This guidance from New South Wales outlines role-specific responsibilities for implementing responsible AI. It supports public agencies in assigning accountability using ISO-aligned frameworks and practical RACI structures. A useful anchor for everyday governance.
Governance needs clarity—not clickbait. This issue breaks down what makes a good AI governance resource, why Bird & Bird’s AI Act guide sets the bar, and how fake AI cults, Roman GIS maps, and server-blessing priests say more about tech than most frameworks do.
This UK government strategy outlines a six-point digital reform plan focused on service redesign, AI integration, shared infrastructure, and leadership reform. It introduces a new digital centre of government and pushes for transparency, efficiency, and public trust.
The Bird & Bird guide to the EU AI Act offers a deep dive into the Act’s legal obligations, scope, governance model, and technical standards. It walks readers through implementation timelines, roles across the AI value chain, and penalties for non-compliance.
This report, produced under the EDPB’s Support Pool of Experts (SPE) programme, offers structured guidance on managing privacy risks in LLM systems. It lays out risk identification, evaluation, and control strategies tailored to GDPR and AI Act obligations, supporting both developers and deployers.
This chart-based explainer by the IAPP (April 2025) breaks down incident notification and information-sharing obligations under 11 key EU digital laws, helping organisations navigate complex breach scenarios across privacy, cybersecurity, AI, and operational resilience domains.
This is issue #1 of the AIGL newsletter. In the first 24 hours, 382 of you subscribed. In this issue: • A personal note on why this project exists • A review of MIT’s AI Risk Framework—one of the cleanest tools we’ve seen so far • And two sharp links from inside China’s evolving AI landscape
A visual guide and explanatory article by James Kavanagh, published via The Company Ethos (April 2025), that maps major AI risks—like bias, hallucinations, and adversarial attacks—to practical prevention, detection, and response controls across design-time and run-time phases.
This is one of the best open-source resources for operationalizing multi-standard AI governance. Kavanagh’s framework deserves a place on every AI compliance lead’s desk.
A tool built for clarity, not complexity. The AI Risk Analysis Framework from MIT offers a structured, policy-relevant approach to thinking about AI risks. It’s designed for teams who need to assess potential harms without getting buried in technical noise.
A practical tool to support procurement teams, legal advisors, CISOs, and AI governance leads in evaluating vendors supplying AI-based systems or services.
That’s the question this report tackles—offering one of the most detailed attempts so far to break down “trustworthy AI” into 150 actionable properties across the AI lifecycle. The taxonomy isn’t just a list.
This report breaks down why that question isn’t so easy to answer when AI is built and deployed by many hands. It proposes a framework for assigning civil liability across the AI value chain.
Even when pretraining data is clean, large language models can still absorb—and amplify—political bias. This study maps how that happens and how it affects hate speech and misinformation detection.
The report lays out a three-pillar governance framework to help regulators handle generative AI: build on existing rules, shape inclusive and cross-sector practices now, and prepare for future disruptions through foresight, agility, and international cooperation.
This paper introduces the Legal-XAI taxonomy—an interdisciplinary framework to guide policymakers, lawyers, and developers in choosing the right kind of explanations for AI decisions.
NIST AI 100-4 is a 2024 report that outlines technical methods for improving transparency and reducing risks from synthetic content such as AI-generated images, videos, and text.
HUDERIA is a methodology adopted by the Council of Europe in November 2024 for assessing AI systems from the perspective of human rights, democracy, and the rule of law.
his JRC report outlines the competences and governance practices public organizations need to adopt AI effectively.
This governance framework helps organizations manage GenAI risks across five domains—strategy, compliance, operations, ethics, and accountability.
This CIPL paper offers 14 practical recommendations for applying data protection principles to generative AI systems.
Matthew da Mota argues for turning Canada’s CAN/DGSI 128 standard into the world’s first international standard for AI use in research institutions.
This DHS framework lays out voluntary roles and responsibilities for managing AI risks across U.S. critical infrastructure.
This techUK paper offers a grounded look at how UK organisations can translate the ethical principles outlined in the 2024 UK AI White Paper into real, operational practices.
Curated Library of AI Governance Resources
