Best Practices for AI Governance

by Zachary Barlow

April 2, 2025

Companies use AI to ramp up efficiency and find new value throughout their operations. However, AI can be unruly, and often times AI implemented with the best intentions can have unintended consequences. Additionally, different departments across the same company may use AI differently. This makes it difficult to manage all the ways AI is deployed throughout a company. Good governance is key to effective AI use and AI risk mitigation. Frost Brown Todd recently wrote about AI governance in a memo stating:

“Good AI governance combines different risk-management frameworks to address an organization’s legal requirements and values while establishing appropriate practices to safeguard privacy and protect their information assets, employees, and customers. Importantly, AI governance should be undertaken in partnership with a company’s data governance, security, and privacy programs.”

The memo goes on to provide several best practices for AI governance including:

  • “Establishing clear data provenance and governance practices.
  • Designating cross-functional AI leads within the organization (legal, IT, HR, etc.).
  • Providing employee-level training on AI tools and acceptable uses.
  • Updating licensing agreements to reflect new transparency requirements.
  • Maintaining awareness of evolving federal and state-level regulations.”

Good AI governance isn’t always easy, but through utilizing best practices companies can capitalize on AI and minimize risk. One key point is that AI can be applied very differently across a company. These differing use cases present unique governance challenges and underlie the need for transparency at every level. Companies should also be clear in their policies about what constitutes “AI use.” Sales and marketing may use AI in the context of pitching ideas or writing copy, and research and development may use machine learning AI systems to analyze data or develop new products. Good AI governance requires leadership to understand all AI deployments within a company and the unique challenges associated with each.