Developing an AI Governance Program Through an Existing Privacy Management Framework

Developing an AI governance program is a complex but essential endeavor for organizations harnessing the power of AI. By integrating existing privacy management frameworks with AI governance, organizations can create a structured approach to AI governance that addresses the multifaceted challenges of AI without reinventing the wheel. This integrated approach not only enhances compliance and risk management but also fosters trust and accountability in AI technologies, ultimately leading to more responsible and ethical AI practices.

The use of artificial intelligence is predicted to grow by more than 25% each year for the next five years and could contribute over $15 trillion to the global economy by 2030[1]. AI provides great benefits and opportunities for the world, but AI systems can introduce significant ethical, legal, and operational risks, necessitating a structured approach to managing these challenges. An AI governance program, enabling consistency, standardization and responsible use of AI can help. AI governance refers to the processes, standards and guardrails that help ensure AI systems and tools are developed and used in a safe, ethical, and responsible manner.

Privacy management programs are an accountability best practice in place in many organizations, particularly those with mature privacy practices. Leveraging existing frameworks underlying these privacy management programs can provide a strong foundation for developing a comprehensive AI governance program. In fact, in a recent industry study, it was found that more than 50% of organizations building new AI governance approaches are building responsible AI governance on top of existing, mature privacy programs.[2]

The table below highlights some key strategies to leverage privacy governance best practices in creating an AI governance program by mapping some of the key components of a privacy management program to the required elements of an AI governance program.

[1] IAPP Privacy and AI Governance Report, 2024 https://​iapp​.org/​m​e​d​i​a​/​p​d​f​/​r​e​s​o​u​r​c​e​_​c​e​n​t​e​r​/​p​r​i​v​a​c​y​_​a​i​_​g​o​v​e​r​n​a​n​c​e​_​r​e​p​o​r​t.pdf

[2] IAPP – Privacy and AI Governance Report, 2024 https://​iapp​.org/​m​e​d​i​a​/​p​d​f​/​r​e​s​o​u​r​c​e​_​c​e​n​t​e​r​/​p​r​i​v​a​c​y​_​a​i​_​g​o​v​e​r​n​a​n​c​e​_​r​e​p​o​r​t.pdf

The scope of the study included interviews with stakeholders in organizations from across six industries in North America, Europe and Asia: technology, life sciences, telecommunication, banking, staffing and retail.