Many of the companies I work with start their relationship with AI the same way: reimburse everyone for Claude Pro or Max, pay $20–200 per seat per month, send a Slack message saying "use this," and call it an AI rollout.
This works for a while. Then people tire of the monthly reimbursement ritual. New employees show up who aren't as fluent with AI. The CEO looks at sales numbers and shipped features and starts to wonder whether the team is using AI enough, using it well, and sharing what works. After all, she knows exactly how many sales emails went out, how many tickets shipped, and how many calls happened — but she can't measure or shape the AI rollout when everyone's on an individual plan.
Pro and Max are individual plans. They expose zero leadership visibility, offer no organizational restrictions, and don't enable universal deployment of the organization's AI tools and integrations. From the CEO's seat, this is the AI equivalent of asking each employee to buy their own Office 365 Personal subscription.
Team and Enterprise unlock three layers of leverage for the CEO who wants to manage AI as a program, not a perk: visibility, shape-ability, and enforcement. Anthropic ships changes often, so each section below links back to the source doc.
Executive AI Roundtable
I host a closed-door roundtable for founders and C-level leaders navigating AI strategy — no vendors, no pitches, just operators comparing notes. Attendance has tripled since early April; the next session is at capacity.
Join the Waitlist →
"How often is my team using Claude?"
This is the first question every CEO asks about their AI rollout, and the easiest one to answer — but only if you're on the right plan. The dashboard exists on Team and Enterprise.
Like all analytics, these numbers can mislead. Tokens used isn't value created; just as developers used to game the old lines-of-code metric, employees on AI leaderboards find creative ways to burn tokens and climb. Use the dashboard to start a one-on-one with people who seem to get less out of Claude — not as the final scoreboard.
From Anthropic's usage analytics documentation, admins can see:
- Active users — weekly, daily, and monthly. WAU divided by seats is your utilization rate.
- Pending invites — who you bought a seat for but who hasn't logged in.
- Top connectors — which integrations are getting used (Slack, Google Drive, GitHub, Microsoft 365).
- Chats per day and total chats.
- Projects created and top users by projects.
- Artifacts created and top users by artifacts.
- Cowork sessions and active Cowork users.
- A "Top 10 users by spend leaderboard" with per-user token counts (prompt and completion) and request counts by model.
That's enough to answer the rollout-monitoring 80%: is the team using it, who's leading, who hasn't logged in, which features are getting traction.
Access Control: Owners, Primary Owners, and members on Team; Owners, Primary Owners, Admins, and custom roles on Enterprise.
Cost of admission: per Anthropic's Team plan documentation, Team requires a minimum of five members at $20/user/month on annual billing ($25 monthly) for standard seats. On annual billing that's the same per-seat price as Pro. What the upgrade pays for is administrability: spend caps per user, single sign-on with domain capture, just-in-time provisioning, role-based permissions — none of which exist on Pro or Max at any price.
Enterprise sits at $20/seat plus usage at API rates (per the pricing page), trading the package deal for tighter controls and per-token billing.
"Can I inspect their prompts?"
The answer is tier-dependent, and it's the clearest reason to choose Enterprise over Team. If you have compliance, incident-response, or regulated-industry requirements, Enterprise is the answer. For HIPAA or BAA coverage, you'll route through Anthropic sales.
On Team: no. The dashboard exposes metadata only — counts, leaderboards, and top connectors. The Team documentation lists projects, knowledge bases, and admin tools, but says nothing about admin access to chat content.
On Enterprise: yes, programmatically. From the Enterprise plan documentation:
Compliance API: programmatically access Claude usage data including activity logs, chat histories, and file content, with filtering capabilities by user and time range.
Plus audit logs that "capture key information about user actions, system events, and data access." Plus SCIM provisioning, custom data retention controls, and HIPAA-ready agreements available on sales-assisted plans.
Having the API isn't the same as running queries on it every Monday. The right model is incident response and regulated-industry compliance. A pharmaceutical company subject to FDA audits may need the ability to retrieve a developer's chat history when a regulator asks.
A SaaS company that's "just curious what marketing is asking Claude" might end up with a team reluctant to use AI freely. Just imagine how you would use Google if you knew your boss could see your search history.
"Can I see whether the output is any good?"
The answer on any tier is mostly no. Anthropic doesn't grade output quality; that remains a human judgment. What the dashboards expose are output-volume proxies:
- Projects created and artifacts created tell you that work is happening.
- Suggestion accept rate for Claude Code, per Anthropic's August 2025 announcement on admin controls: "View Claude Code analytics in Claude, including metrics like lines of code accepted, suggestion accept rate, and usage patterns."
