Cloud
September 9, 2021 By Abdel Hamou-Lhadj 3 min read

In the recent decade, the value of Artificial Intelligence (AI) has been demonstrated in many industries. These trends have increased the interest of many organizations in AI technologies, not just to streamline business operations, but also to gain a competitive advantage.

However, the deployment and use of AI to support business operations may present significant risks to individuals, groups, and even society, if not managed according to clear principles and practices, such as those represented in particular sets of authoritative rules. That management would mitigate the possibility that AI could infringe upon fundamental rights of the individuals and groups subjected to it. For example, screening resumes for prospective employment candidates using AI that is biased towards specific genders or ethnicities would clearly be unacceptable.

Authoritative rules come in different forms and have diverse application domains. They can be:

  • Government laws and regulations, such as Illinois’s new Artificial Intelligence Video Interview Act.
  • International standards, such as the ones in development by ISO AI working groups, or technology-focused standards, such as the IEEE standards for AI.
  • Internal organizational rules based on principles, policies, or procedures.

Therefore, to scale the deployment and use of AI, organizations should establish a compliance management program – one that addresses relevant requirements from applicable AI authoritative rules. Such a program constructs guardrails around the use of AI so it is consistent with the organization’s principles and values, as well as with its stakeholders’ expectations and demands.

Key practices to consider in establishing an AI compliance program

1. Develop a global view of AI compliance

The complexity and ever-changing nature of the authoritative rules an organization must follow can be overwhelming. In addition, introducing new AI rules may negatively impact the state of compliance to some pre-existing rules.  It is, therefore, more effective for the organization to handle AI compliance in a systemic way to allow for a consistent compliance approach across the organization and leverage appropriate controls to meet applicable requirements.

2. Get involved in AI compliance intelligence

Updates to existing AI authoritative rules and the emergence of new ones may require significant changes in the way an organization has set up its compliance program and controls. In addition, adapting to new AI requirements may introduce a level of complexity that is beyond what the organization has been prepared to take on.

To efficiently adapt to these changes, organizations should proactively monitor the development and modification of the relevant AI authoritative rules.

3. Enable an AI compliance mapping capability

When an organization is subject to several AI authoritative rules, it is often difficult to narrow down the full set of AI requirements that should be addressed in a specific context. This is because mapping requirements from AI authoritative rules that are issued by different sources for different jurisdictions is a complex task that crosses several expertise areas (e.g., AI, privacy, security).

Using in-house or third-party outsourced resources, such as IBM Promontory Services, organizations can map out common AI requirements that need to be fulfilled consistently and supplemental ones that can be addressed as needed.

4. Invest in AI compliance enablement

An effective AI compliance management approach includes a clear communication of the right practical steps to realize AI compliance objectives.

Organizations should develop appropriate process enablement and education activities to help employees understand their organization’s AI compliance objectives, their role in meeting those goals, as well as how to proceed in practice.

5. Enforce AI compliance positively

Enforcing AI compliance, using relevant technical and organizational measures, is critical.

A positive compliance enforcement approach, based on promoting trust and transparency rather than overemphasizing verification, is often more effective because it allows the organization to get the full support of its employees to meet AI compliance objectives.

How technology can help

Technology plays an important role in supporting an effective AI compliance program. For example, it can help:

  • Manage the set of authoritative rules and underlying requirements allowing an efficient mapping of the requirements to determine appropriate compliance objectives and controls.
  • Enable employees to make the right decisions and take the appropriate actions to meet compliance objectives and controls, while managing associated risks efficiently.
  • Measure and monitor compliance progress and report on that as needed in a transparent way.

With an effective AI compliance program, sponsored by leadership and endorsed by employees, companies can achieve the compliance needed to infuse trustworthy AI throughout the enterprise.

For more information:

Was this article helpful?
YesNo

Tags

 |  |  |  | 
Abdel Hamou-Lhadj
Tech Ethics Offering and Compliance Leader at IBM

More from Cloud
June 26, 2024

A major upgrade to Db2® Warehouse on IBM Cloud®

2 min read - We’re thrilled to announce a major upgrade to Db2® Warehouse on IBM Cloud®, which introduces several new capabilities that make Db2 Warehouse even more performant, capable, and cost-effective. Here's what's new Up to 34 times cheaper storage costs The next generation of Db2 Warehouse introduces support for Db2 column-organized tables in Cloud Object Storage. Db2 Warehouse on IBM Cloud customers can now store massive datasets on a resilient, highly scalable storage tier, costing up to 34x less. Up to 4 times…

June 24, 2024

Manage the routing of your observability log and event data 

4 min read - Comprehensive environments include many sources of observable data to be aggregated and then analyzed for infrastructure and app performance management. Connecting and aggregating the data sources to observability tools need to be flexible. Some use cases might require all data to be aggregated into one common location while others have narrowed scope. Optimizing where observability data is processed enables businesses to maximize insights while managing to cost, compliance and data residency objectives.  As announced on 29 March 2024, IBM Cloud® released its next-gen observability…

June 19, 2024

The recipe for RAG: How cloud services enable generative AI outcomes across industries

4 min read - According to research from IBM®, about 42% of enterprises surveyed have AI in use in their businesses. Of all the use cases, many of us are now extremely familiar with natural language processing AI chatbots that can answer our questions and assist with tasks such as composing emails or essays. Yet even with widespread adoption of these chatbots, enterprises are still occasionally experiencing some challenges. For example, these chatbots can produce inconsistent results as they’re pulling from large data stores…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters