AI Governance Is Treated as Exclusive. It Shouldn’t Be.
If businesses truly want their AI systems to be trustworthy, they need a wide range of stakeholders at the table and engaging with the tech, writes Heather Gentile, director of product for IBM watsonx.governance Risk and Compliance
Effective governance of any kind requires many seats at the table: Additional perspectives and expertise lead to better outcomes.
AI governance is no exception. As enterprises integrate generative AI across their business, they should take a multistakeholder and multidisciplinary approach to ensuring it remains safe and ethical.
But too often, they don’t. Many businesses today are experimenting with powerful new tools like agentic AI, yet treat their governance as an exclusive discipline. Organizations assign a small cadre to establish and enforce AI guardrails, standards and processes. These stakeholders are usually limited to highly technical or legal professionals, while those without computer science or law degrees don’t have a seat at the table.
This approach is counterintuitive: AI touches all aspects of business, from design to code to customer service—and so all aspects of the business should have governance input. This approach also sets enterprise AI initiatives up for trouble. Without a range of expertise and viewpoints, AI risks like bias, output irrelevance and drift, and compliance violations can proliferate—introducing operational risk and undermining profitability and reputation.
More Seats at the Table
Businesses need to recognize that the responsibility for AI governance does not sit with an individual team. AI governance is a collective responsibility touching technology, law, ethics, risk management, compliance, human resources, security and nearly every other discipline.
Ethicists and others with social science expertise are necessary to help determine which traits a governance framework should prioritize, like fairness or explainability. Meanwhile, security professionals provide risk mitigation, identifying vulnerabilities and ensuring compliance with industry standards. This risk mitigation includes identifying “shadow AI” (similar to shadow IT) so it can be brought into the governance framework. And all staff, regardless of their role, can share feedback and identify issues as they interact with AI systems each day.
Executive sponsorship is also key. The CEO and other senior leaders set culture—and if they’re not engaging with AI governance, it sends a clear message. Senior leaders must lead support for governance initiatives to create a culture of responsible AI adoption and help steward company-wide training, policies and procedures.
More Integrated Tech
These stakeholders need more than a seat at the table; they also need to engage with the right tech. If AI governance software remains siloed, it reinforces the notion that governance is an exclusive discipline. Instead, AI governance software should seamlessly integrate with other teams’ tools and technologies.
For example, as a best practice AI governance and AI security tools should provide an integrated view of the organization’s AI enterprise risk and compliance posture. If security software spots a shadow AI instance, it shouldn’t simply alert the security team. It should also feed the instance to the governance software, which can apply the necessary guardrails. When there is less friction on the backend, governance becomes simpler and more effective.
AI systems are only growing more complex, with autonomous agents on the horizon. Agentic AI can complete complex tasks and use other software with limited human supervision. This can provide major productivity gains for businesses—but only if these systems operate within a rigorous and comprehensive governance framework. More than ever, AI governance initiatives need to be inclusive, not exclusive.