The suggestion-accept rate is the closest thing to a quality proxy that ships out of the box. A high accept rate means Claude is matching the developer's intent; a low one means either the prompts are poor or the developer is rejecting reasonable output. Useful as a leading indicator. Not a complete one.
For everything else, good leadership calls for a dialogue. Usage breadth shows up in dashboards; usage depth shows up in conversations. A question that's been outperforming dashboards in other roundtable discussions is the one-on-one prompt: what could you not use AI for this week? That surfaces the workflow gaps a dashboard can't see — the mental blocks, the comfortable corners, the places where someone is reaching for Postman when Claude could write the script.
The dashboard tells you who's using AI. Conversation tells you whether they're using it well.
Beyond visibility: shaping how the team uses Claude
Three Team-tier features go beyond the dashboard — they shape how employees use Claude in the first place.
Organization instructions are the most leveraged of the three. From Anthropic's documentation: "Organization instructions let Admins and above on Team and Enterprise plans set custom instructions that Claude follows in every conversation across your organization." Up to 3,000 characters; org-level takes precedence over individual user instructions when the two contradict.
The use cases Anthropic suggests are exactly the ones a CEO should care about: tone standards, response-format preferences, HR policy referrals, domain context (e.g., healthcare claims processing), and data-handling reminders to avoid leaking PII into responses. A company can encode "always cite the specific paragraph of our employee handbook when asked HR questions" or "never include customer PII in summaries" once, at the org level, and have it apply to every employee's conversations from then on.
Admin-provisioned skills are the second leverage point. Skills are reusable, packaged capabilities — think "draft a customer support reply in our voice," "pull and analyze data from a marketing campaign," or "audit a draft blog post against our SEO checklist." On Team and Enterprise, owners can push skills to every team member's account. Per Anthropic's skills-provisioning documentation, provisioned skills are "enabled by default for everyone in your organization, but users can still toggle individual skills off if they choose." That default-on behavior is the leverage. With a little training, skills let even new users of AI take advantage of the work your most talented AI engineers have developed.
Spend caps and SSO round out the operational essentials. From the August 2025 admin-controls announcement: "Set spending limits at the organization and individual user level." Caps protect against the scenario where one team member burns through the company's monthly token allocation by leaving an agent in an overnight Ralph Loop. Single sign-on with just-in-time provisioning means new hires get a Claude seat on their first day, and terminated employees lose access on their offboarding day. Both are table stakes by the time you hit ten employees.
A few additional Team-tier capabilities worth knowing about:
- Public project lockdown — admins can disable the "publish to public" toggle on projects, keeping all work product internal.
- Connectors with admin oversight — Slack, Google Drive, Gmail, GitHub, Microsoft 365.
- Enterprise search — unified search across the connected workplace tools.
- Cowork — collaborative editing inside Claude, with admin-controlled plugins.
- Domain claims — auto-onboard existing Claude accounts on your corporate domain into the org.
The full feature matrix from Anthropic's documentation:
| Capability | Team | Enterprise |
|---|---|---|
| Aggregate usage analytics (WAU, top users, spend leaderboard) | ✅ | ✅ |
| Organization instructions (org-wide system prompt) | ✅ | ✅ |
| Admin-provisioned skills | ✅ | ✅ |
| Spend caps (org-level + per-user) | ✅ | ✅ |
| SSO + Domain capture + JIT provisioning | ✅ | ✅ |
| Role-based permissions (Owner / Admin / Member) | ✅ | ✅ |
| Connectors (Slack, GDrive, Gmail, GitHub, M365) | ✅ | ✅ |
| Enterprise search (unified workplace search) | ✅ | ✅ |
| Cowork + plugin management | ✅ | ✅ |
| Public project lockdown | ✅ | ✅ |
| Domain claims (auto-onboard accounts on your domain) | ✅ | ✅ |
| Custom roles | — | ✅ |
| Group-level spend limits | — | ✅ |
| Custom data retention | — | ✅ |
| Audit logs | — | ✅ |
| IP allowlisting | — | ✅ |
| Tenant restrictions (network-level enforcement) | — | ✅ |
| Compliance API (chat histories + file content) | — | ✅ |
| HIPAA-ready / BAA (sales-assisted) | — | ✅ |
| Data export (org-wide data dump) | — | ✅ |
| Server-managed Claude Code policy (hooks, permissions, MCP, sandbox) | ✅ | ✅ |
Source for the table: the Team and Enterprise plans collection in Anthropic's help center, which is the canonical place to confirm the most current feature availability.
Beyond shape-ability: enforcing behavior via managed settings
Visibility tells you what's happening. Shape-ability changes the defaults. Team and Enterprise unlock a third layer: enforcement — settings that take precedence over individual developer configuration and can't be opted out of. This applies specifically to Claude Code (the terminal/IDE tool), not to claude.ai web chats; the two have separate control planes.
