AI Deep Dive: AI, Compliance, and Data Governance Lab
Join Us Virtually
Primary Audience: General Counsel, compliance officers, data governance chairs, IRB representatives, CIO/ISO
Most institutions now have AI policies. Far fewer have AI governance — the standing structure that decides what gets approved, who owns the data, and who watches the systems once they’re live. A policy is a document; governance is an operating practice, and the gap between the two is where shadow AI grows. This working session is about closing that gap, built around three layers that have to be in place before AI can scale safely: information governance, data governance, and the charters that turn both from principle into practice.
Information governance comes first because it’s the upstream move — getting review in front of acquisition rather than after contracting has already built momentum, so the institution governs AI before it sprouts in the gaps rather than chasing it afterward. Data governance is the dependency underneath: classification, ownership, lineage, and the shared definitions that determine what AI can responsibly touch and what it can’t. Neither holds without the third layer — the charter that names who actually decides. We’ll work through a two-body model many institutions are converging on: an executive governance committee that owns the high-consequence questions (strategy alignment, risk appetite, the single front door for significant AI acquisitions) and a ModelOps committee — the operational body that watches how AI systems behave once they’re deployed — that owns model risk, data classification, monitoring, and the lifecycle questions that don’t belong on a cabinet agenda. The split mirrors the risk tiers: high-consequence decisions escalate to the executive body; operational oversight lives in ModelOps.
This is design work, not template distribution. Participants will examine what a working charter actually contains — decision rights, escalation paths, required checks (integration, data classification, FERPA/HIPAA/PCI exposure), and the discipline of archiving the rationale so a decision is defensible later — and sketch versions that fit their own institution’s structure rather than adopting someone else’s. The goal is a short, usable list of governance moves to take back: which body decides what, what goes through the front door, and what the first charter has to say. This is a hands-keyboard working session — bring whatever LLM you already use (ChatGPT, Claude, Gemini, Copilot, or an institutional tool) to draft and pressure-test charter language live. Bring your institution’s current AI acceptable use policy if you have one — or a note that you don’t, which is useful information in itself.
Registration Options
|
Registration Options
|
Price |
|---|---|
|
AFIT Community Member
|
FREE |
|
Guests
|
$100.00 |
For More Information:
Topics, tools, and session coverage may evolve as AI technology and the needs of AFIT member institutions develop throughout the year.