By Remi Gulzar
As organizations transition from AI pilots to fully operationalized AI systems, effective governance becomes crucial to ensuring sustained success. The immense opportunity and impact of AI position it as a pivotal business decision that must be approached strategically. CIOs and executives must blend IT, risk, and data and analytics governance domains to make informed decisions on the responsible use of AI across the enterprise.
AI decision-making should be designed from the top down, supported by a robust organizational culture. This approach leverages AI’s strengths while simultaneously safeguarding the enterprise from potential risks. Balancing trust and control, as well as privacy and convenience, is essential in this process. Effective governance is key to safely deploying and scaling AI, ensuring its responsible use, and meeting regulatory and corporate requirements.
Enterprise Governance of AI: A Cross-Domain Adaptive Approach
Enterprise Governance of AI (EGoAI) is a cross-domain adaptive approach that offers CIOs and executives an integrated framework to blend governance domains to make decisions on AI that enforce its responsible use and achieve AI-enabled business outcomes. It is a key factor to building a sustainable governance for AI that fulfills policy and ethics requirements. EGoAI also captures benefits from applying AI, such as productivity gains, improved customer experience and competitive advantage, while fulfilling regulatory and corporate compliance requirements.
Adaptive Decision-Making in AI Governance
The nature of AI decision-making—characterized by risk, uncertainty, distribution, and speed—demands an adaptive approach to implementing EGoAI. CIOs must collaborate with other executive stakeholders to establish a portfolio of decision-making styles, focused on control, outcome, agility, and autonomy outcomes, that support single-domain, orchestrated, or blended approaches to AI governance. Supporting governance mechanisms must be rechartered and refocused for cross-domain decision-making by taking a design-based, people-centric approach. This raises involvement and commitment from stakeholders, facilitating fluid decision-making.
CIOs engaged in strategic decisions on the use of AI should:
- Close the potential gap between corporate directors and executives on AI expectations and risks.
- Apply a blended governance approach to orchestrate AI decisions across multiple governance domains.
- Democratize and adjust governance mechanisms (rules/principles, roles, structures, etc.) to support blended governance across the AI life cycle.
Management of Enterprise AI
Management of Enterprise AI enforces a life cycle approach that encompasses how AI systems are planned, designed, developed, and operated in a responsible manner to achieve business outcomes. Standards such as International Organization for Standardization (ISO) 42001, National Institute of Standards and Technology (NIST, U.S.) AI Risk Management Framework, and the European Union AI Act provide guidance on how AI systems should be operated in a risk-adjusted and responsible manner across their life cycle.
An AI system has many moving parts—data, infrastructure, API, UX, etc.—that are managed by different domain-based management processes (IT, D&A, risk) with their own operating and delivery models. Operating an AI system effectively requires decision-making to be single, orchestrated, or blended across domains. Domain-based prioritization and decision-making mechanisms, such as IT steering committees, must be rechartered to support multidomain orchestrated or blended decision-making to deliver and operate AI. For each management-level AI decision, it should be determined which domain recommends, agrees, performs, inputs, and decides.
CIOs engaged in planning, executing, delivering, and operating AI systems should:
- Prioritize execution and delivery of AI through cross-domain-based committees that take single, orchestrated, or blended decisions.
- Provide and support cross-domain continual assurance on the compliant provisioning and use of AI from an internal and market-facing perspective.
- Adjust operating and delivery models to operate AI systems in accordance with enterprise guardrails.
By following these guidelines and adopting a blended approach to AI governance, organizations can strategically harness AI’s potential while mitigating associated risks, ensuring a future where AI contributes positively to business success.
Gartner analysts are discussing the key strategies, technology and trends shaping the future of IT and business at the Gartner IT Symposium/Xpo, taking place in Kochi, November 11-13, 2024.
(The author is Remi Gulzar, VP Analyst at Gartner, and the views expressed in this article are his own)