The conversation around AI in marketing is shifting rapidly from what these systems can do to what organizations should allow them to do.

There’s no doubt that the upside is real. AI can automate and accelerate complex marketing and creative workflows and help brands realize the full promise of personalization at scale.

It can also introduce new forms of risk as companies push to integrate AI across more areas of work. In recent months, organizations have seen AI agents expose sensitive data more broadly than intended, and AI tools contribute to outages in live systems. And these are not edge cases. During the past year, 65% of organizations have experienced at least one AI agent-related cybersecurity incident.

That tension between business value and risk management is what leaders need to navigate — and quickly. AI is already contributing to revenue growth for 62% of organizations, according to Adobe’s latest AI and Digital Trends research.

For CMOs and CIOs looking to capture this growth potential, selecting the right AI partners is now one of the most important decisions they can make. Building a scalable future with AI means moving beyond the hype and asking whether the system can operate with the control, transparency, and accountability your organization needs.

The questions below are designed to help leaders evaluate that more clearly through four decision lenses. They will help you determine whether an AI solution will become a strategic asset or a brand liability.

1. Can you trust the data the AI solution was built on?

Most organizations already have policies about where their data goes and who can use it. AI introduces a layer those policies don’t always account for. Some decisions about data use are baked into the model at the time it is trained and difficult to undo once you’ve built workflows on top of them. If you haven’t yet addressed how your own data is structured for AI use, the steps outlined here are good place to start.

When evaluating any AI solution, you need to pressure test its foundation. Start with these sample questions.

1. What specific types of data did you use to develop and train this AI system?
2. Did you use any datasets that may have copyright, intellectual property, or licensing restrictions?
3. Is our data — inputs, outputs, or usage patterns — used to train or improve your models?

These questions help you understand whether the system is built on data your organization can trust, and whether the provider can account for how data is sourced, handled, and protected.

Clear answers here reduce the chance that your team will generate content from unclear source material or build workflows on data you later discover cannot be used the way you assumed. They give you more confidence that the system is working from governed inputs and allow your teams to move faster with the legal and brand approvals needed for the pace of AI innovation.

2. Can you understand and control what the AI solution does?

AI systems produce outputs quickly, fluently, and at scale, which makes it easy to assume they’re producing them correctly. But fluency isn’t accuracy, and speed isn’t judgment. Trust breaks down quickly when teams cannot tell how a system reached an output and when a person is meant to step in.

To understand how the system behaves in practice, assess the provider with these sample questions.

1. Can you provide a plain language description of what this AI system does and how it reaches its outputs?
2. If human review is part of the workflow, what does that look like in practice, and who controls it?
3. How does the AI system handle situations where it isn’t confident in its output?

A well-designed system should be understandable to the people who will use it day-to-day. It should be able to show its reasoning by citing sources, presenting step-by-step logic, and establishing boundaries around what it can and cannot do. That transparency is what allows your team to catch errors before they become problems.

Oversight is the tougher test. What you’re really asking is whether your team can actively steer, monitor, and course-correct throughout the process, and whether that scales as the volume of AI-generated work grows. A system with oversight built in helps you turn that scale into an advantage, instead of just adding to your team’s workload.

My previous post explores this challenge in more detail, including a framework for rethinking review and approval as AI output grows.

3. Can you enforce your access and governance rules inside the AI system?

Most organizations have controls in place, but they were built for decisions made by people, and not for an environment where an agent can access data, move across workflows, and affect business outcomes on its own when left unchecked.

As AI moves into agentic territory, the sample questions below can help you surface the governance gaps.

1. How are agent actions logged and are they traceable in real time?
2. Can our permissions, consent rules, and governance policies carry through the workflow at the point of action?
3. How does the system prevent agents from accumulating access or taking actions beyond their intended scope?

A system that only enforces controls at the point of entry isn’t enough anymore. The standard should be whether governance travels with the agent through the entire workflow. That means access is configured at every level of your organization, consent rules and policy limits are applied at the moment decisions are made, and data gets encrypted, isolated, and stored in a location that meets your residency requirements. That’s what will keep your organization in control of AI, rather than running to catch up with it.

4. Is the AI solution ready to represent your brand at scale, across every audience?

By the time you adopt an AI solution, many of the decisions that determine its quality have already been made. How the model was trained, whether it was tested for fairness, or whether anyone stress-tested it for harmful outputs before deployment. The time to understand these decisions is before rollout. Fixing gaps later can be expensive, time consuming, and difficult to separate from the workflows already built.

To decide whether the system is ready for customer-facing use, push the provider with these sample questions.

1. How was the AI system assessed for bias, and what were the outcomes of those evaluations?
2. Has there been an assessment of potential harmful outputs, and what measures were put in place before deployment?
3. How does the quality control framework work, and how does the model improve over time?

Most providers will tell you they take quality, fairness, and safety seriously. The questions above aren’t asking whether they say that. They’re asking whether they can show it — which demographic groups were tested, which failure cases were identified, how error analysis feeds back into the model. That gap between what providers claim and what they’ve actually built is where brand risk lives.

At marketing scale, a model with unchecked bias can produce skewed content consistently, across every campaign, every audience segment, and every market you operate in. The reverse is also true. A system built on rigorous quality controls performs more consistently at scale and drives stronger results.

Scale AI with judgment to make innovation sustainable.

These four lenses are not a rigid checklist, and they are not a maturity ladder every organization must move through in the same order. The right starting point depends on what you want AI to do, where it will operate, and how much risk your business is comfortable with.

A team using AI for internal brainstorming will not evaluate it the same way as a team using it to shape customer-facing content, act on sensitive data, or operate across regulated workflows. A high-visibility retail brand may prioritize transparency and human oversight while a regulated enterprise may begin with access, governance, and data controls.

For a broader view of what responsible AI deployment looks like in practice, Adobe's responsible AI principles are a useful reference.

What no longer works is treating AI like a ‘black box’ and assuming you can adopt AI without understanding what it was built on, how it operates, or what happens when something goes wrong. As these systems move deeper into workflows and shape business outcomes, leaders need a clearer view of what is built into them from the start. That is what turns AI investment into a driver of growth, rather than a source of avoidable risk.

Emily McReynolds is Head of Global AI Strategy at Adobe, where she focuses on enterprise AI adoption. She has over 15 years of experience in data governance, machine learning, and AI across technical research and industry, including at Microsoft and Meta.

Having deployed AI at multiple companies, she understands the challenges an organization encounters in rolling out AI and provides guidance on AI implementation. Emily started coding in HTML and taught people to use computers back when we used floppy disks.

https://business.adobe.com/fragments/resources/cards/thank-you-collections/generative-ai