Whoever Writes the Eval Owns the Product
The eval set is not a quality artifact. It is the operative specification of an AI product. Whoever curates the failure cases makes the product decisions, regardless of what the PRD says.
Quick take. The eval set is not a quality artifact. It is the operative specification of an AI product. Whoever curates the failure cases makes the product decisions, regardless of what the PRD says. If you cannot name the person responsible for your eval set, you cannot name the person responsible for your product.
The demo is fine. The investor deck is fine. The behavior in staging is fine, most of the time. Production keeps slipping by another sprint because nobody on the team can finish the sentence "the product is correct when ___" without opening a notebook and showing you ten test cases. That is the moment the product has a specification problem, and the specification is not in the PRD.
Most AI product teams have crossed this line without noticing. The demo-to-production stall pattern looks like a confidence problem, then a tooling problem, then a model-choice problem. Each diagnosis points back at the same blind spot. Somewhere in the team, somebody started writing down "what good output looks like" in a file that runs as code. That file is now the spec. The PRD is now a marketing document.
This article is about who owns that file, what they actually own when they own it, and how to make the ownership match the org chart instead of the other way around.
When the spec moves and nobody tells the org chart
Three months into a serious AI product effort, a pattern shows up. The product manager describes the feature in capabilities ("the assistant should summarize legal contracts and flag risk clauses"). The engineer describes the feature in regressions ("we got the contract-length-over-50-pages case back to passing, but Spanish-language inputs broke again"). The two descriptions stop overlapping. They are describing different things.
The PM is describing the marketed product. The engineer is describing the operative product, which is the set of inputs the team has decided count as in-scope, the set of outputs that count as correct, and the set of failure cases the team has decided are tolerable for now. That second description is the eval set. It is a structured artifact, usually living in a Jupyter notebook or a YAML file or a tests/eval/ directory, and it answers the question the PRD does not answer: what is the product supposed to do, with what tolerances, on which inputs.
The eval set is the product specification because the model is the executor. When you write classical software, the engineer reads the PRD and translates intent into code; the engineer is the interpreter. When you build an AI product, the model is the interpreter, and the model interprets the eval set, not the PRD. Every failure case curated into the eval is the team telling the model "this matters, optimize for it." Every failure case left out is the team telling the model "this does not matter." Whoever decides which cases go in and which cases come out is the person specifying the product.
That person is almost never the PM. It is almost never the org-chart product owner. In most AI product teams, it is an ML engineer or a QA lead, picked because they happened to know how to set up an eval harness when the team first needed one. The product authority moved with the eval set. The org chart never updated.
The mechanism: why the model executes the eval, not the PRD
The reason this shift is invisible is that it feels like a tooling decision. Setting up an eval framework looks like the same kind of work as setting up unit tests. You pick a runner. You write a few cases. You wire it into CI. None of that looks like a product-ownership move.
The mechanism that makes it a product-ownership move runs underneath, in three connected ways. First, the eval set defines "correct output." A non-AI product has correctness defined by behavior matching a deterministic spec. An AI product has correctness defined by output passing a set of eval cases at a chosen threshold. Below the threshold the product fails; above it the product ships. Whoever picks the cases picks the definition of correctness.
Second, the eval set defines the optimization target. A team using eval-driven workflows iterates by changing prompts, fine-tuning, or swapping models, then running the eval. The change ships if the score goes up. The score is the eval set. Every iteration optimizes against whatever the eval includes, and silently sacrifices anything the eval excludes. The Spanish-language contract case left out of the eval gets worse with every shipped iteration, because nothing in the optimization loop is looking at it.
Third, the eval set defines the acceptable-failure boundary. Every AI product has a probability distribution of bad outputs. The eval set is where the team writes down which bad outputs are tolerable, which are unacceptable, and at what rate. The PRD might say "the assistant should not give legal advice"; the eval set is where someone has decided whether "this looks like it could be construed as legal advice if read uncharitably" counts as a failure or a pass. That decision is product policy. It has legal implications. It has trust implications. It is usually being made by whoever wrote the eval, which is usually not whoever the org chart has decided is accountable.
The published research on production AI eval methodology converges on the same pattern. Anthropic's "Demystifying evals for AI agents" makes the distinction operationally explicit: capability evals ask what an agent can do well, regression evals ask whether the agent still handles all the tasks it used to, and the two have different artifacts, different update cadences, and different purposes. The OpenAI Evals framework, open-sourced in 2023 and now the cornerstone for community-contributed benchmarks, takes the same position from the practitioner direction: evals evaluate the behavior of any system, including prompt chains and tool-using agents, which is a different evaluation surface than the test suite that verifies the deterministic plumbing around the model. Behavioral-testing work in the broader academic literature reinforces the same direction. The eval set is its own artifact, not a test suite and not a requirements document. The literature has caught up to what production teams already know: the eval set is the spec. What the literature has not yet named, and what the operating-model layer needs to name, is who owns it.

