Editor's note: Take the 2025 Governance Survey!
The fields of privacy, AI governance, cybersecurity law and digital responsibility are intersecting more than ever before. To help understand and serve these colliding disciplines, the IAPP is calling for participation in its annual Governance Survey. This iteration of the survey will broadly explore governance operations, staffing and resourcing across geographies and sectors.
This survey is for IAPP research purposes only. All responses will be strictly confidential, and you will never be contacted about your responses.
Privacy, cybersecurity, artificial intelligence governance, content moderation, product liability, intellectual property, accessibility, competition and online safety. Digital governance encompasses any combination of these domains.
Digital governance has increased in prominence over the last few years and the need for coordination among these topics is clear, especially in an environment where there is greater geopolitical flux, increased pressure to tighten budgets and rapid developments in internal and external environments.
In 2024, the IAPP launched research into whether and how organizations are responding to this challenge, working to meet their objectives and responsibilities for digital innovation and digital governance. Interviews were conducted with more than 20 senior decision-makers who lead their organizations' work on various aspects of digital governance.
Macroenvironmental factors including economic pressures, cultural expectations of digitization, technological developments and continued legal developments have been driving adoption of coherent and coordinated digital governance approaches. Alongside this, many organizations identified that trust in digital goods and services supported by enhanced digital governance is vital, going so far as to make this a competitive differentiator against peer organizations.
As a result of an integrated digital governance approach, forward-looking organizations may be moving from siloed analog governance models to more augmented and aligned models of governance.
The Organizational Digital Governance Report 2024 identified a method to categorize governance maturity over three levels.
1. An analog model for an organization seeks to implement digital governance within and through individual subdomains without a defined or cohered approach to digital governance.
2. An augmented model for an organization seeks to implement digital governance through various interdisciplinary processes and structures within a defined and structured approach to digital governance.
3. An aligned model has streamlined the processes and structures into a more singularly defined and framed approach to digital governance.
Should all organizations immediately prioritize work to get to an aligned model? In most cases the answer will depend on several factors including the type of organization, desire for leadership to improve governance and whether competitors are taking similar steps to address digital governance.
In this year's Governance Survey, we're looking to take a deep dive across our broad community to better understand approaches to digital governance. By combining digital governance maturity answers with demographic data, we hope to answer how maturity varies by organizational revenue, number of employees, if an organization delivers business to business or business to consumer, and if high maturity is pursued by those organizations with a better understanding of how governance can support innovation and growth.
This year's survey seeks insights from those working in privacy functions, AI governance functions and additional functions with digital governance responsibilities. The report will seek to outline how those working within these functions are delivering innovation, business growth and compliance outcomes while limited to budget and resource constraints. We hope this offers you the opportunity to benchmark your organization's governance structures against peer organizations.
Saz Kanthasamy, CIPP/E, CIPM, FIP, is the principal researcher, privacy management for the IAPP.