From Anthropic's Claude Code admin-setup documentation:
"Claude Code enforces organization policy through managed settings that take precedence over local developer configuration."
Managed settings can be delivered through the Claude admin console (server-managed, "reach devices at authentication time and refresh hourly during active sessions"), through a managed file on disk, through a macOS plist or Windows registry policy, or through MDM. Server-managed delivery requires Team or Enterprise; the file/OS mechanisms work without it, but require admin access to each device.
"Whichever mechanism you choose, managed values take precedence over user and project settings. Array settings such as
permissions.allowandpermissions.denymerge entries from all sources, so developers can extend managed lists but not remove from them."
The control surfaces a CEO can lock down include:
- Hook restrictions —
allowManagedHooksOnlyensures only admin-configured hooks load;allowedHttpHookUrlsrestricts where hook callbacks can post. Hooks provide a way to programmatically customize Claude Code. For example, you can write aStophook that POSTs every session transcript to an internal logging service, deploy it via managed settings, and lock it on. Now, every Claude Code session in the org is auto-documented, with no opt-out. This is strictly more powerful than the Compliance API for Claude Code specifically — chat content is captured in real time at the source rather than retrieved after the fact. - Permission lockdown —
allowManagedPermissionRulesOnlyprevents developers from extending the permission allowlist;disableBypassPermissionsModeremoves the--dangerously-skip-permissionsfeature entirely. - Sandboxing — OS-level filesystem and network
isolation. Bash can be allowed but restricted to specific paths, and
outbound network access can be limited to a domain allowlist enforced at
the OS layer (this closes the gap where
curlwould otherwise reach any URL). - MCP server control —
allowedMcpServers,deniedMcpServers,allowManagedMcpServersOnly— restrict which MCP integrations developers can connect to. - Plugin marketplace control — restrict which marketplace sources can be added or installed from.
- Version floor —
minimumVersionprevents developers from running outdated Claude Code installs.
For regulated industries, these features stop a policy escape before it happens, so you're not documenting and correcting one after. For everyone else, they help you measure adoption, protect your IP, and standardize how your team works with Claude.
The Claude Code settings reference is the canonical source for all setting keys, file locations, and precedence rules.
Pick a tier
The decision matrix is simpler than it looks:
| Situation | Recommendation |
|---|---|
| Under 5 seats | Stay on Pro — Team has a 5-seat minimum |
| 5–150 seats, no compliance pressure, want adoption visibility | Team ($20/user/month annual) |
| Any size, regulated industry, want compliance audit + content access | Enterprise (Compliance API + audit logs + custom data retention + SCIM + BAA available for HIPAA on sales-assisted plans) |
| 150+ seats and growing | Enterprise — Team caps at 150 seats |
Team unlocks three layers of leverage — visibility (the analytics dashboard), shape-ability (organization instructions, provisioned skills, spend caps), and enforceability (managed Claude Code policy: hooks, permissions, sandboxing). Centralized billing is the bonus.
A Team plan only pays off if someone uses it. If you're past five seats and still reimbursing Pro subscriptions, upgrade this quarter and assign one person to own the dashboard, the org instructions, and the spend caps. That's the whole rollout plan.
If you're starting from scratch on AI deployment, How to Deploy AI in Your Company walks through buying accounts, publishing a policy, running a 12-week pilot, and measuring results. This essay is the plan-tier piece of that puzzle.
Resources From Anthropic
- Team plan support article — official feature list, pricing, minimum seats, max seats before Enterprise upgrade.
- Enterprise plan support article — Compliance API, audit logs, SCIM, custom retention, HIPAA-readiness.
- Usage analytics for Team and Enterprise plans — every metric admins can see, refresh cadence, export limits.
- Set organization instructions — the org-wide system prompt up to 3,000 characters; precedence over individual user instructions.
- Provision and manage Skills for your organization — admin-pushed skills enabled by default for every team member.
- Team and Enterprise plans collection — the canonical help-center collection for current feature availability across all admin areas (members, roles, projects, Cowork, audit, compliance, IP allowlisting, tenant restrictions, etc.).
- Claude Code admin setup — server-managed settings, managed-policy precedence, hook restrictions, permission lockdown, sandboxing, MCP/marketplace control.
- Claude Code settings reference — every setting key, every file location, the full precedence model, and how to verify which managed source is active on a given device.
- Claude Code admin controls announcement (August 2025) — suggestion-accept-rate analytics, managed policy settings, spend caps at organization and individual user levels.
- Claude pricing page — current per-seat pricing across Pro, Max, Team, and Enterprise tiers.