Resource Center / Reports and Surveys / Professionalizing Organizational AI Governance Report

Professionalizing Organizational AI Governance Report

This report on organizational AI governance focuses on the internal guidelines and practices organizations follow to ensure responsible development, deployment or use of AI.

Published: December 2023

Contributors:

Brandon LaLonde

Saz Kanthasamy

Despite the shifting technological and regulatory landscape, there is an understanding that AI is governable.

This report shows organizations are already taking steps to govern AI, from specified staffing to long-term strategic planning. Not only that, but it shows the extent to which this is happening across organization types and across the world. Importantly, it also reveals how organizations are doing so, to what end and up against which obstacles.

Although research shows there are synergies between the skills AI governance professionals will need and the skills of privacy professionals, there is a recognized need for the professionalization of AI governance as its own domain. According to the IAPP-FTI Privacy and AI Governance Report 2023, more than 50% of respondents designing AI governance approaches are building on top of privacy programs and more than 40% are using existing privacy assessments to manage AI risk. Of survey respondents, 33% cited a lack of professional training and certification for AI governance professionals and 31% cited a complete lack of qualified AI governance professionals as key challenges to the effective roll-out and operation of AI governance programs. The time to professionalize AI governance is now.

In the spring of 2023, we asked our global membership to complete a 43-question survey focused on the governance of privacy and also on the governance of AI. Over the course of five weeks, from May to July, we received more than 500 responses from over 50 countries. We published the IAPP-EY Privacy Governance Report 2023 in November but the respondent data on AI governance was so rich and voluminous, we decided to publish this separate, dedicated report on organizational AI governance. Here, organizational AI governance refers to the internal guidelines and practices organizations follow to ensure responsible development, deployment or use of AI by that organization. Such governance is likely to be just as important as the specific governance of the components of the algorithm itself, such as training data, the model and the parameters at the input, process and output stages. To compliment the report, the IAPP published an at-a-glance infographic that presents key data points, which can be accessed here.

AI governance as a top-five strategic priority by continent

For many, the risks and promises of AI remain elusive with the absence of comprehensive global regulations to truly govern this innovative technology. Of survey respondents, 56% indicated they believe their organization does not understand the benefits and risks of AI deployment. However, for the 60% of respondents who indicated their organization already established a dedicated AI governance function or will likely establish one in the next 12 months, the rapidly changing nature of AI has created, and will continue to create, professional challenges in cohering to, coordinating with and actioning the complex technical and regulatory ecosystem of AI.

Key takeaways

AI is here

Of respondents, 74% are either already using AI products — largely for data analysis and process automation — or plan to within the next 12 months. Of the companies using AI, the top three uses of the technology were data analysis, process automation and personalizing experiences, at 33%, 28% and 11% respectively.

AI governance has rocketed to the top as a strategic priority

The rise of AI governance as a strategically important organizational priority is commensurate to the ubiquity of AI technology within organizations. In this year's privacy governance survey, we asked about the top five strategic privacy priorities for respondents' organizations. AI governance has not so much risen to the top of the list as it has rocketed. In 2022, AI governance averaged as the ninth most important strategic priority for privacy functions. In 2023, it was second.

The call to action for AI governance has been sounded and action is being taken

Organizations recognize the need for dedicated, professional functions responsible for ensuring AI systems are developed, integrated and deployed in line with emerging AI laws and policies, and in ways that promote trust. Of survey respondents, 60% said their organizations have either already established a dedicated AI governance function or will likely establish one in the next 12 months.

Organizational benefits of AI-enabled compliance

Whether through AI-enabled tooling that identifies potential privacy risks, finds metadata trends, monitors programs or automates tasks, privacy compliance is an area that could benefit from AI. Just over five in 10 respondents said their organization has no plans to use AI to support privacy compliance, while just over two in 10 said their organization either currently uses AI for compliance purposes or intends to within the next three years.

Challenges in implementing an AI governance program

Respondents who currently use AI identified some of the most common challenges they face in implementing or operating their AI governance programs. Of respondents, 57% face an absence of control over AI deployment within the organization and 56% believe their respective organizations do not fully understand the benefits and risks of AI deployment. The pace of development in both the technology itself and the surrounding regulatory landscape were identified as challenges by 45% and 42% of respondents, respectively.

Looking forward

The IAPP has recognized this need and set up the IAPP AI Governance Center, with resources, training and certification aimed at all types of professionals who have been tasked with AI governance responsibilities. This report provides a window to a view that, by dint of the velocity and variety of innovation, will change. The AI Governance Center will keep track of the laws, policies, frameworks implementation tools and industry trends developing in the AI governance field.

Additional resources