Navigating governance challenges
 

The increased adoption of Generative AI has prompted widespread regulatory responses globally. Notable examples include the National Institute of Standards and Technology (NIST), which has introduced an AI Risk Management Framework. The European Parliament which has proposed the EU Artificial Intelligence Act, while the European Union Agency for Cybersecurity (ENISA) has been at the forefront of discussions regarding cybersecurity for AI. Additionally, HITRUST has released the latest version of the Common Security Framework (CSF v11.2.0), now encompassing areas specifically addressing AI risk management.

These guidelines and frameworks provide valuable assistance to enterprises but have limitations in fully addressing ethical, legal implications, and AI regulatory compliance associated with use of Generative AI, even as they foster innovation.

The US has taken a notable step by issuing a comprehensive executive order on AI, aiming to promote the “safe, secure and trustworthy development and use of artificial intelligence.” A White House fact sheet outlining the order has been released. This Executive Order stands as a significant contribution to the discussion of AI accountability in the development and deployment of AI across organizations.

Further, at the international AI Safety Summit, it was announced that like-minded governments and AI companies had reached an agreement to test new AI models prior to their release and adoption. The UK will also establish the world's first AI safety institute, responsible for testing new AI models for a range of risks.

These developments underscore the seriousness and commitment of governments and regulators worldwide in managing risks and governance in Generative AI.

Understanding the trust quotient in Generative AI
 

To capitalize on the competitive advantage and drive business value offered by Generative AI, it is imperative for enterprises to build trust in Generative AI models and solutions. This can be achieved by ensuring AI transparency, AI accountability, and ethical considerations in AI development are integral components of the Generative AI design itself.

Organizations need to establish clear lines of responsibility for actions and outputs generated, develop auditable and monitorable mechanisms for traceability, and facilitate the identification of errors, biases, or misconduct within Generative AI. Further, AI ethics must be intentionally integrated into the fabric of Generative AI design through development of technological processes to manage key ethical aspects such as bias mitigation, privacy protection, consent autonomy, social impact, responsible AI data usage, human oversight, etc.

Evaluating the efficacy of governance mechanisms in trust-building

To build and sustain trust in AI, organizations need to establish a Generative AI Governance framework that is unbiased, resilient, explainable, transparent and performance-based. Enterprises must ensure that inherent biases are identified and managed, and that the data used by the Generative AI system, its components, and the algorithm itself are secured from unauthorized access, corruption, and adversarial attack. The training methods and decisions criteria of Generative AI should be understood, documented and readily available for human operator challenge and validation, where necessary.

Privacy-related initiatives, such as providing end-users with appropriate notification during AI interaction, offering an opportunity to select their level of interaction, and obtaining user consent for related data processing, need to be clearly defined. It is crucial to ensure that the conformance of these initiatives is integral to the implementation process.

From a business standpoint, it is essential to ensure that the outcomes of Generative AI align with stakeholders’ expectations, and performance is monitored to adhere to the desired level of precision and consistency.