ascendcore.ai
Back to BlogIT Strategy

Why 70% of IT Tickets Can Be Automated — And What's Stopping Most Teams

Most enterprise IT teams are manually resolving the same 12 ticket types on a loop. Here's the data on what's automatable, why teams haven't done it yet, and what changes when they do.

Jacob Kelly

Jacob Kelly

Founder & CEO, ascendcore.ai

April 18, 2026
7 min read

Ask any IT manager what their team spent the most time on last week and you'll hear some version of the same answer: password resets, MFA issues, account unlocks, VPN problems, and software access requests. Maybe onboarding a few new hires. Maybe chasing down a compliance report.

These are not complex problems. They are repetitive problems — and repetition is exactly what software is for.

Industry research consistently puts the automatable fraction of enterprise Tier-1 IT tickets between 65% and 80%. Gartner pegs it at 70%. Our own deployments land in the same range. The question isn't whether your team is doing automatable work. They almost certainly are. The question is why it hasn't been automated yet.

The anatomy of a Tier-1 queue

Across enterprise IT environments, the top ticket categories by volume are remarkably consistent:

  • Identity and access (35–40% of volume): Password resets, MFA re-enrollment, account unlocks, conditional access exceptions, group membership changes, guest user provisioning
  • Endpoint issues (20–25%): VPN connectivity, Wi-Fi configuration, Outlook/Teams cache problems, Intune compliance failures, device enrollment
  • Lifecycle management (15–20%): New hire provisioning, offboarding, license assignment, Jira/ServiceNow access requests
  • Software and access (10–15%): Application permissions, SSO configuration, license activation
  • Everything else (10–15%): The genuinely novel problems that actually require an engineer

That last bucket — the genuinely hard stuff — is where your L2 and L3 engineers should be spending their time. Instead, most are buried in the first four categories, fielding tickets that follow the same decision tree every single time.

What "automatable" actually means

When we say a ticket is automatable, we mean three things are true:

  1. The intent is classifiable. A well-trained language model can reliably identify what the user needs from their natural-language description with high confidence (>90% in our experience for the top 20 ticket types).
  2. The resolution is deterministic. Once you know the intent, the fix is a defined sequence of API calls — reset Okta TOTP factor, push Intune VPN profile, assign M365 license. There's no judgment required.
  3. The risk is bounded. The action can be executed with pre-checks, validated, and rolled back if something goes wrong. It doesn't require touching production databases or making irreversible decisions.

Identity and access tickets score high on all three criteria. They're the lowest-hanging fruit in any IT automation initiative.

So why hasn't it been automated?

We've talked to hundreds of IT leaders about this. The blockers are almost never technical. They're organizational and architectural.

Blocker 1: The integration problem

Automating a password reset sounds simple until you realize it requires touching Okta, writing back to ServiceNow, notifying the user in Slack, and logging to your SIEM — all in one atomic workflow. Most teams don't have a unified orchestration layer that spans their stack. They have tools that don't talk to each other.

Blocker 2: The trust problem

IT teams are rightly cautious about automation touching production identity systems. "What if the AI does something wrong?" is a legitimate concern. But it's a solvable one — with human-in-the-loop controls, simulation passes before execution, and immutable audit logs. The issue is that most teams haven't been shown what safe automation looks like.

Blocker 3: The prioritization problem

Building automation takes time, and the queue never stops. The engineers who would build the automation are the same ones handling the tickets. It's a classic "too busy chopping wood to sharpen the axe" situation.

Blocker 4: The maintenance fear

Teams that have tried to build automation in-house often got burned by brittle scripts that broke every time a vendor changed an API. The lesson they took away was "automation is fragile." The real lesson was "DIY automation without proper runbook management is fragile."

What changes when you automate

The ROI math is straightforward. A typical L1 ticket takes 20–35 minutes of engineer time from receipt to close. An automated resolution takes 30–60 seconds. At 3 tickets per employee per month across a 500-person company, that's 1,500 tickets monthly. Automating 70% of them reclaims roughly 350 hours of engineer time — every month.

But the second-order effects matter more:

  • SLA performance improves immediately. A 4-hour SLA becomes a 52-second resolution. Employees notice. Satisfaction scores move.
  • L2/L3 engineers get their focus back. When the queue stops demanding constant attention, engineers can work on the infrastructure improvements, security hardening, and strategic projects they've been deferring for years.
  • Compliance posture improves. Every automated action creates an immutable audit record. You stop relying on engineers to manually document what they did and when.
  • Toil stops compounding. Headcount growth no longer means linear growth in IT ticket volume burden. You've broken the ratio.

The right way to start

Start with observe mode. Don't automate anything on day one. Let the system watch your incoming tickets for a week, classify them, and show you what it would have done. Review the recommendations. Build confidence in the classification accuracy. Then enable human-in-the-loop for your top three ticket types — where the AI stages the fix and a human approves it with one click before anything touches production.

Most teams graduate to autopilot for their safest ticket categories within 30–60 days. The rest follows.

The 70% figure isn't a ceiling. It's a starting point.

Ready to see it in action?

Start automating your Tier-1 queue

Deploy in 48 hours. See your first automated resolution the same day.

See Plans & PricingExplore Features

More from the Blog

IT StrategyApril 25, 2026

Why Horizontal AI Platforms Keep Failing IT Operations Teams

General-purpose AI automation platforms promise to do everything — IT, HR, Finance, Customer Service. Here's why that breadth is exactly the problem for IT ops teams, and what a purpose-built approach actually looks like.

7 min read
Buyer's GuideApril 15, 2026

The IT Automation Vendor Evaluation Checklist for 2026

Not all IT automation platforms are built the same. Here's the framework our customers use to separate real orchestration from glorified scripting — and the questions that expose vendor weaknesses fast.

9 min read
Jacob

Jacob @ ascendcore.ai

Founder · Ask me anything

Jacob

Hey! I'm Jacob, founder of ascendcore.ai. Ask me anything about how we automate your IT help desk — or just say hi.