The Responsible AI Institute has launched an AI policy template designed to help enterprises develop their own company-wide responsible AI policies.
Some enterprises struggle with executing a critical step in their AI journeys: developing and establishing AI guardrails and ethical policies within their organization, according to the Texas-based non-profit, whose members include Amazon Web Services, Boston Consulting Group, ATB Financial, and Shell.
RAI Institute described the template as an “industry-agnostic, plug-and-play policy document” that allow organizations to develop policies that are aligned with both business needs and risks.
The template, it said, covers common policy and governance functions and processes, including data management, risk management and procurement, “enabling enterprises to more readily integrate AI-specific guidance from the NIST AI Risk Management Framework (RMF) and ISO/IEC 42001.”
The NIST framework, introduced early last year, is designed to help organizations “incorporate trustworthiness considerations into the design, development, use and evaluation of AI products and services,” according to the NIST.
ISO/IEC 42001, meanwhile, specifies the International Organization for Standardization’s requirements for establishing, implementing, maintaining and continually improving an Artificial Intelligence Management System (AIMS) within organizations.
“AI technology adoption is already widespread,” RAI Institute said. “However, responsible AI frameworks consistently lag behind the speed of innovation. Amidst the surge of complex AI solutions, businesses struggle with executing a critical step in their AI journeys: developing and establishing AI guardrails and ethical policies within their organization.”
Citing two studies, it said that 74% of organizations admit they still lack a comprehensive, organization-wide approach to responsible AI, and only 44% of companies using AI are developing ethical AI policies.
In an interview with CIO.com the organization’s director of policy and delivery, Hadassah Drukarch, said that if organizations do not put in place such a framework, they risk adopting AI in an uncoordinated and inconsistent and non transparent manner that can cause issues, risks, ethical dilemmas, and financial reputational damage.
Pivotal role
As for how pivotal the role of the CIO should be in developing responsible AI policies, Drukarch said the division of roles and responsibilities really depends on the size of the organization and its needs at any given point in time.
“We do recommend that organizations think about the role of executive leadership, but it does not have to be the CIO. It could also be the CTO, or even the chief AI officer (CAIO), again it depends on the fit.”
RAI Institute’s template differs from those published by other organizations, such as GovAI Coalition’s AI Policy Template or AI Guardian’s Umbrella AI Policy Template, in several ways, she said.
“Compared to these frameworks, our AI Policy Template provides actionable policy statements as opposed to giving only the highest-level clauses with no potential implementation guidance,” Drukarch said.
She and others at the RAI Institute have seen “many frameworks pass by, from the very broad to the more concrete. There are plenty that organizations can cut and paste from. We see a lot from the big tech companies, for instance, that they have been developing over the past decade or so. They are not necessarily very concrete, and they may need a lot of cutting and pasting.”
The fact that RAI Institute is member-driven is also paramount, she said. “We try to understand the issues that organizations are facing in terms of AI governance on the ground, by asking them the questions, by understanding their pain points. The policy template is really driven by our understanding of the frameworks that they currently have in place, where there are gaps and where we can address them.”
The AI Policy Template is free for members of RAI Institute. Membership costs vary: Individuals pay what they can afford; enterprises’ fees are assessed according to their needs.
