What is AI Orchestration? Discussing the seven tenets of commercial AI.

If you ask AI what AI orchestration is, you’ll get a broad definition along the lines of:

“the process of automating and coordinating different AI models, agents, and systems to create complex, efficient, and scalable workflows and applications”

While technically correct, it blurs the point of what AI orchestration actually is. AI orchestration is a necessary framework for using AI in production at enterprises. Enterprises have a few traits that make deploying AI models difficult: (i) sprawling reservoirs of contextual knowledge across departments, (ii) a massive employee base with diverse needs, (iii) complex compliance requirements, and (iv) a generally risk-averse culture. So while the goal of AI orchestration is automate and coordinate AI systems at scale, it effectively is a matter of overcoming legal, security, and technical hurdles that otherwise gatekeep AI from deployment. Without AI orchestration, AI that could trigger regulatory fines, cause a security exploit, or be uselessly inaccurate.

Effective AI orchestration involves tackling some (or ideally all) of the following sub-problems:

1. Integrations. Connect AI models to external data sources like databases, Salesforce, Google Drive, HR software, and other business tooling. Without these integrations, AI models can’t be actually embedded in the business’s current internal operations.
2. Permissions. When sharing data, enforcing permissions. Businesses, especially enterprises, can’t grant AI agents blanket access to information without violating compliance standards (e.g. SOC 2, PCI DSS, GDPR), internal policies, and likely customer contracts.
3. Agency. AI models are more powerful if they’re treated as autonomously-guided programs that can keep requesting information to deliberate on a problem, and then actually execute on that program by invoking an external process. Businesses want operators, not digital therapists.
4. Memory. AI agents have the capacity to learn from previous work and previous mistakes; otherwise, every AI-driven task would start from square one. With embedded memory, AI agents (or even just models) could more accurately make decisions.
5. Human-in-the-loop. Most businesses aren’t ready (and potentially will never be ready) to trust AI agents to do anything; there are ample reports of an agent accidentally deleting an entire database. Accordingly, AI agents need to be checked with human approvals.
6. Audits. Unlike humans, AI can do hundreds of things in a single minute. Data pulls, send emails, create reports, delete data, etc. These changes need to be stored, both to meet compliance obligations and provide businesses a peace of mind that everything potentially destructive is being tracked.
7. Scalability. AI agents are like humans—they perform better if they specialize in a task. Instead of an all-powerful sales agent, a Salesforce manager agent, an outreach agent, and a marketing language agent would be more effective. However, multiple agents need a system to communicate with each other. This also means that AI agents should be able to discovery each other; otherwise, they’ll have to be hand-puppeteered on what works with what.

Not every business requires all seven of these tenets, but most larger enterprises will (and virtually every business requires the first six). Without a comprehensive AI orchestration solution, solving these problems requires piecemeal solutions, creating an independent and hellish interoperability problem.

Unfortunately, many AI orchestration solutions (e.g. ChatGPT Enterprise, Glean, or Microsoft Copilot) only solve a subset of these problems. After understanding why these problems matter, we’ll explore why un-opinionated frameworks like Credal are necessary to tackle all seven of these sub-problems.

The Ultimate Goal

Before diving into the individual tenets of AI Orchestration, let’s remind ourselves of the actual goal of an orchestration solution. Enterprises want to embrace AI; that’s ever-clear from the headlines that have decorated discourse for the last few years. However, enterprises are businesses that need to see effective results.

In practice, that means that AI processes need to:

• Integrate with existing tools to actually work with their systems. Otherwise, AI is just adding more complexity than simplifying a process. An enterprise isn’t going to purchase a whole new CRM just to adopt AI.
• Be accurate enough that they can be trusted with work without human supervision; otherwise, AI is just adding a new process for humans to babysit. For instance, an enterprise won’t trust an AI recruiter that picks bad candidates.
• Additionally, AI must meet the compliance rules that an enterprise is following, otherwise legal will never approve of engineering projects. In general, enterprises are risk averse.

With these goals in mind, let’s understand the seven sub-problems that AI orchestration must solve to make this possible.

Orchestration Problem 1: Integrations

More specifically, integrations is an efficacy problem.

In theory, AI can be used to automate certain processes (Salesforce clean-up, product research, security auditing etc), but this requires AI to have integrate with the tools related to that process. This might be tools that are explicitly necessary for that process (e.g. Google Workspace to send emails) or have context on that process (a Confluence document on engineering procedures).

Without integrations, AI will end up being an isolated chatbot that employees need to constantly copy and paste information to and from, which is hardly efficient nor safe when sensitive information is at play. Additionally, AI isn’t just an input-output machine, but a potential brain to drive processes; all of these requires integrations.

