A GRC Framework for AI

As an executive concerned with the governance and control of AI within your enterprise you have probably studied recent news, event panels and reports discussing topics such as ‘Ethical AI’ and ‘Trusted AI’ and wondered how exactly that relates to managing risk within the enterprise.  

Look in more detail and you will note a focus on social and economic inequality, environmental protection, open data for example that, while laudable, are generally not the practical AI governance issues you expect to address today. 

The AI community is leading the technology world in terms of addressing the potential impact of AI. This diverse group of academics, NGO’s, governments and industry, some new to AI, produce insightful reports that often, however, conflate political and economic hopes with industry needs.

In this report we will try to separate those multiple concerns and focus on what we currently view as those elements critical in the enterprise. We then outline those elements in a ‘Governance, Risk and Compliance (GRC)’ Framework that can be used to inform your own GRC Framework for AI.

GRC Framework Elements