Your readiness isn't one number. It's eight.
Picture a 200-person agency: maybe 30 people in paid media, 25 in creative, 20 in PR, the rest split across strategy, analytics, account, and production. Someone asks the leadership team, "Are we AI-ready?" The honest answer is that the question is wrong. A retainer-based paid-media pod with anonymized performance data is ready today. The creative team producing a regulated client's campaign is not — and treating them as one readiness score is how agencies end up either frozen or exposed.
So the first move isn't a survey. It's a grid: every service line down one axis, and for each, two columns — how sensitive is the client data it touches, and how much of its margin is human hours you currently bill. Both HubSpot State of Marketing and the Salesforce State of Marketing report show AI flooding into marketing work faster than agencies are governing it. The point of the grid is to find where you can move now and where one bad output becomes a client phone call you don't want to take.
The two things that decide each cell
Start with the cell almost every agency gets wrong: client data permissions. Your MSAs and DPAs were written before anyone fed a client's customer list, unreleased campaign, or earnings-window messaging into a third-party model. The NIST AI Risk Management Framework gives you the order of operations here — map the intended use, measure the risk, manage the controls, then govern accountability — and for an agency "intended use" is concrete: which client's data, which model, who reviewed the contract clause that either permits or forbids it. The PwC Responsible AI survey is blunt about the governance load that arrives the moment you touch client data at scale. If a service line can't name where its data goes, it scores zero on readiness no matter how eager the team is.
The second column is the uncomfortable one: margin. Say your competitive-research deliverable takes a senior strategist 12 hours and bills at $4,000. AI can draft 80% of that in an afternoon. That's not a productivity win you quietly pocket — it's a re-pricing decision. Do you keep the hours and pad margin, cut the price to win more work, or move the strategist to higher-judgment output? Readiness includes whether your finance and account leads have actually decided. And map shadow usage while you're at it: the junior who's already pasting client briefs into a chatbot isn't a policy violation to punish, he's a readiness signal — proof the work wants the tool faster than your controls have caught up.
What you do Monday
Pick the one service line that scored low-data-risk and high-human-hours — usually internal research, reporting, or first-draft production on a forgiving account — and run a four-week governed pilot there. Instrument it with numbers an agency actually feels: production cycle time, rework rounds, QA defects that reach the client, and gross margin on that line before and after. The McKinsey State of AI research keeps landing on the same finding — value shows up only when you redesign the operating process, not when you bolt a tool onto the old one. A pilot that doesn't move cycle time or margin isn't a readiness problem; it's a workflow that wasn't redesigned.
Then hold the line on sequence: governed internal workflow first, brand-and-data review gates second, unsupervised client-facing output last (or never, for your regulated accounts). When you're ready to turn that grid into a real implementation path, AI for sales and marketing covers the demand-side workflows and AI governance and training covers the client-data guardrails that keep the work billable and the trust intact.
