AI governance in the boardroom strategies for effective oversight and implementation

In my capacity as a board member, board adviser and IoD Kent technology and engineering ambassador, I regularly speak with senior leaders (including board chairs) about their organisations’ AI strategies and adoption plans. In nearly all conversations, these leaders admit that there is a critical, ongoing need for equipping boardrooms with the tools and knowledge to navigate AI effectively.

On one occasion, I was asked to provide input during a healthcare organisation’s audit committee discussion on the need for robust monitoring and control of risks introduced by proposed AI use cases. Most of the committee members admitted to feeling daunted by the topic, underscoring the steep learning curve boards face when engaging with AI.

The current state of AI in boardrooms

A 2024 Deloitte Global report on AI oversight in the boardroom revealed concerning statistics:

• Only 2% of 468 board members and C-suite executives in 57 countries surveyed claimed to be “highly knowledgeable and experienced” when it came to AIAI has never been on the board agenda in 45% of organisations
• 46% of respondents expressed concern about insufficient oversight of AI opportunities and risks
• Approximately 44% believed there is a need to accelerate AI adoption in their organisations.

These statistics highlight a pressing need for boards to improve their AI literacy and governance frameworks to remain competitive.

Defining AI and governance

The UK Government Office for Science describes AI as “more than the simple automation of existing processes: it involves, to greater or lesser degrees, setting an outcome and letting a computer program find its own way there. It is this creative capacity that gives artificial intelligence its power. But it also challenges some of our assumptions about the role of computers and our relationship to them.”

AI governance encompasses the practices, frameworks, structures, policies and tools that ensure optimal return on AI investments while mitigating risks. Key components include:

• Ethical guidelines
• Risk assessment protocols
• Accountability measures
• Transparency requirements
• Compliance with regulations

Steps for implementing effective AI governance

Addressing the complexities of AI governance requires a structured approach. Based on my professional experience and practices I’ve observed across several sectors, here are seven key steps:

Get AI literate

Board members should continuously educate themselves on AI through individual research, collective learning, reading relevant books, attending workshops and conferences and inviting AI specialists for in-depth discussions during board development sessions

Personally, I make it a priority to share relevant learnings with fellow board or committee members whenever possible. I also encourage board members to try out as many AI tools as possible (especially generative AI tools like ChatGPT, Perplexity, Gemini, etc) for first-hand experience.

Review competency matrix and succession plans

Refresh your board profile to include individuals with diverse perspectives and experience in AI and emerging technologies. Update succession plans for both your board and management to include leaders with relevant technological expertise.

Conduct comprehensive AI audits

Perform thorough assessments of AI use within your organisation to understand what is currently being used and how. This will also prevent issues from “shadow AI” (i.e., the unsanctioned use of AI tools or applications by employees or end users without approval or oversight of the IT department).

An organisation I advise started by taking stock of all AI use cases within the enterprise. This foundational step has enabled ongoing monitoring and control and should help them uncover instances of shadow AI that could have unintended consequences.

Align AI strategy with organisational goals

Review and update your organisation’s strategy to ensure its relevance in the AI era. Define what “good” looks like for your organisation, then craft an AI strategy that supports overall business objectives.

It’s crucial to avoid adopting AI for its own sake. Instead, ensure every AI initiative aligns with meaningful business outcomes and strategic goals.

Establish a robust AI governance structure

Define and assign AI-related responsibilities, considering ownership and delegation of matters to appropriate committees. Establish and enforce AI ethics and policies through an empowered ethics committee.

Operationalise AI governance

Integrate relevant policies, regulations and guidelines into day-to-day processes to ensure they actively guide operations rather than remaining theoretical.

Implement effective measurement systems

Develop appropriate evaluations and benchmarks to identify how AI deployments contribute to strategic goals. Consider using a framework similar to Grammarly’s four measurement categories:

• Compliance
• Quality
• User/employee experience
• Bottom-line impact

Legal and regulatory implications

Boards should stay informed about evolving AI regulations and ensure compliance. This includes understanding data protection laws, ethical AI guidelines and industry-specific regulations that may impact AI deployment.

Neglecting AI governance has already led to high-profile incidents. For example, Workday is facing a novel class action suit for bias in its AI-based job screening algorithm (which is said to discriminate against minority applicants). Proactive governance can prevent such situations.

Conclusion

Boards play a crucial role in guiding their organisations through the AI revolution. By focusing on governance, education, responsible implementation and strategic considerations, your board can ensure your company harnesses the power of AI while managing associated risks and ethical concerns.

As a board member, you are uniquely positioned to navigate your organisation through AI’s complexities. Start today by prioritising education, governance and strategic alignment. The future of your business may depend on it.

Ula’s article was originally published on Forbes.com

To learn more about AI governance and strategy for boards, join IoD Kent’s next in-person networking event, ‘AI Insights: Navigating Strategic & Regulatory Frontiers’ in London on 15 May 2025.