Module M8 · Data & AI Master Plan · TOM, Maturity & Steering · 2026
Module 8 · ½ day · Capstone module

Data & AI
Master Plan

Maturity L1→L5 · TOM · 3-year roadmap · ROI · CDO Steering

The Data & AI Master Plan is not a technical document — it is the strategic roadmap that aligns the ambitions of the C-Suite, the capabilities of the IT department, and the regulatory constraints into a concrete 3-year trajectory. This module provides the keys to build, present, and steer this plan at the Executive Committee level.

Learning Objectives
01Assess your organization's Data & AI maturity across 5 levels — and identify priority levers
02Build the Data & AI Target Operating Model (TOM): RACI, CoE, decision rights, funding model
03Structure a 3-year roadmap: milestones, dependencies, quick wins, and multi-year investments
04Present a Data & AI ROI business case to the Executive Committee: strategic axes, value drivers, steering indicators
C-Suite · Executive Committee CDO · CIO Transformation PMO Business Line Directors Capstone module · all previous M
Pejman Gohari · CDO · Chief AI Officer · ORBii
IT Data & AI Master Plan KLESIA 2026-2028 · TOM Generali Solvency II · Data & AI Factory Bpifrance (200 FTE / 30M€) · GenAI roadmap co-build BCG/BPCE SI · Author DUNOD · IESEG
academy.orbii.tech
ORBii.Academy · M8 · Data & AI Master Plan · TOM, Maturity & SteeringConfidential · 202601
M8 · Data & AI Master Plan · 02
Section 1

The maturity model — Where do you stand across the 5 levels?

Before building a master plan, you need to know where you stand. The maturity model enables you to objectively position your organization across 5 key dimensions — Governance, Organization, GenAI/LLM Platform, Agentic AI, Security & Identity — and to identify the priority gaps to address.

L1
Initial
No governance. Isolated POCs with no path to production. No documented AI strategy.
L2
Managed
Documented AI vision. First LLMs in use. Manual oversight. Initial skills trained.
L3
Defined
Standardized platform. RAG in production. IAM for AI. Clear TOM. Defined roles (CDO, Data Owners).
L4
Quantified
Metrics-driven steering. AI agents in pilot. Non-human identity management. Continuous improvement.
L5
Optimizing
AI-native culture. Multi-agent orchestration. Self-correcting systems. Sector leader.
TARGET TRAJECTORY · 3-Year Master Plan L1 · Initial L2 · Managed L3 · Defined ★ L4 · Quantified L5 · Optimizing Typical starting point L1-L2 Target 18 months · L3 Target 36 months · L4
Dimension L1 · Initial L2 · Managed L3 · Defined ★ L4 · Quantified L5 · Optimizing
Governance & Strategy No AI strategy. Ad hoc budget. No ethics policy. Documented vision. Annual budget. Ethics awareness. Formal strategy + exec sponsor. Multi-year roadmap. Published ethics policy. AI oversight at Board level. ROI-driven. Active ethics board. AI-first in group strategy. Continuous investment. Regulatory leadership.
Organization & TOM No dedicated AI team. Siloed experiments. Unclear ownership. Small AI team. Recruitment plan. Draft RACI. CoE established with clear scope. Structured training. Defined roles. Federated CoE model. AI embedded in BUs. Active champions. AI in all functions. University partnership. Job evolution tracked.
Platform & Data No platform. Unstructured data. No MLOps. First pipelines. Initial Vector DB. LLM via external API. RAG in production. Data governance. Operational catalog + lineage. Fine-tuning. Model registry. A/B testing. AI FinOps. Self-healing data pipelines. Automated evaluation. Infra leader.
Agentic AI No agents in production. Unframed experimentation. First agent POCs. Manual oversight. No structured HITL. MCP architecture. Defined HITL. Documented agent governance. Non-human identity management. Agents piloting on 3+ use cases. Multi-agent orchestration. Self-correcting systems. Industrial AgentOps.
Security & Identity No AI controls. Shadow AI undetected. Unaudited permissions. AI security awareness. Basic guardrails. IAM in progress. Agentic IAM. 3 layers: AuthN/AuthZ/Secrets. PII data lineage. Structured NHI management (45:1 ratio). Automated credential rotation. Native AI zero-trust. Continuous audit. Predictive compliance.
🎯
The realistic goal of a 3-year master plan in banking: Move from the current level (often L1-L2) to L3 across all dimensions, with peaks at L4 on priority strategic axes. Aiming for L5 in 3 years is unrealistic except on a very narrow scope. The realistic trajectory: L2 → L3 in 18 months · L3 → L4 in 36 months.
ORBii.Academy · M8 · Data & AI Master Plan · TOM, Maturity & SteeringConfidential · 202602
Protected Content

You have viewed the preview of this module (first 2 pages).
To access the full content, enter your access code or request access.

6 pages remaining Personal link · Valid 24h