Popular Integrations

While any integration has potential value, there are a few common ones:

• Application data, stored typically in databases (Postgres, MongoDB, Snowflake etc)
• Drive/document data, stored in Google Drive, Box, or Dropbox
• Customer data, stored in Salesforce and Hubspot
• Employee data, stored in HRIS solutions like Workday
• Engineering data, stored in Jira, Confluence, etc.

Integration Depth

Integrations don’t just need read access but also write access to actually take over work from employees. Employees don’t just query information, but change it. Integrations need to be set-up so that AI can do things like:

• Search sales information and alter fields in a client account
• Understand a team’s marketing strategy and create a marketing language dossier
• Understand the company’s codebase and issue a pull request
• Understand a company’s onboarding process and automatically provision a new employee’s credentials

Accordingly, AI Orchestration shouldn’t just integrate, but provide pre-build tools to simplify the process. This makes it easier for AI to actually carryout actions without having to triage rudimentary API documentation. For instance, a good AI Orchestration solution would have a tool like alter_Salesforce_record that an AI agent to invoke as an action.

Orchestration Problem 2: Permissions

More specifically, permissions is a legal and security problem.

Permissions are functionally a legal and security risk constraint on AI. Just as humans aren’t granted open access to any system or data, AI shouldn’t be either. While intuitive, there are a few explicit reasons: (i) permissions exist to meet regulatory obligations set by compliance standards like SOC 2, GDPR, and HIPAA, (ii) customer contracts might put constraints on how data is treated and safeguarded, and (iii) the principle of least privilege, where permissions are only granted when necessary, is a stronger security posture for minimizing attacks.

In other words, permissions are a non-negotiable constraint on sharing data with AI.

When thinking about permissions, there are two tenets to consider:

• AI cannot be used as an shortcut to access data by an employee that otherwise did not have access.
• AI most follow the Principle of Least Privilege, where minimal information is provided that’s necessary to do it’s job. However, AI also wants maximum context to make a decisions; businesses must find an equilibrium

What does this look like in practice? A sales rep shouldn’t be allowed to invoke a cold email bot to access the CRO’s private notes; likewise, a customer service agent shouldn’t be able to deploy a bot that access conditional customer data without an access grant.

Orchestration Problem 3: Agency

More specifically, agency is an efficacy problem.

AI needs to have agency. Otherwise, if it’s just an AI model that can make decisions according to a deterministic workflow of if and else statements, it can only do things explicitly outlined by humans. That forces humans to determine every possible thing that AI should be able to do ahead of time, without letting it think like as a human. If enterprises want to use AI to replace otherwise expensive human work, they need to give AI agency to enact actions without it needing to be puppeteered by a human. (That said, there is a place for determinism when a workflow needs to be predictable, but it shouldn’t be a universal constraint).

To enable agency, AI must be able to request data autonomously and call functions externally. However, there are two types of AI agents. There are custom agents where developers build an AI agent from the ground-up, giving it access to LLMs and data sources. While flexible, this isn’t the best approach for organizations that prefer to skip the rudimentary steps and focus on training an agent to do tasks. For those, an AI orchestration should provide a managed agent.

For example, you can launch an agent with Credal with instant access to your integrations. That said, there is a gradient here; agents launched with Credal are very open-ended, but many other orchestration platforms have sharp limitations on what an agent can do. For example, some solutions only allowed for managed agents that can do very specific things (e.g. manage Jira). While convenient, this design pattern is limiting since you can’t create agents around the specific context and roles it needs to perform.

Orchestration Problem 4: Memory

More specifically, memory is an efficacy problem.

AI agents (and AI chat) requires long memory, otherwise it won’t learn from previous runs. Accordingly, AI orchestration should manage memory to ensure that AI is produces accurate outputs and improves in the long-run; otherwise, AI solutions like customer support bots or code assistants will be untrustworthy to rely on.

Ideally, memory should be managed by an orchestration tool, as memory might need to be transferrable / portable, especially if memory includes sensitive information that’s specific to a user. Otherwise, that AI agent might always have poisoned context makes it inaccessible to other users with different access grants. Additionally, memory should also be something that other agents, deployed elsewhere in the stack but using the same underlying model, should use if permissions allow it.

Orchestration Problem 5: Human-in-the-loop

More specifically, human-in-the-loop is a security problem.

Bluntly put, AI has the possibility of being destructive. A human might make one big mistake an hour. An AI agent might make thousands in a minute. Accordingly, AI Orchestration should provide a human-in-the-loop mechanism to enable enterprises to avoid destructive actions at scale; this is the opposite extreme as the AI agency requirement, where too much agency could lead to problems, just as an employee with access to too many things can be dangerous if they ever go rogue.

