AI governance must balance risk mitigation with enablement. This playbook provides boards and governance professionals with practical tools to develop tailored, enforceable AI policies that evolve with technology and regulation.
The report examines how Responsible AI has moved from principles to practice in 2025, highlighting urgent risks, emerging assurance mechanisms, and the growing push for Public Interest AI infrastructure shaped by civil society.
This paper argues that data minimization should be interpreted flexibly in the AI context, focusing on necessity and proportionality rather than strict data reduction, to enable socially beneficial and effective AI systems while safeguarding privacy.
“Agentic AI systems plan, decide, and act across multiple steps and systems. Without strong controls, unnecessary autonomy quietly expands the attack surface and turns minor issues into system-wide failures.”
Agentic AI systems can plan, act, and interact with other systems to achieve goals on behalf of humans. These capabilities introduce new risks that require adapted governance, accountability, and technical controls across the full AI lifecycle.
Based on red teaming over 100 GenAI products, Microsoft’s AI Red Team shares an internal threat model ontology, eight practical lessons, and real-world case studies showing why AI safety and security require system-level, human-in-the-loop approaches.
A practical roadmap for implementing ISO/IEC 42001, offering step-by-step guidance on building an AI Management System that integrates ethics, risk management, and governance across the full AI lifecycle.
A practical, step-by-step checklist outlining 18 actions required to design, implement, operate, and continuously improve an Artificial Intelligence Management System (AIMS) in line with ISO/IEC 42001, from management commitment to continual improvement.
This policy report examines how ethical, legal, and technical interoperability can reduce fragmentation in AI safety governance, drawing on comparative country studies from China, South Korea, Singapore, and the United Kingdom.
An independent, evidence-led synthesis of global research on risks from general-purpose and frontier AI systems, focusing on capability growth, misuse, systemic risk, and the state of AI risk management practices worldwide.
A concise, practitioner-oriented guide explaining how organizations can extend an existing ISO 27001 Information Security Management System to cover AI-specific risks and governance requirements under ISO/IEC 42001:2023.
“AI readiness extends beyond technology. Strategy, organisation, data, and technology together determine whether AI-enabled services can be deployed responsibly and at scale.”
Cybersecurity in 2026 is accelerating amid growing threats, geopolitical fragmentation and a widening technological divide. Artificial intelligence is reshaping both defence and offence, testing governance, skills and global cooperation.
A growing consensus has emerged worldwide that the future of AI must be shaped thoughtfully and responsibly, ensuring that innovation enhances human well-being while safeguarding fundamental rights.
A flagship brief mapping how global AI laws, standards, and voluntary frameworks converge and diverge, identifying risk management, transparency, and security-by-design as emerging universal anchors of AI governance.
A practical governance framework designed to help organizations harness generative AI while managing emerging risks across strategy, data, operations, ethics, and accountability.
A structured checklist by the German Federal Office for Information Security outlining how to understand, model, and mitigate evasion attacks on LLM systems, including prompt injections, jailbreaks, and agent-based attack paths.
This guidance provides EU institutions with a structured framework to identify and mitigate data protection risks arising from the development, procurement, and deployment of AI systems processing personal data.
MAS proposes sector-wide Guidelines on AI Risk Management to set supervisory expectations for financial institutions, covering AI oversight, lifecycle controls, risk materiality, governance structures, and capabilities, including Generative AI and AI agents.
A constitutional approach to AI alignment that defines high-level principles guiding model behavior, prioritizing safety, helpfulness, and respect for human values through transparent, rule-based self-governance.
This white paper proposes a joint framework that bridges AI ethics with practical governance and accountability mechanisms, drawing on lessons from Africa and the Asia-Pacific to move from high-level principles to real-world execution.
A practical technical standard issued by the Australian Government to support the safe, responsible, and transparent design, development, deployment, and operation of AI systems across public sector use cases.
This report analyses how high-risk AI systems are assessed in practice under the EU AI Act, focusing on fundamental rights risks, current gaps, and the need for practical guidance for providers and deployers.
The artificial intelligence (AI) impact assessment tool helps Australian Government teams identify, assess and manage AI use case impacts and risks against Australia’s AI Ethics Principles.
Curated Library of AI Governance Resources
