl or Governance Debt. Agent Sprawl is about count. Governance Debt is about accumulated missing controls. Intent Gap is about behavior over time: whether the system still does what the organization intended it to do.

THREE CAUSES

How the gap opens

Intent Gap usually appears through three paths. The system is given more operational authority than the authorization record anticipated. The users change how they rely on it. Or the organization fails to compare observed behavior against documented intent after deployment.

Cause

Operational authority exceeds intent

The system is authorized for a narrow purpose, but its permissions, tool access, or execution path allow actions beyond that purpose. The gap is not only what the model says. It is what the system can cause to happen through connected tools and data.

Replit case signal

Oso's incident register describes a Replit AI coding assistant deleting a production database during an AI-assisted development session. The important governance lesson is not simply that the assistant made a mistake. It is that production authority existed where the approved working expectation did not appear to support it.

Cause

Use changes after deployment

The system starts in one workflow, then becomes part of a higher-stakes decision path. What began as support becomes screening, scoring, prioritization, routing, or recommendation. The original authorization record may still exist, but it no longer describes the role the system plays.

HireVue and Intuit case signal

The ACLU of Colorado's 2025 civil rights complaint alleged that an automated hiring assessment used by Intuit and HireVue disadvantaged a deaf Indigenous applicant. The governance signal is that deployment context, affected users, and accommodation obligations must be reviewed as the system is used, not assumed from the original vendor description.

Cause

Monitoring measures activity, not intent

Logs can show what happened. They do not automatically show whether what happened matched what was approved. If monitoring checks only activity, access, cost, or errors, the organization may miss the fact that the system is steadily drifting from the purpose it was authorized to serve.

Upstart Holdings - Model 22

Upstart launched Model 22 in May 2025, touting it as increasing loan approval rates and improving risk assessment accuracy. Throughout Q3 2025, the model overreacted to macroeconomic signals, becoming overly conservative and reducing borrower approvals and conversion rates. The behavioral divergence was not surfaced through AI model risk monitoring. It was discovered through financial results when Upstart disclosed the model had been overresponsive, cut its full-year revenue guidance by $20 million, and saw its stock fall 9.71% on November 5, 2025. Securities class action lawsuits were filed in April 2026. The governance signal: the distance between documented model purpose and actual production behavior was unknown until external disclosures made it impossible to ignore.

RUNTIME GOVERNANCE

Why Intent Gap is a runtime concept

A launch approval tells you what the organization believed at a point in time. It does not prove the system still behaves in line with that belief six weeks, six months, or six model updates later.

That is why Intent Gap belongs in runtime governance. The question is not only whether the system was authorized before deployment. The question is whether production behavior is regularly compared against the authorized purpose, prohibited actions, expected outputs, and review triggers.

NIST AI RMF's GOVERN function emphasizes accountability structures, policies, roles, and processes for managing AI risk. The CSA Agentic AI profile maps agentic controls to NIST AI RMF, including accountability and governance records. Intent Gap operationalizes that idea at the level of one deployed system by asking whether the documented intent still matches observed behavior.

THE FRAMEWORKS

Where the Intent Gap is controlled

Intent Gap is controlled through framework work that ties authorization, accountability, coverage, and monitoring together. Each connected framework addresses a different part of the gap.

Connected framework

The Organizational Agent Controls

Defines the organizational decisions that must exist before an agent goes live, including explicit authorization, bounded access, review discipline, and stop capability.

Explore the framework

Connected framework

The Deployment Accountability Map

Separates provider, platform, and deploying organization accountability so the organization can see which decisions cannot be delegated away.

Explore the framework

Connected framework

The Authorization Coverage Lifecycle

Shows how authorization coverage changes over time and how missing records accumulate into governance debt when production systems outpace governance work.

Explore the framework

Connected framework

The Intent Architecture Stack

Provides the three-layer structure for documenting context, intent, and governance before deployment and checking whether each layer still holds after deployment.

Explore the framework

RELATED CONCEPTS

The concept family around Intent Gap

Intent Gap is the runtime drift concept. Governance Debt explains what accumulates when the gap is not measured. Accountability Assumption explains why nobody believes they own the gap. Intent Architecture explains the design layer that prevents the gap from opening silently. Agent Sprawl explains why the gap becomes difficult to measure at enterprise scale.

Governance Debt The Accountability Assumption Intent Architecture Agent Sprawl

WHAT GOOD LOOKS LIKE

When the Intent Gap is controlled

Every production AI system has an authorization record that states purpose, authorized actions, explicit prohibitions, expected outputs, data access, accountable owner, review cadence, and escalation path.

Observed behavior is compared against that record on a defined cadence and after defined events. The organization can show when the comparison occurred, who reviewed it, what evidence was used, and what changed as a result.

Users know the system's approved purpose and boundaries. Owners know what evidence they must review. Compliance teams can ask whether behavior still matches authorization and receive an answer from records, not recollection.

When the system's role expands, the authorization changes before reliance changes. When the system's behavior diverges, the review process catches it before the gap becomes an incident.

Quick reference

Download the Monitoring Check Card

A one-page reference card for confirming that your AI systems are still doing what your organization intended when it authorized them.

QUICK CHECK

Intent Gap Monitoring Check

Three columns. Baseline, comparison, and trigger conditions. All three must be complete.

Download PDF

RESEARCH BASIS

View all frameworks

Related frameworks

Choose the next control point

Follow the connected governance path. Each framework gives leaders a different control point for agent accountability, authorization, and readiness.

01The Organizational Agent ControlsOpen the next piece of the operating model and continue the governance path.Open framework02The Intent Architecture StackOpen the next piece of the operating model and continue the governance path.Open framework03Chain Authorization GapTrace where delegated agent decisions lose visible approval.Open framework