Continuity of Judgment and Cooper's Gate, Revisited
Two AI safety researchers built a checkpoint system for verifying agents before deployment. It has no name in their paper. Cooper called it Stage-Gate in 1988.
I spent an evening trying to coin a term. "Continuity of judgment" felt right, specific enough to mean something, unclaimed enough to be mine. It wasn't. A quick search turned up "Decision Continuity Gap," a governance consultant's term for fragmented AI decision records, and "Judgment Assurance," an EU AI Act-adjacent framework for who owned a judgment call when AI was advisory. Neither is exactly what I meant. Both were close enough that claiming the ground as empty would have been wrong, and would have been the kind of overclaim a careful reader catches in one paragraph. I'm telling you this before I tell you anything else because it's the method, not a confession: if you're going to write about how ideas move through time without anyone noticing they've moved, the first discipline is checking whether your own idea already has.
The second thing I found, checking further, is more useful than my own naming miss. It's a pattern that keeps happening, independently, across domains that never spoke to each other, and it's happening again right now, in AI governance, in front of researchers who don't seem to know it's happened before.
Where the gate comes from
In the mid-1980s, Robert G. Cooper, then a professor studying why new products failed, published research on roughly 200 development projects across major firms. The pattern he found was structural: projects didn't die from bad ideas, they died from momentum.
Nobody stopped them at the point where stopping was still cheap.
His answer, published in 1990 and refined across decades since, was what he named Stage-Gate: divide development into stages, and separate each stage with a gate, a defined decision point where a project is formally continued, killed, held, or sent back, based on criteria set in advance rather than whoever's still in the room.
Worth being precise here, because a tidier story exists and it isn't true. Stage-Gate did not come from McKinsey. It has no consulting-firm origin at all. It came from one researcher's empirical study of failure, and its earliest documented conceptual precursor, per a single source I haven't yet independently corroborated, is NASA's five-stage phase-review process from the 1960s. I'm flagging that source count on purpose, since the difference between one citation and settled fact matters more in this essay than in most.
Cooper never treated the model as finished. By 2014 he was blunt about it: "too many companies are still using the stage-gate system from the 1990s." He spent the next several years building an Agile-Stage-Gate hybrid, revising the thing he invented because it had started to calcify. Thirty years in, still doing the work. That's the actual claim this essay makes about gates in general: not a solved answer, a structural response that has to be re-earned in every domain that discovers it needs one.
The same gate, rebuilt, unlabeled
In June, two researchers, one at Golden Gate University, one at Novartis, published a framework for verifying AI agents before they're allowed into production. Their problem: an AI agent making insurance decisions, executing trades, or triaging patients can be tested for capability, but capability isn't the same as safety, and by the time an agent is live, verification is too late to matter. In the section where they survey everyone else's work on this problem, they say plainly that "no analogous standard yet exists" for this problem, which is either an admission or an invitation, I haven't decided which. Their solution has three parts, but the one that matters here is what they call the Simulation Gate. An agent is run through a battery of scenarios, and the results produce a graduated verdict: Approved, Conditional, or Rejected. Approved deploys. Rejected is blocked outright, enforced at the infrastructure level so application code can't route around it. Conditional requires a human at a defined authority level to sign off before anything moves forward.
Read that again next to Cooper's gate: continue, kill, hold, recycle, decided against criteria set before anyone's emotionally invested in the outcome. Same mechanism, same shape. Three outcomes instead of four, a threshold instead of a committee vote, solving the same problem in a different building: stakes are high, complexity exceeds what one person can hold in their head, catching a failure late costs far more than catching it early.
Here's the part that made me want to write this. The section where they survey the field is long, and it cites six major AI governance frameworks and standards bodies, the kind of list that signals real literature awareness. It does not cite Robert Cooper. It does not mention Stage-Gate, despite reconstructing a remarkably similar mechanism. At least in this work, the lineage appears to have been independently rediscovered rather than inherited.
Two researchers reconstructed a forty-year-old governance mechanism without drawing on its documented lineage.
That's not a coincidence you can wave away with "great minds think alike." It's a signal about the problem itself. When the same answer shows up twice in domains with no contact, it's usually because the conditions forced it, not because anyone chose it for style. Cooper found it in factories. AI safety researchers just found it in software. Nobody planned the convergence. The conditions produced it independently, twice, and I'd bet it's happened more than twice, in domains I haven't looked at yet.
