With AI-assisted programming, non-technical employees can create their own business applications.
Why this should excite, and also possibly concern you, as a business leader.
The Gates Are Open
Up until very recently, computer programming has had a rather high barrier to entry. Creating a functional piece of software that could be deployed in a corporate environment would take an experienced, skilled software developer (or possibly team) months or even years. This has all changed. With the advent of AI tools such as Claude Code, building your own tools has never been easier, and this concept of “vibe coding” has gained popularity. With reports that Claude Code can build a dashboard in under an hour, and that 19 out of 20 code outputs work on the first attempt, it offers an excellent gateway for non-technical staff to bring their software ideas to fruition.
Full Steam Ahead!
Well, not so fast.
While it may be extremely tempting to start crafting workflow optimizations that will knock everyone’s socks off at the next quarterly meeting, let’s zoom out and look at the bigger picture. Here are some things that your organization should consider before deploying your own apps.
1. Corporate Accounts
If your employees are going to build apps that they want to deploy at your organization, they should do so in a tool that is owned by your business. This will create a central area where team members can work on their software projects. You want to avoid the scenario where staff use their personal accounts to create apps, deploy them as part of a critical workflow, and then one day leave, taking all knowledge and their source code with them.
2. Consider Costs
AI usage is measured in “tokens”, which is like “words” as a crude over-simplification. You get charged for inputting tokens, and charged for the AI to output tokens (i.e., your code). Without limits in place, it’s possible to spend a lot of money on AI tokens, so ensure that you have established budgetary controls.
3. Acceptable AI Use Policy
When using popular cloud-based AI tools, you should be aware that anything that you input into the system could potentially be used to train their LLM models. This actually happened to Samsung, when well-meaning engineers entered confidential information into OpenAI. Although paid tiers of AI tools claim that they will not train on your data, terms of services could be changed at any time, so it’s best to simply have an org-wide policy to not enter sensitive information into AI tools, and to only use approved AI tools.
4. Create a Scoping Document
Software development is a project, and like any project, you should have a written plan. What business objectives will this achieve? How will this software scale with the organization? What systems or workflows will be impacted? As your scope changes, update your plan to reflect those modifications. While a full functional specification document would be ideal, a high-level scoping document should be a minimum requirement.
5. Have an Approval Process
It’s possible that any new software you develop could interact with other systems or even require permissions, such as the ability to read emails. Your organization should have an approval process to obtain sign-off from senior leadership before developing this functionality. Good thing you prepared that Scoping Document in the previous step. 🙂
6. Maintain Your Source Code
It’s risky to treat your cloud-based AI tool as permanent storage that will keep your code forever. You should regularly back up your source code to your own systems. In addition, code should be version-controlled so that changes can be properly documented.
7. Reduce Key-Person Dependency
If code is being written solely by one team member, and they are the only one who understands how the software is supposed to work, what happens if they leave? It’s prudent to train at least two other people to know how the software functions.
8. Get Expert Eyes On It
AI makes mistakes, and if those mistakes are security-related, it could have significant consequences. Before pushing your code to production, it should undergo a code review by an experienced software developer to find gaps or vulnerabilities. Although there is a cost to this, it would be a fraction of having a software dev team create this app for you, and/or remediating a security breach.
Next Steps
If your employees are already exploring AI-assisted programming, you should consider these guidelines before they get too far into their journey.
Are your employees not yet engaged in AI-assisted programming? Great, now is the perfect time to start laying the groundwork. Don’t wait until your employees come to you with a fully functioning app and ask to deploy it at your organization, which could put you in a difficult situation. Set clear expectations upfront and have systems in place to ensure you safeguard your organization while also promoting your employees’ initiative and creativity.
Want to chat about how to prepare your organization for “vibe coding”? Feel free to contact us with any specific questions.