Governance | Leadership

New to AI Governance?

by | Feb 25, 2025 | 0 comments

AI is here to stay

I am new to AI governance and I know I’m not the only one who has a personal objective for 2025 to adopt relevant AI tools to positively impact my work, my clients, my life.

All of my clients are talking about it, exploring it, balancing the imperative of not getting left behind with ensuring it adds value to their business. There is so much noise around AI at the moment it can be a bit of a minefield to work out what’s relevant and fit for our own particular purpose.

Those of you that know me, know that I am no AI expert (or expert at anything involving technology in fact!). So you may well ask, what am I doing writing a blog about AI? This is about me (as a non-technical person) sharing my journey navigating AI.  I’m certainly not  professing to be an expert. We can’t bury our heads in the sand with this one, so let’s embrace this together and share our hints and tips on our voyage of discovery. What can you share with me?

What Directors need to know about AI Governance for SME Business

As we’re all aware AI is transforming the way businesses operate, offering opportunities for efficiency, innovation, and competitive advantage. In meeting with a client last week we talked about being consciously incompetent in this space. There’s an awareness of the need to adopt AI in order to remain relevant and competitive, but also a consciousness about not jumping on the bandwagon in a misinformed, unstructured way that could present risk to the business.  In the case of an SME business, ensuring that application of AI is fit for purpose, size and complexity of the business, avoiding the pitfalls of AI for AI’s sake.

AI governance isn’t just a ‘big business’ issue. It’s a crucial aspect of financial oversight and responsible leadership for SME businesses as well. As a business owner, company director or leader understanding AI governance can help us make informed decisions, mitigate risks, and use AI effectively within our businesses. But, with the opportunities come risks, ethical concerns, regulatory uncertainty, and governance challenges.

dhm Coaching & Consulting | Debbie Millard | New to AI Governance?

What is AI governance, and why does it matter?

AI governance refers to the policies, frameworks, and oversight mechanisms that ensure AI systems are used safely, ethically, and effectively. Traditional IT governance structures don’t fully account for the complexities of AI, which can be difficult to explain, monitor, and regulate.

For SME businesses, the challenge lies in balancing AI’s benefits—such as enhanced productivity from automation and data-driven decision-making—while managing risks like inaccurate outputs, biases, data privacy issues, and legal responsibilities.  The implications on client satisfaction, brand reputation, on staff and financial performance could be significant.

Let’s give you an example.  A few months ago  I joined an on-line board meeting and there was an unexpected participant – a note taking bot.  Unexpected because the Board had not previously discussed or approved the recording of meetings. Neither the principle, let alone using AI, how those notes were to be used, who they would be distributed to, when they would be destroyed etc.

For a board of directors, minutes of  board meetings are a crucial aspect of good governance and can present a risk to the Board and individual directors if not done well. Whilst the intention of the staff member was good, the execution was poorly informed. The decision to use a note taking AI app was made with the sole intention of ensuring the minute taker didn’t miss anything in preparing an accurate set of minutes. But, they had a complete lack of awareness of the governance implications.   An example of being unconsciously incompetent in adopting AI.

dhm Coaching & Consulting | Debbie Millard | New to AI Governance?

Practical steps for SME directors

AI governance doesn’t need to be overwhelming. The Australian Institute of Company Directors has extensive resources for the director and broader leadership community.  I think this is a good starting point that’s fit for purpose for my SME and not-for-profit clients –  AI Governance Checklist for SME & NFP directors

What I like about this is:

  1. It’s less than 2 pages!
  2. It talks to “avoiding AI for AI’s sake” (and I think there’s some of that going on at the moment, which can adversely affect productivity).
  3. It’s a practical checklist for SME directors and NFP boards written in plain English that we don’t need to be AI experts to understand.
  4. It raises awareness of the importance of training, that doesn’t need to be at huge cost for SMEs and NFPs.

In summary:

  1. Assess AI use in your business – identify where AI is currently used and where it might be beneficial in the future.
  2. Review your risk framework – ensure AI risks are covered in your organisation’s overall risk management strategy.
  3. Educate your leadership team – AI literacy is crucial (just like financial literacy). Directors and executives should understand AI’s potential and limitations.
  4. Monitor regulatory developments – stay informed about potential AI-related laws and compliance requirements.
  5. Seek external advice when needed – whether it’s legal, ethical, or technical, expert guidance can prevent costly mistakes. And find the right advice that is right sized for your business.

Ready for more?

The Australian Institute of Company Directors have an amazing suite of resources, in varying levels of detail and complexity, dependent upon where you’re at in your AI governance journey. You can find them here:   A Director’s guide to AI governance.

