Across twelve AI usage audits conducted in Irish organisations over the past nine months, the shadow AI footprint is larger, more concentrated, and more exposed than most leadership teams expect. Here is what the pattern looks like.
TL;DR. Across 12 Irish AI usage audits: observed adoption ran 35–70% (vs. leadership estimates of 5–20%), client data had been entered into consumer-terms AI tools in half of cases, and embedded AI in sanctioned tools is the largest invisible footprint. Sanctioned alternatives are the only durable fix — prohibition without alternative returns exposure to baseline within six months.
Across twelve AI usage audits we have conducted in Irish organisations over the past nine months — covering professional services firms, regulated entities, public-facing bodies, and mid-market commercial operations — the shadow AI footprint has been consistently larger, more concentrated, and more exposed than the leadership team expected at the outset.
Aggregated patterns rather than individual case data are reported here. The findings are reasonably stable across sectors. Where they diverge by sector, the divergence is noted.
What "shadow AI" actually means in an Irish organisational context
The term covers AI use that is not visible to the organisation's IT, compliance, or governance function. In practice that means three categories: consumer AI tools used on personal accounts (the largest), AI features embedded in sanctioned enterprise software that have been activated without explicit governance review (the most ambiguous), and AI tools brought in by specific functions outside the central procurement process (the smallest but most likely to involve sensitive data).
The framing matters because the response to each category is different. The consumer tool category is primarily a literacy and acceptable-use question. The embedded-feature category is primarily a procurement and governance review question. The functional procurement category is primarily a discovery and rationalisation question.
What the twelve audits found, aggregated
Adoption is wider than estimated by leadership in every case. Across the twelve audits, leadership estimates of staff using AI tools at work ranged from "a handful" to "perhaps 20%". Observed adoption ranged from 35% to over 70% of knowledge-worker staff. The gap is not driven by deceptive staff; it is driven by leadership underestimating how broadly tools have spread since the consumer release of capable models in late 2022.
The active tool list is shorter than expected. The number of distinct AI tools in use across an organisation typically clusters at five to nine. ChatGPT, Microsoft Copilot (where licensed), Claude, Gemini, and one or two sector-specific tools — usually transcription, research, or vertical-domain assistants — account for the majority of identified use. Long tails of obscure tools were uncommon.
Client and confidential data has been entered in roughly half of cases. In six of twelve audits, we identified clear evidence that client or commercially sensitive data had been entered into AI tools used on consumer terms — meaning data terms that permit the provider to use inputs for model training or quality assurance. The volume varied widely. The pattern of which data tended to be entered was not random: client correspondence requiring summarisation, meeting transcripts requiring action-item extraction, and technical documents requiring translation or simplification.
The functions doing the most AI work are not the ones leadership assumed. Marketing and communications functions were assumed to be heavy users in most cases and were. The under-recognised heavy-user functions were: legal and compliance (research and drafting), HR (communication drafting and policy interpretation), and finance (analysis interpretation and reporting drafting). In several audits, the highest-intensity AI use was in functions that leadership considered conservative.
Embedded AI in sanctioned tools is the largest invisible footprint. Microsoft 365 with Copilot, Adobe Acrobat with its AI assistant, document management platforms with embedded summarisation, and CRM systems with AI-assisted drafting are all live in most audited organisations. In most cases these features were activated by default or via routine update, without an explicit governance review. The data exposure here is generally lower than the consumer-tool category but the governance question is more interesting: the organisation has provided the tool, the tool has AI capability, and the responsibility for use is more clearly on the organisation rather than the individual.
The literacy gap correlates with the data-exposure risk. In organisations where AI literacy was demonstrably below the level required by Article 4, the rate of sensitive-data exposure was materially higher. This is intuitive and consistent across audits. Staff who do not understand the distinction between consumer and enterprise terms make exposure decisions accordingly.
What this implies for governance posture
Three implications recur across the audits.
Treat the discovery work as the first deliverable, not a precondition. The first useful output of an AI governance programme is the inventory of what is actually in use. Most organisations attempting to build governance frameworks before completing the discovery end up with policies that do not match the reality of use. The result is documentation that is unenforceable because it does not address the actual exposure.
Distinguish the categories before designing the response. The consumer-tool category requires literacy, acceptable-use clarity, and an enterprise-grade alternative for staff who need AI capability for work. The embedded-feature category requires a procurement and configuration review. The functional procurement category requires a rationalisation conversation function by function. A single AI policy that does not distinguish these categories will be ignored.
Provide a sanctioned alternative or expect the shadow use to persist. The single strongest predictor of whether a shadow AI audit reduces exposure over time is whether the organisation provided a sanctioned, enterprise-grade alternative within ninety days of the audit. Organisations that responded with a prohibition-only policy and no alternative saw exposure rates return to baseline within six months. Organisations that provided a sanctioned alternative — typically Microsoft Copilot, Claude Teams, or ChatGPT Enterprise, depending on existing stack and budget — saw sustained reductions.
The reason is straightforward. Staff using AI for work are doing so because the AI helps them with the work. A prohibition without an alternative does not reduce the underlying demand; it pushes the use further into the shadow.
What boards and executives should be asking
The questions are operational rather than strategic.
- What is our current AI inventory, and when was it last refreshed?
- What proportion of our knowledge-worker staff are using AI tools at work, by function?
- What is the data-handling posture of the tools in use — consumer terms or enterprise terms?
- What sanctioned alternative do we provide, and for which roles?
- What is our Article 4 literacy posture by the same role mapping?
The questions are answerable in writing in a single session with a competent operational lead. Organisations that cannot answer them are not in a position to credibly engage with the AI Office of Ireland or a competent authority on AI Act obligations from August onwards.
The thing to avoid
The pattern we have seen most often that does not work is leadership reading the audit findings as a discipline issue. They are not. They are an under-provisioned-capability issue, with a literacy overlay, in a regulatory environment that has shifted faster than internal governance. Treating staff who used AI without a sanctioned alternative as the problem misreads the cause and the durable fix.
Acuity AI Advisory delivers shadow AI audits and governance reviews for Irish organisations preparing for Article 4 supervision, EU AI Act conformity work, and the opening posture of the AI Office of Ireland. Vendor-neutral, fixed-fee, with senior delivery.