September 9, 2021 By Abdel Hamou-Lhadj 3 min read

In the recent decade, the value of Artificial Intelligence (AI) has been demonstrated in many industries. These trends have increased the interest of many organizations in AI technologies, not just to streamline business operations, but also to gain a competitive advantage.

However, the deployment and use of AI to support business operations may present significant risks to individuals, groups, and even society, if not managed according to clear principles and practices, such as those represented in particular sets of authoritative rules. That management would mitigate the possibility that AI could infringe upon fundamental rights of the individuals and groups subjected to it. For example, screening resumes for prospective employment candidates using AI that is biased towards specific genders or ethnicities would clearly be unacceptable.

Authoritative rules come in different forms and have diverse application domains. They can be:

  • Government laws and regulations, such as Illinois’s new Artificial Intelligence Video Interview Act.
  • International standards, such as the ones in development by ISO AI working groups, or technology-focused standards, such as the IEEE standards for AI.
  • Internal organizational rules based on principles, policies, or procedures.

Therefore, to scale the deployment and use of AI, organizations should establish a compliance management program – one that addresses relevant requirements from applicable AI authoritative rules. Such a program constructs guardrails around the use of AI so it is consistent with the organization’s principles and values, as well as with its stakeholders’ expectations and demands.

Key practices to consider in establishing an AI compliance program

1. Develop a global view of AI compliance

The complexity and ever-changing nature of the authoritative rules an organization must follow can be overwhelming. In addition, introducing new AI rules may negatively impact the state of compliance to some pre-existing rules.  It is, therefore, more effective for the organization to handle AI compliance in a systemic way to allow for a consistent compliance approach across the organization and leverage appropriate controls to meet applicable requirements.

2. Get involved in AI compliance intelligence

Updates to existing AI authoritative rules and the emergence of new ones may require significant changes in the way an organization has set up its compliance program and controls. In addition, adapting to new AI requirements may introduce a level of complexity that is beyond what the organization has been prepared to take on.

To efficiently adapt to these changes, organizations should proactively monitor the development and modification of the relevant AI authoritative rules.

3. Enable an AI compliance mapping capability

When an organization is subject to several AI authoritative rules, it is often difficult to narrow down the full set of AI requirements that should be addressed in a specific context. This is because mapping requirements from AI authoritative rules that are issued by different sources for different jurisdictions is a complex task that crosses several expertise areas (e.g., AI, privacy, security).

Using in-house or third-party outsourced resources, such as IBM Promontory Services, organizations can map out common AI requirements that need to be fulfilled consistently and supplemental ones that can be addressed as needed.

4. Invest in AI compliance enablement

An effective AI compliance management approach includes a clear communication of the right practical steps to realize AI compliance objectives.

Organizations should develop appropriate process enablement and education activities to help employees understand their organization’s AI compliance objectives, their role in meeting those goals, as well as how to proceed in practice.

5. Enforce AI compliance positively

Enforcing AI compliance, using relevant technical and organizational measures, is critical.

A positive compliance enforcement approach, based on promoting trust and transparency rather than overemphasizing verification, is often more effective because it allows the organization to get the full support of its employees to meet AI compliance objectives.

How technology can help

Technology plays an important role in supporting an effective AI compliance program. For example, it can help:

  • Manage the set of authoritative rules and underlying requirements allowing an efficient mapping of the requirements to determine appropriate compliance objectives and controls.
  • Enable employees to make the right decisions and take the appropriate actions to meet compliance objectives and controls, while managing associated risks efficiently.
  • Measure and monitor compliance progress and report on that as needed in a transparent way.

With an effective AI compliance program, sponsored by leadership and endorsed by employees, companies can achieve the compliance needed to infuse trustworthy AI throughout the enterprise.

For more information:

Was this article helpful?

More from Cloud

A clear path to value: Overcome challenges on your FinOps journey 

3 min read - In recent years, cloud adoption services have accelerated, with companies increasingly moving from traditional on-premises hosting to public cloud solutions. However, the rise of hybrid and multi-cloud patterns has led to challenges in optimizing value and controlling cloud expenditure, resulting in a shift from capital to operational expenses.   According to a Gartner report, cloud operational expenses are expected to surpass traditional IT spending, reflecting the ongoing transformation in expenditure patterns by 2025. FinOps is an evolving cloud financial management discipline…

IBM Power8 end of service: What are my options?

3 min read - IBM Power8® generation of IBM Power Systems was introduced ten years ago and it is now time to retire that generation. The end-of-service (EoS) support for the entire IBM Power8 server line is scheduled for this year, commencing in March 2024 and concluding in October 2024. EoS dates vary by model: 31 March 2024: maintenance expires for Power Systems S812LC, S822, S822L, 822LC, 824 and 824L. 31 May 2024: maintenance expires for Power Systems S812L, S814 and 822LC. 31 October…

24 IBM offerings winning TrustRadius 2024 Top Rated Awards

2 min read - TrustRadius is a buyer intelligence platform for business technology. Comprehensive product information, in-depth customer insights and peer conversations enable buyers to make confident decisions. “Earning a Top Rated Award means the vendor has excellent customer satisfaction and proven credibility. It’s based entirely on reviews and customer sentiment,” said Becky Susko, TrustRadius, Marketing Program Manager of Awards. Top Rated Awards have to be earned: Gain 10+ new reviews in the past 12 months Earn a trScore of 7.5 or higher from…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters