Companies confront escalating predicament regarding AI management
In a recent report, Trustmarque has highlighted several challenges and proposed solutions for embedding AI governance into software development processes. The report reveals that while 93% of UK organisations use AI, only 8% have fully integrated AI governance into their software development lifecycle [1][2][3].
Challenges
The rapid adoption of AI outpaces the maturity of governance, creating a significant governance gap. Many organisations rely on traditional software development methods, failing to address AI-specific risks such as model bias and lack of interpretability. Only 28% include bias detection during testing, and 22% assess model interpretability [1].
Infrastructure and tooling deficiencies also pose a problem, with just 4% of organisations feeling their data and infrastructure are ready for AI at scale. Key governance tools like registries, audit trails, and version control for AI models are often manually managed or missing [1].
Lack of clear accountability is another challenge, with little alignment between IT leadership and governance activities. Only 9% report effective collaboration, and 19% state no clear ownership of AI governance [2].
Most governance efforts are fragmented and lack strategic leadership, resulting in little continuous monitoring. Only 18% have implemented continuous governance monitoring with key performance indicators (KPIs) to track progress or ROI [2].
Solutions
To address these challenges, the report suggests several solutions. Embedding governance from the design phase through deployment is essential to ensure transparency, fairness, and compliance, thereby reducing bias and safeguarding data [1].
Modernising development processes is another key solution, updating software development to include AI-specific risk management practices such as bias detection and model interpretability assessment during development and testing phases [1].
Improving infrastructure and tooling is also crucial. Establishing AI-ready infrastructures that support automation of governance controls like model registries and audit trails can help handle AI at scale more effectively [1].
Clarifying ownership and leadership is another important step. Defining clear accountability and aligning governance efforts with IT leadership ensures cohesive oversight mechanisms [2].
Implementing continuous monitoring using KPIs and continuous monitoring frameworks can track AI governance progress and measure ROI, enabling proactive risk management and adjustments [2].
These insights from Trustmarque emphasise that successful embedding of AI governance requires not only technical updates but also organisational and leadership commitment to create robust, strategic, and scalable governance frameworks [1][2][3].
Seb Burrell, head of AI at Trustmarque, stated that the report shows AI adoption is outpacing governance, with 93% of organisations using AI but only 7% having fully embedded governance frameworks. He further warned that the lack of central ownership for AI oversight is prevalent, and the absence of effective oversight can lead to privacy breaches, operational instability, ethical missteps, and loss of stakeholder trust [4].
References: [1] Trustmarque. (2022). Embedding AI Governance: Challenges and Solutions. [online] Available at: https://www.trustmarque.com/insights/embedding-ai-governance-challenges-and-solutions/
[2] Burrell, S. (2022). AI Adoption Outpaces Governance, Warns Trustmarque. [online] Available at: https://www.computerweekly.com/news/252523324/AI-adoption-outpaces-governance-warns-Trustmarque
[3] The Guardian. (2022). UK Firms Failing to Manage AI Risks, Report Finds. [online] Available at: https://www.theguardian.com/technology/2022/mar/10/uk-firms-failing-to-manage-ai-risks-report-finds
[4] Forbes. (2022). AI Adoption Outpaces Governance, Warns Trustmarque. [online] Available at: https://www.forbes.com/sites/forbestechcouncil/2022/03/10/ai-adoption-outpaces-governance-warns-trustmarque/?sh=319b290f2a6c
- To ensure transparency, fairness, and compliance within AI software development, it is crucial to incorporate governance from the design phase through deployment, as suggested by the report from Trustmarque.
- Enhancing cybersecurity measures and adhering to compliance standards are essential aspects of AI-specific risk management, a practice that should be integrated during both development and testing phases of software development.
