Skip to content
Contact Us
AI Governance and Training4 min

The SOP Trap: When AI Documents a Process Nobody Actually Follows

AI writes a beautiful SOP from your tickets and chat logs — for a process your team abandoned 18 months ago. Here's how to know when to hold off.

Operations leader reviewing AI-generated SOP documentation with source evidence and approval controls.
Figure 01 Operations leader reviewing AI-generated SOP documentation with source evidence and approval controls.
Answer summary

The practical answer

Short answer
AI writes a beautiful SOP from your tickets and chat logs — for a process your team abandoned 18 months ago. Here's how to know when to hold off.
Best fit
Industry: Professional services and technology. Function: Operations and knowledge management
Operating path
AI Governance and Training -> AI Transformation
Key metric
4 owner, source, review, and training controls

The onboarding doc that aged like milk

Picture the client onboarding SOP at a 60-person professional services firm. AI ingests two years of Slack threads, a folder of old kickoff decks, and the ticket history, and produces a crisp eight-step document: contract signed, kickoff scheduled, project lead assigned, access provisioned, and so on. It reads like it was written by someone who has done this a thousand times. Everyone nods. It gets pinned in the wiki.

The problem is that step four — "access provisioned by IT within 24 hours" — stopped being true the day the firm moved to a self-serve provisioning tool eight months ago. And step six, the "internal handoff call," was killed last spring because nobody attended it. The AI didn't lie. It faithfully reconstructed the process the historical artifacts described. Those artifacts just describe a company that no longer exists. SOP documentation is uniquely prone to this because the output is fluent prose, and fluent prose reads as authoritative whether or not it matches what happens on a Tuesday morning.

IBM's Institute for Business Value research on AI capabilities makes the point that AI output is only as trustworthy as the data, operating model, and measurement behind it. For an SOP, the "data" is not the ticket archive — it is the actual current practice, which usually lives in three people's heads and was last changed without anyone updating a single document.

Two tests before you let AI draft a single SOP

Hold off on AI-drafting an SOP until you can answer two questions. First: who owns this process today, and will they sign their name to the final version? Not "who used to run it" — who is accountable for it now. If you can't name that person in one breath, AI will produce a document with no one responsible for whether it's right. The NIST AI Risk Management Framework frames this as the map-measure-manage-govern sequence: you map which processes are in scope and assign accountability before you trust generated output, not after the document is already pinned in the wiki.

Second: is there a fresh, authoritative source the AI can read — or only stale debris? An assistant working through Microsoft 365 Copilot's permission-aware architecture respects identity boundaries, which is great for security, but it does nothing about source freshness. It will read the eighteen-month-old runbook with the same confidence as last week's. If the only inputs are decks from the last reorg and a chat channel where half the messages are jokes, the SOP will be a confident fiction. The fix is mundane and human: have the current owner spend twenty minutes describing the actual steps out loud, record it, and make that the authoritative input. AI drafts from that, not from the archive.

If both answers are weak — no clear owner, no current source — the honest move is to delay automation and fix the process knowledge first. A documented wrong process is more dangerous than an undocumented one, because people stop asking the people who actually know.

SOP governance workflow showing source evidence, process owner review, training updates, and revision history.
SOP governance workflow showing source evidence, process owner review, training updates, and revision history.

The smarter first move: make AI find the disagreements

Here's where AI earns its keep on SOPs without any of the above risk. Instead of asking it to write the canonical process, ask it to surface where your own people disagree about it. Feed it three accounts of how client onboarding works — one from sales, one from delivery, one from the ops lead — and have it produce a conflict report: sales thinks the kickoff happens before the contract; delivery thinks after; nobody mentions who provisions access. That disagreement map is gold. It tells the owner exactly which six decisions to make, and it does so in an afternoon instead of a three-week documentation project.

McKinsey's State of AI work keeps landing on the same finding: value shows up when you redesign the workflow, not when you bolt AI onto the old one. For SOPs, the redesigned workflow is capture the current source, reconcile the conflicts, let the named owner approve, then track whether reality drifts again. Watch the owner's edit rate on the first draft and the number of corrections that come back from the field in the first month — if either is high, your source was stale and you caught it cheaply.

If you're staring at a wiki full of confident, possibly-fictional SOPs, start by governing the inputs: the knowledge-systems and RAG path keeps AI reading from current, authoritative sources, and AI governance and training sets who reviews and re-approves as processes change. Want a faster read on which of your processes are actually ready for this? Run the AI audit path and we'll map owners and source quality before you automate anything.

Continue the operating path
Topic hub AI Governance and Training Acceptable-use policy, shadow AI, employee training, privacy boundaries, quality review, and leadership cadence. Pillar AI Transformation AI governance is not a memo. It is the operating system for approved tools, restricted data, review standards, and safe employee adoption.
Related intelligence
Sources
  1. IBM Institute for Business Value AI capabilities research
  2. McKinsey State of AI 2025
  3. NIST AI Risk Management Framework
  4. Microsoft 365 Copilot data protection architecture
Move on this

Turn this AI question into a governed workflow.

Start with the next step that matches readiness: score, audit, blueprint, sprint, or governance.

Run the AI audit path →