ISO 42005 just gave AI impact assessments a formal structure—and a fighting chance at global consistency. Plus: five top-tier governance resources, a format refresh, and a reminder that security can be fun (if you’re defending your bank account from AI prompt hackers).
This practical and comprehensive implementation guide offers a structured, checklist-based framework for organizations seeking to operationalize AI data governance. Rooted
This report argues that traditional, consent-based models for governing AI data reuse are no longer adequate—especially in low- and middle-income countries (LMICs), where power asymmetries and exploitative data practices are common.
This document introduces the ISO/IEC 42005:2025 standard and offers a detailed, visually engaging explanation of how it enables standardized, interoperable AI impact assessments. Written and compiled by Georg Philip Krog.
The EU AI Act Handbook is a comprehensive practical guide that helps legal, compliance, and technical teams understand and prepare for the EU AI Act. It explains the structure of the Act, breaks down obligations by stakeholder role.
This report dissects the generative AI ecosystem through the lens of human rights. Instead of focusing only on the models or outputs, it zooms out to examine the entire value chain—covering everything from raw compute and data to the deployment of tools in the market.
The Agentic AI Red Teaming Guide is the most comprehensive hands-on security testing manual yet for red teaming autonomous AI systems. Developed by CSA and OWASP with input from over 50 contributors.
This resource presents one of the most comprehensive, actionable testing frameworks for AI governance in practice today. Developed by Singapore’s Infocomm Media Development Authority (IMDA) in collaboration with the AI Verify Foundation.
This guided template helps public and private sector leaders build structured, role-based AI literacy programs aligned with legal obligations (like Article 4 of the EU AI Act) and governance best practices.
This policy paper zeroes in on the governance challenges posed by increasingly autonomous AI agents—systems capable of initiating and managing multi-step tasks with minimal human intervention.
The Cyber Governance Code of Practice is a government-endorsed framework aimed at medium and large organisations, designed to help boards take ownership of cybersecurity risks. It focuses on aligning cybersecurity with strategic, operational, and cultural goals of the business.
This commentary serves as a companion guide to the MCC-AI—model contractual clauses designed to help public sector entities procure AI systems in line with the upcoming requirements of the EU AI Act.
This template provides Australian government buyers with a modular set of model clauses for procuring AI systems or services involving AI. It emphasizes safety, transparency, fairness, and regulatory compliance, with practical tools to embed risk controls in contracts.
This guide introduces the Agent Name Service (ANS), a DNS-like system for secure AI agent discovery. Designed for agentic AI ecosystems, it lays out a framework for identity, interoperability, and trust through a protocol-agnostic registry, PKI, and JSON schemas.
A comprehensive and fully customizable organizational AI policy template designed for operationalizing responsible AI. Rooted in ISO/IEC 42001 and NIST AI RMF, it’s packed with detailed, actionable governance, risk, and lifecycle guidance.
IBM’s 2025 white paper offers a structured look at AI agents—what they are, what they do, and the risks they pose. It outlines benefits, emerging challenges, and a mitigation framework grounded in IBM’s AI governance practices, tooling, and research.
Reddit deception, retro machines, and a checklist built for real audits. This issue looks at what happens when AI literacy fails, what a serious audit tool actually looks like, and why Steve Jobs may have predicted ChatGPT—with a little help from Aristotle.
This is a comprehensive, activity-based workbook designed to help public sector teams embed accountability throughout the AI lifecycle. It breaks down accountability into practical components and provides a Process-Based Governance (PBG) framework with interactive tools and exercises.
This practical workbook demystifies AI safety through hands-on activities, real-world case studies, and clear guidance aligned with the SSAFE-D and CARE-ACT frameworks. It’s a powerful tool for embedding safety into every stage of AI development and deployment.
This workbook offers a hands-on framework for embedding responsible data stewardship into public sector AI projects. Combining foundational principles with practical templates and workshop activities, it helps teams manage data integrity, quality, and privacy across the AI lifecycle.
This two-part guide from the Alan Turing Institute provides a practical, workshop-ready framework for embedding sustainability into AI projects, grounded in ethics, human rights, and real-world harms. Perfect for public sector teams building responsible AI.
This facilitator-focused workbook offers a hands-on introduction to AI ethics and governance through a sociotechnical lens. Designed for public sector use, it combines foundational concepts with interactive activities to help embed responsible AI practices.
This guide breaks down the practical steps organizations should take to meet Article 4 AI literacy obligations under the EU AI Act. It’s a hands-on, strategy-rich resource for embedding AI understanding across stakeholders—from employees to affected users.
his report captures the results of an extensive stakeholder consultation run by the EU AI Office. It focuses on two controversial sections of the AI Act: the definition of an “AI system” and the interpretation of prohibited AI applications under Article 5.
Curated Library of AI Governance Resources