You have been given a mandate to govern how you will responsibly deliver on your roadmap and strategy for AI technologies:
- Develop policies that clarify appropriate use of data and AI models, and limit organizational risk.
- Create processes that support the design, development, deployment and operation of AI models.
- Identify how you’ll make strategic, tactical, and operational decisions that ensure the use of AI aligns to your organization’s goals and values.
Our Advice
Critical Insight
- Most organizations default accountability for AI to IT, or don’t assign accountability at all. Responsible governance requires the business to take accountability for their approach to AI.
- Very few organizations have a formal and structured approach to AI governance:
- AI can introduce or intensify risks that affect the entire organization, but most organizations haven’t integrated AI risks in their enterprise risk management framework.
- Most organizations don’t assign accountability for AI or it defaults to the CIO – and yet authority and true accountability remain with the business.
- Policies are published without any controls to monitor and enforce compliance.
Impact and Result
- Start to govern AI responsibly by following Info-Tech’s structured approach:
- Identify key risks related to AI.
- Identify a set of responsible AI principles.
- Create an AI governance structure: identify key governing organizations, their mandate, key roles and responsibilities.
- Design an AI governance operating model.
- Evaluate policy gaps using a policy framework.
- Use your findings to develop a roadmap and communication plan to govern AI in your organization.
Member Testimonials
After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.
9.7/10
Overall Impact
$15,469
Average $ Saved
12
Average Days Saved
Client
Experience
Impact
$ Saved
Days Saved
CAF - Corporacion Andina de Fomento
Guided Implementation
9/10
$30,549
20
Natalia has been a great asset in the data, analytics and AI architecture counseling. She's very knowledgable and precise with her advice
Benchmade
Guided Implementation
10/10
N/A
N/A
This was an analyst call for AI Governance and I found it very informative. I would like to consider a potential speaking engagement with our Boar... Read More
State Universities Retirement System Of Illinois
Guided Implementation
10/10
N/A
3
Milena had a clear grasp of the domain and was able to discuss our concerns in earnest.
Workshop: Govern the Use of AI Responsibly With a Fit-for-Purpose Structure
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Address Responsible AI and AI Risk
The Purpose
Key Benefits Achieved
Activities
Outputs
Document the benefits of AI governance.
- List of benefits of AI governance
Assess your AI risk governance practices.
- Assessment of key gaps in AI governance today
Create an AI risk taxonomy.
- Draft of AI risk taxonomy
Identify relevant AI risks.
- A list of key AI risks, aligned to your defined AI risk taxonomy
(Optional) Conduct an initial AI risk assessment for one use case.
- An initial risk assessment for a single AI use case
Identify risk management objectives, metrics, and targets.
- List of risk management objectives, metrics, and targets
Establish or validate responsible AI guiding principles.
- Draft responsible AI principles specific to your organization
Module 2: Define AI Governance Structure
The Purpose
Key Benefits Achieved
Activities
Outputs
Draft your AI governance structure.
- Draft view of AI governance structure
Define mandates, roles, responsibilities, and membership of AI governance committees.
- Updated mandate, role and responsibilities for AI governance committees
Visualize AI governance position vs. other enterprise governance structures.
- AI governance visualization vs. other enterprise governance structures
Confirm AI governance mandate and membership.
- Outline of your new AI governance structure and committees
Identify integration points between AI governance and other governance structures.
- List of points of integration between AI governance and other governance structures
Module 3: Define AI Governance Operating Model
The Purpose
Key Benefits Achieved
Activities
Outputs
Define the evaluation criteria across the AI lifecycle.
- Evaluation criteria for all AI lifecycle steps
Define core AI governance processes.
- Name and description of core AI governance processes
Compile Executive AI Council Charter.
- An initial draft of the AI Council Charter
Identify and prioritize policy gaps.
- A prioritized list of policy gaps to be addressed
Identify how your AI governance structure will support key policies.
- A RACI chart that identifies the roles of different committees in supporting your AI governance initiatives
Module 4: Build an AI Governance Implementation Roadmap
The Purpose
Key Benefits Achieved
Activities
Outputs
Create your AI governance roadmap.
- A completed draft of an AI governance roadmap
Build your communication plan.
- A completed communication plan for the AI governance roadmap
Govern the Use of AI Responsibly With a Fit-for-Purpose Structure
Enable your organization to transparently deliver effective and human-centric AI.
Analyst Perspective
You can buy an AI solution, but you can't outsource accountability!
AI governance provides a framework for the responsible deployment and use of AI, ensuring alignment with the organization's objectives and values while also adhering to ethical standards and regulatory requirements. It provides a structured approach to managing, monitoring, and controlling the effective and human-centric use and development of AI systems.
AI governance is a subset of enterprise governance, a strategic practice that not only allows the organization to mitigate potential risks but also drives innovation and value creation.
Remember that the AI governance framework and its components are the same whether you're developing your own AI systems or integrating AI tools and technologies with AI built into the tool. Organizations believe that if they adopt a "buy" approach for AI systems, AI governance is not required because they have no control over the technology embedded in the products and systems they acquire. However, this is not the case.
Packaged or integrated AI tools do come with risks, including biases in the AI models, data privacy issues, and the potential for misuse. A robust AI governance framework helps mitigate these risks by establishing guidelines and controls that align with the ethical standards and values of the organization. It promotes transparency and fairness.
Implement AI governance to ensure the investments you make, the risks you accept, and the resources you apply to AI projects are aligned to business value.
Irina Sedenko
Research Director
Info-Tech Research Group
Andrew Sharp
Research Director
Info-Tech Research Group
Swapnil Awasthi
Workshop Quality Director
Info-Tech Research Group
Executive Summary
Your Challenge
You have been given a mandate to govern how you will responsibly deliver on your roadmap and strategy for AI technologies. You must:
- Develop policies that clarify appropriate use of data and AI models, and limit organizational risk.