I recommend starting with the “Introduction to AI”.  Whilst the document is written with the director audience in mind, it’s not just for directors. It’s relevant to all business owners and leaders covering broad topics like the definition of AI, examples, how it’s being used in organisations, the risks and opportunities and the regulatory landscape.

Key takeaways of AI governance

What I have learned so far is we can’t afford to ignore it.  There are some essential considerations to ensure AI is deployed and governed effectively. These considerations can help business harness all the benefits and opportunities of AI while staying compliant and managing risks proactively.

1. Roles and responsibilities

AI shouldn’t be a free-for-all within the business. Clear roles and responsibilities need to be established so everyone knows who is accountable for AI-related decisions, that relates to roles and responsibilities.

  • Who is leading the charge? Who is our expert? Who approves the use of AI systems?
  • Who monitors AI’s impact on customers and employees?
  • Who ensures compliance with regulations and ethical standards?

2. Governance structures

AI governance is to be embedded into existing oversight structures. For many businesses, this means integrating AI considerations into the broader governance structures including board meetings, leadership team meetings, financial reviews, and risk assessments.

  • Do AI-related risks and opportunities appear in board and management discussions?
  • Should AI governance be a topic for the risk or audit committee? (I am going to recommend that it is for the board that I chair).

3. Policies and processes

A documented AI policy can guide decision-making and risk management. Ideally it will include things like:

  • How AI tools are selected and monitored
  • Data privacy and security measures
  • Ethical considerations, such as preventing biases in AI decision-making

4. Risk management

AI introduces new risks that may not be covered by traditional IT risk frameworks. As Directors we should be asking:

  • How is AI being used in our business, and what risks does it pose?
  • Are there processes in place to regularly review AI performance and security?

5. Transparency and explainability

AI systems should be understandable, both internally and externally. If AI is making decisions that impact customers or employees, those decisions need to be explainable.

  • Can we justify if we using AI models to make key decisions, how and why?
  • Are we keeping our employees and customers informed when AI is involved in decision-making?

6. Monitoring and accountability

AI governance isn’t a ‘set and forget’ process. Ongoing monitoring is essential to ensure AI continues to operate as intended, and to ensure that we keep pace with the evolving AI landscape.

  • Are there regular AI performance and compliance audits?
  • How are mistakes or unintended consequences identified and addressed?
  • What’s the process to keep ourselves informed as AI evolves?

7. External advice and expertise

I think this may well come first in many SME businesses  because many of us are consciously incompetent in this space. We don’t know what we don’t know and may need external advice to navigate AI effectively.  A reluctance to seek expert guidance could lead to avoidable problems.

  • When should we engage AI governance consultants?
  • Are we keeping up with evolving regulations and best practices?
  • Do we know what our competitors are doing with AI?
  • How can AI specifically be applied to our business, in our industry/sector in a way that’s culturally appropriate and cost effective for a business of our size and type?  Recognising this is a matter of “horses for courses”.
  • How do we find the right consultant for us?

8. People centred approach

Ideally AI is an enabler to our business purpose, vision and strategic priorities. It’s use should align with our business values and culture.  A ‘people-first’ approach ensures that AI is used ethically and fairly. To me that involves bringing others on the journey with us. In values led SMEs our people really are our most valuable asset so we want to ensure we harness their emotional intelligence, lived experience, judgment, “gut feel” and critical thinking – all of the attributes AI doesn’t have.

  • Are we bringing our employees on the AI journey with us?
  • Are we investing in training?
  • Are our people fearful of being replaced by AI and losing their jobs?

Did you know that the Department of Industry, Science and Resources has published Australia’s AI Ethics Principles and a Voluntary AI Safety Standard?   I didn’t until very recently. The intention being  to put into place mandatory standards in the near future.  Watch this space.

What am I doing about it?

 1. Raising my awareness through reading and training

2. Giving it a go

My app of the month is Jamie AI personal note taker.  I have been doing a piece of work that involved gathering information from several people within the business.  Jamie did an amazing job of providing a fantastic summary of the salient points from those meetingsSaved a lot of report writing time.  

Did I use Chat GPT to write this blog?  Yes, I used it as a starting point to assist me to review a number of articles and extract key points.  But I also spent a lot of time editing to add in my own experiences and use my preferred language.

Final thoughts

AI governance is not just about compliance—it’s about ensuring AI drives value for our businesses in a safe and responsible way. Businesses that proactively address AI governance will be better positioned to take advantage of the technology while managing risks effectively.

Let’s embrace this together and share our hints and tips. What can you share with me?

Written By Debbie Millard

Master your business through strong leadership, knowing your numbers and empowering your people

Related Posts

Acknowledgement of My Country

Acknowledgement of My Country

Sep 19, 2022 |

Respect for one of our Elders and most significant Leaders of our generation Today is a very special day. Monday 19 September 2022 marks the funeral of Her...