What I have stopped recommending to AI product teams
I have stopped recommending that AI product teams "add evals" as a maturity step. The recommendation is technically correct and operationally useless. Teams add evals; the question of authority does not get touched; six months later the team has a working eval pipeline and an absent product owner. Adding evals without naming the eval owner is the equivalent of installing a control system without naming the operator.
What I now recommend instead is that any team about to install eval-driven workflows answer one question first, in writing, before the harness is even chosen: who curates the failure cases. The answer must be a specific named role, not a function. "The product team" does not count. "The ML team" does not count. "QA" does not count. The role has to be the person who, when a customer complaint surfaces a behavior nobody had thought to test, decides whether that behavior gets added to the eval set, what threshold it needs to hit, and whether the next release ships before or after it does. If you cannot answer that, you do not have an AI product owner, regardless of what your org chart says.
The second thing I recommend is that the documented product owner read the eval set quarterly, in full, in a meeting, with the person who maintains it. The point of the meeting is not to do code review. The point is to surface the policy decisions hiding inside the failure-case choices. "Why is the medical-domain input flagged as out-of-scope?" is a product question. "Why is the threshold for hallucination set at 3% rather than 1%?" is a product question. If those questions get answered by an ML engineer alone, the ML engineer is the product owner. If they get answered by the documented PM, the meeting did its job.
The third thing I recommend is that the eval set's commit history get treated as a product-decision log. Every change to the failure cases is a change to the product specification. Most teams already have this history; almost none of them treat it as a governance artifact. Naming it that way changes how the changes get made.
The two ways eval ownership defaults, and what it costs
Eval ownership defaults in two patterns when the team does not assign it explicitly. Both patterns are common; both cost more than the team realizes.
In the first pattern, ownership defaults to the ML or platform team. This is the most common case. The eval harness was originally written by an ML engineer who needed to evaluate a model swap; the eval cases grew organically from that engineer's understanding of what the product needed to do. Six months later, that engineer is the product specifier whether or not anyone has said so. The cost is not visible until the eval starts diverging from the product strategy, which it does, because ML engineers optimize for technically interesting failures and shrug at boring ones (legal-risk edge cases, low-volume language pairs, edge cases that only affect named enterprise accounts). The product floats because the optimization function is pointing at something the business has not chosen to optimize for.
In the second pattern, ownership defaults to nobody. The eval exists, in a notebook, run irregularly, maintained by whichever engineer last had to debug a regression. Failure cases get added when someone files a bug. The product policy hiding inside the eval is the accumulated residue of whichever bugs have been filed loudly enough to trigger a fix. The team thinks of this as informal; what it actually is, is the product being shaped by customer-complaint volume rather than by deliberate strategy. The cost shows up as the inability to make any large product decision, because the team cannot tell whether a proposed change will improve or break the operative spec.
Both patterns produce the same headline symptom, which is the "our AI product keeps almost-shipping" complaint that has become the trigger phrase of this cohort of products. The deeper diagnosis is not that the product is technically close to ready and just needs another sprint. The deeper diagnosis is that the team has no agreed specification of done, because the team has not named the person who decides what done means.
This is what good product discipline looked like in classical software and what it has to look like in AI product work. The PRD was the spec because the engineer was the executor; the PM owned the PRD. The eval set is the spec because the model is the executor; somebody has to own the eval set. The role label is open. The accountability is not.

The diagnostic questions to take to the next product review
The fastest way to surface the eval-ownership question without it sounding theoretical is to bring four questions to the next product review and ask them in order. They are designed to fail in a useful way when the ownership is misaligned. If the team cannot answer them or starts answering them by deferring to different people, the misalignment is now visible to everyone in the room.
The questions:
- Who curates the failure cases in the eval set, and is that the same person we have named as the product owner for this feature? If the names diverge, the documented owner does not actually own the product.
- When a new failure mode surfaces from customer support or from an internal review, what is the path by which it gets evaluated for inclusion in the eval set, and who signs off on that decision? If there is no path, failures are getting added by whoever happens to notice them, and the eval is drifting from product strategy.
- What is the current acceptable-failure rate for each output category, and where is that decision documented? If the decision lives only in the eval threshold value, the policy is not auditable, and the legal-and-trust implications are not visible to the people accountable for them.
- When the eval score improves, what specifically improved, and what trade-off did we accept? Every optimization in AI work trades something. If the team cannot name what got worse in exchange for what got better, the optimization loop is operating outside product governance.
None of these questions require technical depth to ask. They require somebody in the room to want to ask them. That is the operating-model decision.

The implication for the operating model
The eval set is the new product specification. This is not a metaphor; it is the operational reality of how AI products get built and shipped. The PRD describes intent; the eval describes correctness; the model executes the eval, not the PRD. If your operating model has not caught up to this, your product authority is sitting wherever the eval set is being maintained, which is almost certainly not where your org chart says it is.
The fix is not technical. It is an operating-model decision: name the eval owner, give them the title that matches the authority, and make the documented product owner accountable for reading the eval set as the spec it is. The role might be the PM. It might be a new "AI product owner" function. It might be a senior engineer with explicit product authority. The role label matters less than the alignment between authority and accountability.
Two failure modes will tempt the operating-model fix into a shape that does not work. The first is to leave the eval ownership where it defaulted (usually with ML or platform) and add a "review process" on top. Review processes do not change ownership; they add friction without moving accountability. The second is to assign eval ownership to the PM by edict without giving them the authority to curate the cases. Authority without capability is its own failure mode; the PM either becomes a bottleneck or quietly delegates the substantive work back to the engineer who was doing it before.
The version of the fix that works names a single person as accountable for the eval set, gives them the authority to add and remove failure cases, and makes them sit in the product-strategy conversation rather than the eval-tooling conversation. The role can be a PM with a technical extension, or a senior IC with a product extension, or a hybrid role created for this purpose. What matters is that the person specifying the product is the person the org has decided is specifying the product.
Take one question to your next product review: who owns our eval set, and does that match who we said owns the product. If the two names match, you have an operating model. If they diverge, you have a product that is being shaped by an org chart you have not actually written.
