Operational Drift
The gradual divergence of an engineering system's actual state from its governed operational intent, accumulated across multiple sessions and decisions over time.
Definition
Operational drift is the gradual divergence of an engineering system’s actual state from its governed operational intent. Unlike context drift, which occurs within a single AI-assisted session, operational drift accumulates across many sessions, many decisions, and many engineering contexts over time.
A system is in a state of operational drift when its implementation no longer reflects the governing decisions, architectural constraints, and operational standards that were established for it — even if those decisions and standards were never formally rescinded.
How Operational Drift Accumulates
Operational drift is rarely caused by a single decision. It accumulates through a pattern of individually small divergences that compound over time:
- A dependency is updated outside the approved version constraint, “just for this sprint”
- An architectural boundary is crossed in one service, then normalized across others
- A governance-required review is skipped under time pressure, once, then routinely
- A new engineer joins and makes decisions based on the current implementation, not the original governed intent
Each individual divergence may be minor. The compound effect is a system whose actual operational state has drifted significantly from its governed intent — with no record of when, how, or why the divergence occurred.
The Traceability Problem
What makes operational drift particularly damaging is the absence of a traceable record. If each divergence had been documented — captured as an append-only record in the operational corpus — the drift would be visible. Engineers could review the lineage, understand the history, and make informed decisions about whether to accept or correct each divergence.
Without an append-only corpus, the divergences are invisible. The system is in an unknown state relative to its original governed intent.
Prevention vs. Detection
Operational drift can be managed at two points:
Prevention: governance-first workflows with active Rules and Roles constrain the scope within which drift can occur during any given session.
Detection: convergence validation at release gates surfaces accumulated drift before it reaches production.
Yanzi addresses both. The append-only corpus makes accumulated drift visible. Certification checks confirm that drift has not exceeded governance boundaries at release time.