Stop-start app modernisation limits enterprise AI gains

A global survey by Thoughtworks and IDC found that most organisations still modernise applications in short bursts, even as they expand AI use across the business. The research links this stop-start approach to weaker returns on enterprise AI investment.

The survey covered 500 senior IT and digital decision-makers in the UK, the US, Germany and Asia Pacific. It focused on large organisations with more than 1,000 employees in manufacturing, finance, retail and life sciences. All respondents were from organisations that already use AI or plan to adopt it within two years.

Nearly nine in 10 organisations said they still modernise on a project-by-project basis rather than continuously. Only around two in 10 said their current approach delivers value. Just 12% reported running a fully continuous, AI-driven maintenance and modernisation model, which the research identifies as leading practice.

More than a third of respondents (35%) plan to shift to continuous modernisation within two years, driven mainly by the need for faster release velocity and greater agility.

Mismatch With AI

The findings point to a structural issue in many enterprise AI programmes. Organisations invest in AI tools and use cases while keeping operating models built for periodic upgrades and reactive maintenance. That can limit AI's impact, which often depends on frequent change and tight feedback loops between software delivery and operations.

Thoughtworks described a "critical disconnect" between AI adoption and the maturity of IT operations. AI use is widespread among large enterprises, but operational practices lag behind.

The benefits organisations most often seek from modernisation are also prerequisites for AI at scale. Respondents cited improved development speed, greater agility and reduced technical debt-factors that shape how reliably teams can change systems and maintain data quality over time.

What Leaders Do

The report distinguishes between organisations that treat modernisation as a one-off initiative and those that make it an ongoing discipline. More mature organisations build a continuous modernisation engine across application operations.

Among these more mature organisations, the research reported 45% faster product and feature releases. It also highlighted an "AI-led security" shift centred on AI-driven vulnerability management, which it associated with a 48% reduction in risk exposure.

The study also pointed to architectural outcomes. Leading organisations improved maintainability and scalability, with 36% reporting gains. Another 34% said they aligned IT more closely with business goals.

Josh Burks, SVP and Global Leader of Managed Services at Thoughtworks, said the change requires moving away from episodic upgrades.

"The era of intermittent application modernization is no longer sustainable," said Josh Burks, SVP and Global Leader of Managed Services, Thoughtworks. "Our research with IDC confirms that a reactive, project-based modernization approach leads to high costs, security vulnerabilities and significant people impact. To maintain a competitive advantage and deliver AI that works, organizations are moving away from risky one-off interventions and toward a model of continuous modernization."

Human In The Loop

Thoughtworks also pointed to uneven maturity in Asia Pacific despite strong AI uptake. It described an operating model that blends automation with human oversight for decisions that carry architectural and resilience risk.

Steven Yurisich, Regional Managing Director APAC at Thoughtworks, framed the shift in terms of delivery and governance across IT operations.

"Singaporean enterprises are at a crossroads. Intermittent modernisation is no longer viable for organisations competing regionally or globally. Continuous modernisation, not episodic projects, is what will differentiate Singapore's next generation of digital leaders," said Steven Yurisich, Regional Managing Director APAC, Thoughtworks.

IDC linked the pattern to security and operations functions, which are increasingly adopting AI-driven approaches. Jennifer Thomson, AVP Global Services Insights at IDC, said many organisations still lack the maturity needed to achieve the expected results.

"Enterprise security and operations are rapidly becoming AI-led, yet most organisations lack the maturity to realise the expected benefits. The shift we are seeing is a move toward a 'human-in-the-loop' strategy where human expertise is reserved for strategic architectural decisions and complex problem solving," said Jennifer Thomson, AVP Global Services Insights, IDC.

Contracts And Metrics

The research suggests procurement and measurement are also changing as organisations reconsider how they run application operations. Organisations are moving away from headcount-based pricing and towards commercial models tied to progress and outcomes.

In the survey, 56% said they want contracts tied to innovation milestones and continuous improvement mandates. Another 43% said they are seeking shared-risk models for modernisation initiatives. Success is also increasingly measured through value-based KPIs such as speed, resilience and customer experience, rather than uptime alone.

Thoughtworks outlined a 180-day action plan focused on proving value through pipeline intelligence, AI-guided remediation and workforce skills. It identified AI and machine learning literacy as the most critical skill across sectors, alongside people and process changes that shift modernisation from periodic projects to continuous operations.