- Create processes that support the design, development, deployment, and operation of AI models.
- Identify how you'll make strategic, tactical, and operational decisions that ensure the use of AI aligns to your organization's goals and values.
Common Obstacles
Very few organizations have a formal and structured approach to AI governance:
- AI can introduce or intensify risks that affect the entire organization, but most organizations haven't integrated AI risks in their enterprise risk management framework.
- Most organizations don't assign accountability for AI or it defaults to the CIO – and yet authority and true accountability remain with the business.
- Policies are published without any controls to monitor and enforce compliance.
Info-Tech's Approach
Start to govern AI responsibly by following Info-Tech's structured approach:
- Identify key risks related to AI.
- Identify a set of responsible AI principles.
- Create an AI governance structure: identify key governing organizations, their mandate, and key roles and responsibilities.
- Design an AI governance operating model.
- Evaluate policy gaps using a policy framework.
Use your findings to develop a roadmap and communication plan to govern AI in your organization.
Overarching Info-Tech Insight
Whether you're going to market to buy AI-enabled applications, partnering with an integrator, or building models from scratch, you need effective AI governance to ensure you're using the technology in the best interest of the organization. You can buy an AI solution, but you can't outsource accountability.
Session 1: Goals of AI governance
Leverage Info-Tech's AI Governance Framework
Our framework helps guide organizations through the process of formalizing governance to help them meet their goals.
- Set goals for the organization related to AI, and monitor progress toward those goals.
- Define accountability and responsibility for AI.
- Define the AI risk management framework, in line with the existing enterprise risk management framework.
- Support the use of AI in a manner consistent with organizational values.
- Define a framework to support ML/AI model governance.
Govern the Use of AI Responsibly With a Fit-for-Purpose Structure
Info-Tech Insight
Most organizations default accountability for AI to IT, or don't assign accountability at all. Responsible governance requires the business to take accountability for AI.
AI governance is informed by |
Your AI governance operating model has the following elements |
To implement, you will need to create |
||
---|---|---|---|---|
Organization Goals |
Governance Processes |
AI policy framework |
||
Model Governance |
Monitoring |
Tools and Technologies |
||
AI Risks |
The operating model is built on a foundation of |
AI governance roadmap | ||
Responsible AI guiding principles |
Mandates, roles, responsibilities |
Governance structure |
Info-Tech's methodology for Govern the Use of AI Responsibly With a Fit-for-Purpose Structure
1. Address Responsible AI and AI Risk |
2. Define AI Governance Structure |
3. Define AI Governance Operating Model |
4. Build an AI Governance Implementation Roadmap |
|
---|---|---|---|---|
Phase Steps |
1.1 Level set on the goals of AI governance, AI risks, and risk management frameworks. 1.2 Assess whether proper AI risk controls are in place. 1.3 Identify AI risk management objectives, metrics, and targets. 1.4 Determine and define responsible AI principles for the organization. |
2.1 Identify key elements of the organization's AI governance structure: strategic, tactical, and operational. 2.2 Define mandate, roles, and responsibilities. 2.3 Identify integration points between AI governance and other governance structures. |
3.1 Define key AI governance operating model elements. 3.2 Develop first draft of the AI governance charter. 3.3 Recommend AI governance procedure and policy framework. |
4.1 Identify AI governance implementation initiatives. |
Phase Outcomes |
|
|
|
|
Leverage these supporting tools to inform the key deliverable:
AI Governance Assessment Tool
This self-assessment tool will allow you to conduct a structured review of your current and target risk governance capabilities. The results will inform your governance approach and roadmap.
AI Risk Assessment Tool
This supporting tool will help you structure a risk assessment for critical AI risks.
The results will inform the outputs in your AI Governance and Risk Presentation.
Info-Tech offers various levels of support to best suit your needs
DIY Toolkit
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”
Guided Implementation
“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”
Workshop
“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”
Consulting
“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
Diagnostics and consistent frameworks used throughout all four options
Prework |
Session 1 |
Session 2 |
Session 3 |
Session 4 |
|
---|---|---|---|---|---|
Review the current AI strategy & governance |
Address responsible AI and AI risk |
Define AI governance structure |
Define AI governance operating model |
Build an AI governance implementation roadmap |
|
Attendees |
CIO |
CIO and direct reports Selected members of the ELT |
CIO and direct reports Selected directors and above from business depts |
CIO and direct reports |
CIO and direct reports |
Activities |
Understand the organization's current AI governance model. Review existing AI strategy and roadmap. Draw an inventory of applicable legal and regulatory requirements |
Level set on the goals of AI governance, AI risks, and risk management frameworks. Assess whether proper AI risk controls are in place (using a standard risk management framework). Identify AI risk management objectives, metrics & targets. Determine and define responsible AI principles for the organization. |
Identify key elements of the organization's AI governance structure: strategic, tactical, and operational. Define mandate, roles, and responsibilities. Identify integration points between AI governance and other governance structures, e.g. corporate governance, IT governance, data governance. |
Define key AI governance operating model elements and key collaborators. Develop first draft of the AI governance charter. Recommend AI governance procedure and policy framework. Develop a sample procedure and policy outline from the framework. |
Identify AI governance implementation initiatives. Develop high-level AI governance implementation roadmap. |
Outcomes |
Responsible AI principles for the organization List of AI risks |
AI governance structure AI governance mandates, roles, and responsibilities |
AI governance operating model First draft of AI governance policy and procedure framework |
AI governance implementation roadmap |