Advancing Enterprise AI Governance

Some months ago, a colleague from the IMD Board Community group suggested the Program “From Insight to Action: Advancing Enterprise AI Governance”. A program offered by Stanford Law School’s ROCK Center for Corporate Governance.

I completed the program a couple of weeks ago, and I found it to be a treasure trove of information, offering many perspectives on AI Governance. Some key takeaways for companies embedding AI solutions in their operations are:

1. A risk assessment of the AI adoption initiative is extremely important, and should definitely extend to the difficult subjects such as ‘impact on workforce’, both as morale and as headcount.
2. Risk classification of the AI solutions, planned to be implemented, can go a long way in limiting the organization’s regulatory exposure risks.
3. Standard processes need to be extended, and we’re not only talking about training, which is specifically spelled out in many regulations, but also about AI whistleblower program, AI incident response and crisis management among others.
4. Engaging the right people from the beginning is critical for AI adoption programs. The “right people” notion would include experts with:
   • Technical knowledge of how AI works and its limitations (including accuracy and hallucinations)
   • Understanding of the regulatory landscape
   • The ability to identify industry specific, value generating use cases Not choosing the right people can be a very costly decision.
5. Privacy and Cybersecurity, although not the drivers, should have a very visible role in the process, as both are and will be under scrutiny from regulators.

As most business transformation experts state, organizations focusing on the impact of AI to the bottom line, i.e. cutting costs, instead of the top line, i.e. improving revenue through innovation and additional services, bear a significant risk of being rendered irrelevant, very quickly.