Dive Brief:
- Enterprises are directing more resources to governance as AI risks come into clearer view, according to a September OneTrust report that surveyed 1,250 IT leaders.
- Nearly all — 98% — of enterprises plan to increase governance budgets in the next financial year, with the average business anticipating a 24% jump. More money is going into governance as 86% of IT leaders with “advanced AI adoption” say they’ve identified gaps in visibility, collaboration and policy enforcement.
- Enterprises are also focusing more time on mitigating risks. IT leaders spent around 37% more time managing AI risks this year, according to the survey. More than 4 in 5 businesses cite AI risks as a driving force behind modernizing governance practices.
Dive Insight:
For all of AI's perceived benefits, CIOs can’t afford to ignore risks. Enterprises are honing their strategies with governance and guardrails in mind.
“Like so many other operations within an organization, you have to have that first line, second line and third line of defense when you’re protecting your AI,” Traci Gusher, AI and data leader at EY Americas, told CIO Dive. “That holistic policy, value set, technical processes, control points, as well as the people that are integrated into that process, is really what robustness looks like when we’re talking about managing AI responsibly.”
Businesses are already leaning on several mechanisms to improve risk mitigation, such as human-in-the-loop oversight, data access restrictions and AI access via trusted technology providers. Recommendations laid out by the National Institute of Standards and Technology last year have also helped businesses gain ground in the early innings.
Analysts say getting governance right will remain an iterative process as AI technologies mature and businesses analyze potential dangers.
Some CIOs are also taking a more fastidious approach to prioritizing AI projects.
“If you’re just approving everything … your chances of success are going to be much lower,” said Greg Macatee, senior analyst at S&P Global Market Intelligence 451 Research.
While some dead-end AI projects are inevitable, failing to mitigate risks comes at a cost. Almost all senior executives say their business has experienced at least one type of “problematic incident” from enterprise AI use, primarily leading to direct financial loss to the business, according to an August Infosys report. The average company reported $800,000 in losses over a two-year period.
The pressure is on CIOs to help their businesses navigate the rocky, uncharted terrain. AI adoption is already changing what and how technology leaders govern, but vigilance is required as further adjustments are needed, according to Blake Brannon, chief innovation officer at OneTrust.
“While AI projects move at unprecedented speed, traditional governance processes are operating at yesterday's pace," Brannon said in a release accompanying the report.