Where I stop knowing and start guessing
I want to mark the line here, plainly, because everything above this point is something I can defend and everything past it is something I believe but can't yet prove. The defensible claim: gate-based governance, defined checkpoints with kill authority, is a pattern built into the shape of a certain kind of problem, one where stakes, complexity, and the cost of late failure all cross a threshold together, and it has now demonstrably recurred in AI agent verification without anyone involved knowing its history. What I can't yet defend, and won't claim as settled, is that this pattern is the correct or complete answer for AI accountability specifically. Agentic systems may break the model in ways physical products and enterprise software didn't, faster iteration cycles, emergent behavior across chained agents, failure modes that don't resolve to a single pass/fail scenario. That's an open question, not a footnote I'm hiding. It's the actual research problem underneath this essay. I don't have it solved. I'm not sure anyone does yet.
What I built, not knowing it was the same thing
Before I read the Simulation Gate paper, I'd already built something with the same bones, for a different problem: governing how enterprise decisions move through an organization, not how AI agents move through deployment. It's a six-gate system. A "Decision Package," the unit that carries evidence, risk, approvals, and audit history, moves through gates named for what has to be proven at each one: identification, strategic fit, business case, technical validation, go-to-market readiness, launch and scale. Every gate runs the same four-part engine, evidence, rules, human judgment, decision, and every decision becomes an immutable audit record.
Same shape, three names, forty years apart:
| Cooper (1990) | Simulation Gate (2026) | Decision Package (mine) |
|---|---|---|
| Continue | Approved | Pass |
| Hold | Conditional | Review |
| Kill | Rejected | Reject |
I didn't set out to build a Cooper-style gate system. I set out to solve a specific, boring problem: too many decisions in my organization moved on informal trust rather than defined criteria, and nobody could reconstruct, months later, why a call had been made. The gate structure is what that problem produced, the same way it produced Cooper's system in the 1980s and the Simulation Gate this year. Three domains, three decades apart in two of the three cases, no direct lineage between any of them, and the same architecture keeps arriving.
That's the actual claim of continuity of judgment, stated plainly instead of philosophically. It isn't that AI remembers or that memory equals continuity, I've argued elsewhere that those are different things entirely. It's that judgment, the discipline of deciding well under real stakes, keeps rediscovering the same scaffolding to protect itself, in whatever domain it shows up, because the alternative, informal trust with no checkpoint, fails the same way every time. Gates get revisited because judgment keeps needing the same thing from them: a place to stop, check the evidence, and decide on purpose instead of by momentum.
They're not finished being revisited. Cooper spent thirty years revising his own gate and still called it unfinished business. The Simulation Gate researchers are years away from being done with theirs, if research like this is ever done. Mine isn't close.
Cooper was studying why products failed. The two researchers in June were studying why AI agents fail. Neither one set out to answer the same question the other was asking. What they actually ran into, from opposite directions, forty years apart, is that judgment doesn't scale on its own. It needs somewhere to stop and check itself, or it stops being judgment and starts being momentum with better paperwork. That's the continuity. Not memory, not the mechanism, the pressure underneath all three systems that keeps forcing the same answer out of people who've never spoken to each other.
What this means if you run partnerships, governance, or GTM
Gates keep reappearing because informal trust doesn't survive scale. If your organization is making high-stakes calls, partner approvals, deal structures, product launches, on momentum rather than defined checkpoints, you already have the failure mode Cooper found in the 1980s and the AI researchers found this year. You don't need to wait for someone to build the perfect gate system. You need one gate, with real kill authority, at the one point in your process where a bad decision currently survives too long. Start there.
Sources
| Source | Cited for |
|---|---|
| Cooper, "Stage-Gate Systems: A New Tool for Managing New Products" (1990) | Origin of the gate model |
| Cooper, "What's Next? After Stage-Gate" (2014) | Cooper's own admission the model needed revision |
| Cooper & Sommer, "The Agile-Stage-Gate Hybrid Model" (2016) | The 30-year revision history |
| Project Production Institute | NASA precursor claim (single-sourced, unconfirmed) |
| Thanh Luong Tuan & Sanyal, arXiv:2606.04037 (2026) | The Simulation Gate paper, this essay's central discovery |
Jack Roche writes Roche on Strategy, on enterprise AI governance, partnerships, and judgment under pressure. Twenty years in enterprise software, operating and advising across strategy, partnerships, and governance. More at rocheonstrategy.com.
Related governance posts
- In draft · ForthcomingThe operating model is the strategy.Strategy documents describe what a company intends to do. The operating model describes what it is capable of doing. The gap between them is where most enterprise software companies lose the decade.
- In draft · ForthcomingPartner ecosystems compound. They are almost never built.The companies with durable ecosystems did not run a program. They made a small set of decisions about which partners mattered, then repeated those decisions for years. A note on what those decisions look like up close.
- In draft · ForthcomingAI inside enterprise software is a governance problem.Model capability is not the constraint. Data rights, customer trust, and internal accountability are. Companies that settle those questions early end up with a different product, and a different sales conversation.
