The things that quietly stop working.

An architecture function publishes a 70-page principles document. Linked from a wiki nobody opens. Cited only by the architects who wrote it. Delivery teams have never read it.

Principles that aren’t encoded in platform defaults or policy-as-code don’t exist. The PDF creates the illusion of governance while the substrate stays unenforced.

Tell: when teams violate “principles” routinely without consequence, the PDF is theatre.

EA function exists to chair design reviews. Engineers must “present to architecture” before they can build. The reviews produce opinions, rarely decisions. Teams learn to route around the gate.

EA-as-gate breeds resentment and creates two systems: the official one and the one that ships. The function’s output becomes performance, not impact.

Tell: design reviews where the answer is mostly “no” or “please come back with more detail.”

A beautiful capability model exists in LeanIX / Ardoq / a Visio file. Architects update it quarterly. The CFO doesn’t consult it for investment decisions. Product managers don’t consult it for roadmap decisions. The capability model is a project artefact, not a living instrument.

An uncoupled capability model is overhead. Worse, it creates a false sense of EA maturity.

Tell: ask the CFO when they last looked at the capability model. The answer is “never.”

Enterprise creates a Chief AI Officer + AI CoE separate from platform engineering. CoE does great work on model selection, evals, use-case ideation. CoE owns nothing in the substrate — identity, observability, deployment pipelines — that real production AI requires.

AI ships only as fast as the substrate underneath it. CoE-as-parallel-to-platform spends quarters waiting on platform team for the controls regulators require. By the time the substrate exists, the use-case window has closed.

Tell: AI roadmap dates always slip on dependencies the CoE can’t deliver itself.

Executive team attends an AI workshop. Then another. Then a third. Vendor pitches, demos, capability tours. No production use-case is named. No sponsor is assigned. No budget is allocated. Repeat for six quarters.

Workshop tourism feels like progress because it produces calendar events and slide decks. It produces no shipped capability. By the time the org commits, competitors have shipped use-cases two years deep.

Tell: count the workshops. Compare to count of named production use-cases with sponsors. If the ratio is >3:1, it’s tourism.

Engineering org adopts DORA / SPACE / DX metrics because someone read the book. Numbers go on a dashboard. Targets are set. Nothing changes about how engineering is funded, prioritised or rewarded. The numbers become inputs to an annual ritual nobody acts on.

Metrics that don’t change behaviour are noise. Worse: tracked-but-unused metrics breed cynicism (“they want us to game the deploy-frequency number”).

Tell: ask the team how the metric changes what gets prioritised this sprint. If the answer is “it doesn’t,” it’s cargo cult.

Org “moved secrets to the vault.” Engineers proudly cite this in audits. Applications still pull static long-lived credentials from the vault at startup. The credentials sit in env vars for the lifetime of the workload, then sit in logs, then sit in CI artefacts, then sit in incident war-room screenshots.

Vaulted-static is still static. The credential is the vulnerability, not its storage. Snowflake 2024 (100+ breaches via stuffed credentials) was a vault-theatre incident at scale.

Tell: ask “how long is the credential valid?” If the answer is >1 hour, it’s static.

Org emits SBOMs per artefact (CycloneDX, SPDX) because procurement asked. The SBOMs land in a folder. Nothing reads them. CVEs in the dependency graph never reach a service owner. When a critical CVE drops, security still spends weeks doing manual application-to-service mapping.

SBOMs are infrastructure for the alert-to-owner loop. Without that loop, they’re compliance theatre and double the storage bill.

Tell: ask how a Log4Shell-class CVE would flow from disclosure to remediation. If the answer involves “manual triage,” the SBOMs are shelfware.

Security programme’s top-3 line items are SAST consolidation, DAST rollout, container scanning. Workload identity, signed provenance, SBOM-to-owner are absent or scheduled for next year. The roadmap mirrors the AppSec vendor market.

2024 incidents that defined the year (XZ Utils, Snowflake, Polyfill, CrowdStrike) were not findings on a SAST report. The vendor markets are selling 2018’s problem.

Tell: ask what would have caught XZ Utils. If the answer is more SAST scans, the roadmap is misaligned with the threat.

Platform team built a beautiful paved path. Backstage templates, observability defaults, security baked in. No squad uses it. Squads keep rolling their own pipelines. The platform team is hurt; the platform’s adoption metric is invisible because nobody tracks it.

A paved path that nobody chose is just another tool stack. Worse: the platform team feels successful (they shipped the path) while engineering velocity stays unchanged.

Tell: count adoption per capability per quarter. If a capability is <30% adopted 6 months in, it’s not paved — it’s parked.

Production GenAI feature’s prompts are hard-coded as Python / Go / TypeScript string literals. Whoever last edited them owns them. No versioning, no review, no eval gate. When the model misbehaves, nobody can attribute the regression to a prompt change because there’s no change log.

A prompt is a configuration that determines model behaviour. Treating it as a string literal in code makes it un-versionable, un-reviewable and un-rollback-able. OWASP LLM01 failure modes hide here.

Tell: ask “what changed in the prompt last week?” If the answer requires git-archaeology, the prompt is inline.

Org wrote an eval set of 50 cases when launching the GenAI feature. The eval set lives in a repo. The CI pipeline doesn’t run it. Engineers don’t know it exists. When prompts change, deploys ship without an eval gate.

An eval set that doesn’t gate deploys is documentation of intent, not enforcement of quality. The most common GenAI production regressions land via prompt or model-version changes that an eval set would have caught.

Tell: ask what would happen to a deploy whose prompt change drops a critical eval score by 30%. If the answer is “it would ship,” the eval set is decorative.

Production GenAI workload uses model: latest (or equivalent floating reference) instead of a pinned semantic version. Model provider silently ships a behaviour change. Production suddenly produces different outputs. Nobody can attribute the regression because there’s no version change log.

Both Anthropic and OpenAI shipped breaking model changes in 2024 that broke prompts in production for orgs using floating references. The fix isn’t complaining to the provider; the fix is pinning.

Tell: grep your code for “latest”, “stable”, “current”, “default”. Each hit is an incident waiting to happen.

Org labels its data programme “data mesh” because the book is popular. Domain teams now own their data products. There’s no shared catalogue. No lineage. No contracts. No access governance. The mesh is sociotechnically just “decentralised silos.”

Data mesh without substrate — catalogue, lineage, contracts, governance — is just the data-lake problem rebranded. Domain teams now own incompatible interpretations of “customer.”

Tell: ask three product teams for the customer count. Three different numbers from three different sources.

Org adopts a lakehouse (Databricks, Snowflake, BigQuery + Iceberg). Bronze zone fills with raw ingest from everywhere — CDC, exports, SaaS sync, vendor file drops. No Silver discipline. No Gold zone. No domain ownership. Lakehouse = warehouse + lake’s worst attributes combined.

Lakehouse tooling doesn’t enforce the Bronze/Silver/Gold discipline; the team has to. Without it, you’re paying lakehouse prices for swamp performance and credibility damage when BI / ML / AI consume conflicting data.

Tell: count tables in Gold zone vs Bronze. Healthy ratio: 1 Gold for every 5–10 Bronze. Swamp ratio: 0 Gold, 500 Bronze.