Engineering is the function with the highest AI adoption rate and the most governance complexity. As VP Engineering, you are managing both the productivity gains and the new risk categories. Here is the tactical playbook.
1. Code generation and editing. Cursor, Claude Code, Copilot are now baseline tooling. Standardize across the team.
2. Code review. AI as first reviewer surfaces obvious issues; senior engineer focuses on architecture and judgment.
3. Documentation. READMEs, ADRs, API docs, runbooks generated from code + intent.
4. Test generation. Unit and integration tests drafted from spec + code. Engineer refines.
5. Incident response. Faster triage via log summarization + post-mortem narrative generation.
1. Tool approval and standardization. Pick 1-2 AI coding tools; do not let 7 different ones proliferate.
2. Code/data policy. What customer data, proprietary code, secrets can or cannot enter AI tools.
3. Code review standards for AI-authored code. Same rigor as human-authored? Higher? Document it.
4. Open source license tracking. AI-generated code mixed with OSS dependencies has licensing implications.
5. Security review process. AI code can introduce vulnerabilities. Security review process must keep pace.
Productivity: PRs per engineer per week, cycle time, throughput.
Quality: Bug rate per release, security issues found post-release, code review iterations per PR.
The trap: productivity going up while quality goes down is net-negative. Watch both.
— Bill Colbert, Treetop Growth Strategy