NIST AI Risk Management Framework Playbook

GOVERN   

GOVERN 2.3

Executive leadership of the organization takes responsibility for decisions about risks associated with AI system development and deployment.


About


Senior leadership and C-Suites in organizations that maintain an AI portfolio should maintain awareness of AI risks, affirm the organizational appetite for such risks, and be responsible for managing those risks..

Accountability ensures that a specific team and individual is responsible for AI risk management efforts. Some organizations grant authority and resources (human and budgetary) to a designated officer who ensures adequate performance of the institution’s AI portfolio (e.g. predictive modeling, machine learning).

Suggested Actions
  • Organizational management can:
    • Declare risk tolerances for developing or using AI systems.
    • Support AI risk management efforts, and play an active role in such efforts.
    • Support competent risk management executives.
    • Delegate the power, resources, and authorization to perform risk management to each appropriate level throughout the management chain.
  • Organizations can establish board committees for AI risk management and oversight functions and integrate those functions within the organization’s broader enterprise risk management approaches.
Transparency and Documentation


Organizations can document the following:

  • Did your organization’s board and/or senior management sponsor, support and participate in your organization’s AI governance?
  • What are the roles, responsibilities, and delegation of authorities of personnel involved in the design, development, deployment, assessment and monitoring of the AI system?
  • Do AI solutions provide sufficient information to assist the personnel to make an informed decision and take actions accordingly?
  • To what extent has the entity clarified the roles, responsibilities, and delegated authorities to relevant stakeholders?

AI Transparency Resources:

  • WEF Companion to the Model AI Governance Framework- 2020. URL
  • GAO-21-519SP: AI Accountability Framework for Federal Agencies & Other Entities. URL
References


Bd. Governors Fed. Rsrv. Sys., Supervisory Guidance on Model Risk Management, SR Letter 11-7 (Apr. 4, 2011)

Off. Superintendent Fin. Inst. Canada, Enterprise-Wide Model Risk Management for Deposit-Taking Institutions, E-23 (Sept. 2017).



Back to Top ↑