Is your data infrastructure ready for GenAI adoption?

The context gap behind GenAI pilots

Most organisations are not trying to train their own large models. They are trying to connect existing models to internal knowledge and data. That shift makes data infrastructure feel less like plumbing and more like an operating system for decisions.

From dashboards to decision support

GenAI in production rarely behaves like analytics. A dashboard can tolerate latency and some missing fields; a GenAI assistant writing a customer response, drafting a credit memo, or summarising a clinical incident cannot. The model’s output becomes a visible artefact, and the organisation becomes accountable for the chain of evidence behind it.

Consider a UK insurer using GenAI to triage claims. The model is not trained on proprietary data. It retrieves policy wording, prior claim notes, and repair guidance. If the policy document version is wrong or the claim notes include unredacted sensitive data, the pilot becomes a compliance conversation rather than a productivity story.

Context is a product, not a by-product

In many firms, knowledge lives across SharePoint, ticketing systems, document management tools, data warehouses, and personal drives. GenAI forces a question that BI could sometimes avoid: which sources are authoritative for which decisions? Without an explicit answer, the model will create the illusion of coherence while pulling from incoherent inputs.

Hidden dependency: operational data, not just documents

Some of the most valuable context is not narrative text. It is operational state: the latest customer status, the current price list, the most recent risk rating, the open incidents linked to a supplier. If these are not accessible with appropriate controls and lineage, GenAI will either hallucinate or slow down into manual workarounds, which tends to destroy ROI.

Why data assumptions no longer hold

GenAI does not simply query data; it composes answers. This changes what “good data” means, how errors propagate, and where governance must sit. Some long-standing assumptions become risky in subtle ways.

Quality thresholds shift from aggregates to instances

Traditional data quality programmes often focus on completeness and consistency at scale. GenAI frequently fails on edge cases: a single out-of-date procedure, a duplicated customer record, or a mislabelled contract clause. The risk profile changes from “monthly reporting is slightly off” to “a customer received the wrong instruction”.

Access control becomes conversational

Role-based access built for systems of record does not always map to conversational interfaces. If a colleague can ask, “Show me all customers in arrears in Manchester,” the question is not whether the database is secured; it is whether the conversation layer can reliably enforce policy, log access, and prevent leakage through summaries.

Unstructured content becomes regulated content

Many organisations treat documents as informal. GenAI turns them into quasi-official sources because they are surfaced as answers. This is where reputational risk often enters. An internal PDF about “how we usually do it” can become the de facto policy unless governance distinguishes guidance from approved instruction.

Latency and staleness become visible

A contact centre assistant that cites a price that changed yesterday creates immediate credibility loss. This is not only a technical freshness issue; it is an operating question about update cycles, ownership of knowledge, and how quickly changes are propagated through the context layer.

The minimum viable context supply chain

Data readiness for GenAI is less about buying a platform and more about designing a supply chain for context: selecting sources, shaping them for retrieval, controlling access, and measuring outcomes. “Minimum viable” means fit for purpose, not perfect.

Authoritative sources and decision boundaries

Start with the decisions GenAI is meant to influence. For each workflow, what sources are allowed to be cited? What sources are disallowed? A bank might allow product terms and approved scripts, while excluding informal chat logs for customer-facing communications.

Indexing, metadata, and lineage that humans can audit

Retrieval-augmented generation only works if content is findable and attributable. That suggests investment in metadata, document versioning, and provenance. Not because it is fashionable, but because it creates defensibility when things go wrong.

Useful signals tend to include: content owner, effective date, jurisdiction relevance, approval status, and links to policies. The goal is not perfect cataloguing; it is the ability to answer: why did the model say this, and was it allowed to?

Policy enforcement at the point of use

Data infrastructure readiness includes the ability to apply permissions in the retrieval layer, not only in the source system. Otherwise, a user might indirectly access content they could not open directly. This is also where prompt injection and data exfiltration risks become practical rather than theoretical.

Human feedback loops as data infrastructure

GenAI systems learn operationally through feedback, even if the underlying model is not being trained. Capturing corrections, overrides, and escalation reasons creates a new class of data that can improve retrieval quality, update content, and refine governance rules. In a different domain, LSI’s AI-native learning platform relies on continuous formative feedback loops to improve what is served next; organisations deploying GenAI can adopt a similar mindset for knowledge and workflow context, without turning it into an academic exercise.

Operating model implications beyond IT

Data readiness is not only an architecture topic. It is an organisational design topic: who owns context, who approves it, who pays for it, and who is accountable when the model is wrong. GenAI tends to expose these gaps quickly.

Context owners and approval paths

If a GenAI assistant uses HR policy, someone must own that policy content as a live asset. That owner needs a clear approval path, service expectations for updates, and a way to retire content. Without this, “knowledge debt” accumulates and the model becomes less trusted over time.

Centralise the standards, federate the content

There is a recurring trade-off. Centralising everything can slow delivery and create bottlenecks. Fully federated approaches often produce inconsistent governance. A pragmatic stance is to centralise standards, controls, and measurement, while federating domain ownership of content and data products.

Controls that match the risk tier

Not all use cases need the same rigour. Drafting internal summaries has a different risk profile from sending regulated advice. Creating risk tiers for GenAI workflows can prevent overengineering low-risk pilots while making human oversight non-negotiable where impact is high.

Vendor and platform strategy as concentration risk

GenAI context layers can create lock-in through proprietary indexing, observability, or policy mechanisms. The question is not “single vendor good or bad”; it is whether the organisation can switch components without losing auditability, and whether resilience has been considered alongside cost.

Economics and metrics that survive production

Many pilots measure satisfaction and speed in a sandbox. Production demands economics that finance teams can defend, and metrics that risk functions can live with. The useful measures link model behaviour to workflow outcomes, not to model novelty.

Unit economics as the anchor

GenAI value is often clearest when expressed as cost per case, cycle time, or throughput per team. Example ranges seen in service workflows can be meaningful: a 10 to 25 percent reduction in handling time in a high-volume back office can justify serious investment, while a 2 percent gain might not survive the cost of governance and change management.

It is also worth pricing the context supply chain itself. Indexing, quality controls, content ownership, monitoring, and audits are ongoing costs, not one-off implementation line items.

Leading indicators that predict trust

Leading indicators tend to capture whether the system will scale without reputational damage. Examples include citation rate (how often answers point to approved sources), stale-content rate, permission violations blocked, and escalation frequency.

Lagging indicators that prove ROI

Lagging indicators should tie to operational outcomes: reduction in rework, fewer compliance exceptions, fewer customer complaints attributable to misinformation, or improved first-contact resolution. Where revenue impact is claimed, it helps to test whether conversion improves because of faster responses or because of better content quality.

Measurement discipline as a change lever

Metrics influence behaviour. If teams are rewarded only for speed, they may accept risky outputs. If teams are rewarded only for safety, adoption can stall. The interesting work is aligning incentives so that quality, throughput, and accountability coexist in the operating rhythm.

Risks that data readiness can reduce

Some risks are model-related, but many are data-related: leakage, incorrect context, and opaque provenance. Data infrastructure readiness is partly about preventing failure, partly about being able to investigate it quickly when it happens.

Regulatory exposure and auditability

In the UK and internationally, expectations around accountability, explainability, and data protection are tightening. Even when regulation is principles-based, organisations still need evidence: what data was accessed, what content was used, and what controls were applied. A context supply chain that cannot be audited is a fragile foundation for scaled adoption.

Reputational risk from confident wrongness

GenAI can sound certain when it is not. Data readiness reduces this by improving retrieval quality and by constraining what can be cited. It also supports safer interaction patterns, such as requiring citations for external-facing outputs, or routing ambiguous cases to humans.

Security risk through new interfaces

Conversational systems create new pathways for sensitive data exposure, even when underlying systems are secure. Controls need to include user authentication, permission checks at retrieval time, monitoring for anomalous queries, and rapid containment when a leak is suspected.

Operational risk from brittle dependencies

If an assistant depends on multiple sources, any outage or schema change can degrade performance in unpredictable ways. Resilience planning includes fallbacks: what happens when context is unavailable, and can the workflow degrade gracefully without staff inventing shadow processes?

A decision test for readiness

Readiness is not a binary. It is a set of design choices under uncertainty. The most useful test is whether the organisation can industrialise learning: improving the context layer, governance, and workflows without slowing to a halt or taking unmanaged risk.

Questions that expose real readiness

Can the organisation name the authoritative sources for a specific workflow, and retire the rest without political fallout?

Can an audit be run end-to-end for a single GenAI interaction: user identity, permissions applied, sources retrieved, content versions, and the final output?

Can content ownership be funded as an ongoing service, with service levels for updates and clear accountability for errors?

Can a pilot graduate to production with an operating cadence for monitoring, incident response, and continuous improvement, rather than relying on heroic individuals?

The uncomfortable question

If GenAI makes the organisation’s knowledge usable at scale, what becomes visible is not only insight, but also disagreement: competing definitions, outdated policies, and exceptions that were previously handled quietly. When that moment arrives, is the organisation prepared to choose a single version of the truth, and accept the consequences of making it explicit?