The role of the Governing Body in AI

The governing body's role in AI

Governing body decisions regarding AI

The governing body's role is to ensure that:

  • A comprehensive and balanced assessment of stakeholder needs, conditions and expectations, and options is conducted to establish clear and agreed-on enterprise objectives.
  • A strategic direction is defined and communicated through effective prioritization and decision-making, risk optimisation, architecture, frameworks, policies, processes, and models.
  • The use of data, ethics, the performance of systems, and compliance is regularly and rigorously monitored against legal obligations, agreed-on direction and enterprise objectives.



  • The governing body should examine and make judgments on the current and future use of AI, including strategies, proposals and supply arrangements (providers, product manufacturers, importers, distributors, authorised representatives, as necessary).
  • In evaluating the use of AI, the governing body should consider the internal and external pressures acting upon the business, such as technological change, economic and social trends, and public policy statements.
  • The governing body should undertake evaluation continually, as pressures change.
  • The governing body should also take account of both current and future business and stakeholder needs — the current and future organisational objectives that they must achieve, such as maintaining competitive advantage, as well as the specific objectives of the strategies and proposals they are evaluating.


  • The governing body should assign responsibility for, and direct preparation and implementation of plans and policies. Plans should set the direction for investments in AI projects and AI operations. Policies should establish sound behaviour in the use of AI.
  • The governing body should ensure that the transition of projects to operational status is properly planned and managed, taking into account impacts on business and operational practices as well as existing AI systems and infrastructure.
  • The governing body should encourage a culture of good governance of AI in their organization by requiring managers to provide timely information, to comply with direction and to conform with the principles of good AI governance.
  • If necessary, the governing body should direct the submission of proposals for approval to address identified needs.


  • The governing body should monitor, through appropriate measurement systems, the performance of AI. It should reassure itself that performance is following plans, particularly about businesses' intended purposes.
  • The governing body should also make sure that AI systems conform with external obligations (regulatory, legislation, common law, contractual) and internal work practices.

The Data Protection Systems is a leading provider of IT and AI governance services, privacy-enhancing solutions and training.

Follow us:


Useful Links