To avoid destructive actions, which could either be the fault of the agent’s non-determinism or poor guardrails, AI orchestration solutions must offer tooling to enable human approvals before an AI agent does something potentially destructive. For example, perhaps all calls to a delete action, such as deleting customer records in a database, need to be approved by a human. An orchestration solution could make this easy for the administrative human by allowing them grant access to multiple actions at once.

Problem 6: Audits / Observability

More specifically, observability is a legal and security problem.

Because AI often involves dealing with sensitive information, and might do copious data transactions in a single second, it’s best practice to log data accesses, pinned to each agent, model, and invoking user. That way, in the case of an audit, data transactions can be linked to a user.

Generally speaking, auditing and observability is another legal and security requirement that is fulfilled by an AI orchestration solution.

Orchestration Problem 7: Scalability / multi-agents

More specifically, scalability is a legal, security, and efficacy problem

Scalability, unlike other tenets, isn’t concerned with legality, security, or even effectiveness of a generic AI process; rather, it’s a concern of all three issues as AI agents tackle increasingly complex tasks that span departments. Decent AI orchestration solutions focus on the first six tenets. However, great AI orchestration solutions ensure those tenets remain effective at scale.

In particular, scalability is possible when work is delegated to multiple AI agents that are able to collaborate together. Why? Because at scale, AI agents could falter given the massive amount of context available despite each task requiring only a subset of that context. In other words, Agents have a limited memory context—by flooding that context with all information across the company, the agent’s specialization becomes diluted. The solution is having multiple agents where each agent can specialize on a particular task and have its memory focused on that task.

Consider this practical example: an enterprise wants to build an AI-driven recruiting system. Instead of using a single agent overwhelmed with all recruiting knowledge, they deploy multiple specialized agents:

• A Resume Screening Agent specializes in parsing resumes and identifying qualified candidates based on job requirements
• An Interview Scheduling Agent handles calendar coordination between candidates and hiring managers
• A Technical Assessment Agent evaluates coding challenges for engineering positions
• A Candidate Experience Agent provides timely updates to candidates throughout the process

These agents work together through a coordinated workflow. The Resume Screening Agent might identify promising candidates and pass their information to the Technical Assessment Agent, which then sends qualified candidates to the Interview Scheduling Agent. Each agent maintains focused context on its specific task, making the entire system more efficient and effective than a single agent trying to handle everything.

Scalability involves everything

As systems scale, the available resources to each agent scales. This includes:

• Available Integrations
• Available Files
• Available Shared Context
• Other Agents

An AI Orchestration solution needs to be able to continue to expose this information to agents, in particular coordinating agent-to-agent interactions.

The problem with most AI orchestration solutions

There are many AI orchestration solutions on the market. Some are chat-heavy platforms like Glean that are centered more on integrations and permissions, but not complex agency problems. Others are workflow tools like n8n or Gumloop that have exceptional integrations, permissions, and agency, but don’t support multi-agent workflows.

Broadly speaking, the main issue with AI orchestration solutions is that they’re often designed as a point solution to a specific AI interface (e.g. chat, workflow builder etc.) as opposed to being a framework that tackles these seven tenets of AI orchestration head-on. This leads to compromises on a per tenet basis; for instance, Glean’s focus is on a AI chat search feature, which ships with fantastic integrations with feature-rich permissions, but the product also only supports limited, managed AI agents that can only do specific, pre-defined actions.

Rather, a great AI orchestration solution needs to treat these seven tenets as building blocks that engineers and IT departments can use to deploy AI that’s actually effective while remaining legal and secure. For instance, an enterprise should be able to build an AI-powered recruiting system where an AI recruiter agent and an AI scheduler agent work together to screen candidates and book interviews, while integrating with Workday, increasingly recruiting better candidates, and getting human approvals before making hires—all while meeting compliance data rules. A system like that is an effective replacement for an expensive internal recruitment team, but is only made possible by meeting all seven tenets.

A Closing Thought: Why We Designed Credal

From the beginning, Credal was designed to target these seven tenets. With Credal, you get pre-built integrations to Salesforce, Google Drive, Dropbox, and your other favorite tools with permissions mirroring and human-in-the-loop built in. Credal helps monitor accesses, providing necessary observability, and is designed to launch not only agents but multi-agent workflows. With Credal, agents have shared memory and can be scaled to tackle the complex tasks that we mentioned throughout this article.

If you’re interested in learning more about Credal or Credal’s mission, sign-up for a demo!

‍