Skip to content

CTO Path

Who it's for

CTOs and heads of engineering setting policy for how the org uses coding agents — not learning to prompt, deciding what is allowed to be automated and what remains human-owned.

Prerequisites

  • Authority over engineering standards, review policy, and tooling budget
  • One pilot team willing to run the operating model for a sprint
  • Existing delivery metrics you trust (or willingness to define crude ones)

Ordered modules

  1. Start Here — the operating loop this manual defends
  2. Responsibility Split — what never delegates cleanly
  3. What Not to Delegate — policy fodder
  4. Docs as Agent Memory — repo as the org's agent memory
  5. Quality Gates — CI and process gates that scale past heroics
  6. Reviewing AI PRs — review load will dominate; design for it
  7. Coordination — when teams go parallel
  8. Failure Catalog — org-visible failure modes to train on
  9. Case Studies index — pick two closest to your portfolio
  10. Engineering Manager path — what your EMs must own day-to-day

Exercises

  1. Draft a one-page agent policy: allowed tools, required artifacts (spec, CLAUDE.md), merge rules, and banned automations (prod credentials, force-push, etc.).
  2. Instrument one pilot team for two weeks: % PRs agent-authored, review cycle time, revert rate, incidents with agent-touched code.
  3. Run a tabletop: "agent merges plausible auth bypass" — which gate should have caught it? Fix the gap in writing.
  4. Choose templates the org standardizes on; link them from the eng handbook.

Capstone

Publish an internal RFC: agent operating model, responsibility split, mandatory quality gates, pilot results, and a 90-day rollout. Include explicit non-goals (what you will not automate yet).

Expected outcome

You can defend a concrete policy — not "use AI more" — with gates, ownership, and metrics, and your EMs know what "good" looks like without you in every PR.

A field manual for AI-native software engineering.