Integrating AI literacy into compliance frameworks
Contributors:
Erica Werneman Root
CIPP/E, CIPM
Senior Legal Counsel
Thriva Limited
Monica Mahay
CIPP/E, CIPM, FIP
Chief Compliance Officer
SkyShowtime
Editor's note: This is the fourth article in a five-part series on AI literacy. The first, "Understanding AI literacy," explores the core legal requirements under the EU AI Act. The second article, "Assessing AI literacy needs," outlines a practical framework for assessing the AI literacy needs of an organization. The third, "Designing an AI literacy program," describes the process of designing a comprehensive AI literacy program that fits the organizational context.
For more information on AI, visit theĀ IAPP AI topic page.
A stand-alone artificial intelligence literacy program can help employees understand key issues related to AI systems, but for long-term adoption, impact and efficiency, it must be woven into the broader fabric of an organization's operational structure.
The case for integration
As the first two articles of this series highlight, AI risks are inherently tied to specific scenarios and contexts, rather than just the technology itself. As a result, there will always be a need for continuous monitoring to evaluate how AI tools evolve over time and with use. This should be a distributed and continuous effort that, at a fundamental level, relies on stakeholders having sufficient knowledge to understand and spot issues at inception and over time, rather than only relying on periodic central assessments.
This means AI literacy cannot be delegated to a single team or control point; it must be embedded throughout the operational fabric of an organization.
Contributors:
Erica Werneman Root
CIPP/E, CIPM
Senior Legal Counsel
Thriva Limited
Monica Mahay
CIPP/E, CIPM, FIP
Chief Compliance Officer
SkyShowtime