AI Governance in 2025: A Full Perspective on Governance for Artificial Intelligence

In a world where artificial intelligence (AI) is leaping forward — growing at a CAGR of almost 36% from 2024 to 2030 — questions about governance and ethics with the use of AI are surfacing.

As humans continue to develop AI systems, it is crucial to establish proper guidelines to ensure powerful technologies like generative AI and adaptive AI are used in a responsible manner. In this article, we'll have a look at an overview of AI governance, exploring the key concepts, challenges, and potential solutions that can shape a future with AI in a way that benefits everyone.

What is AI governance?

AI governance refers to the set of policies, laws, and regulations that govern the development, deployment, and use of artificial intelligence. It aims to address issues in AI systems such as:

• Accountability
• Transparency
• Fairness
• Privacy
• Security

The ultimate goal of AI governance is to ensure that AI is developed and used in a way that both aligns with societal values and benefits everyone (or does not hurt or harm others). Today, putting AI governance into action is still shifting and being formally defined, but it may include:

• Developing ethical guidelines and codes of conduct.
• Establishing regulatory frameworks.
• Promoting collaboration between different stakeholders.

(Related reading: data governance & GRC: governance, risk, and compliance.)

The importance of AI governance

As AI technologies become more advanced and integrated into our daily lives, the potential impact they can have on society is growing exponentially. Without proper governance, these powerful tools can pose significant risks to individuals, communities, and even entire nations.

For example, biased algorithms used in hiring or loan decisions can perpetuate discrimination and inequality. Automated decision-making systems in the criminal justice system could lead to biased sentencing and incarceration rates.

That’s not to say that AI is bad—certainly not. We expect and anticipate that AI can bring about massive change to the ways we work, live, and possibly even relate to humans. That said, only with proper governance in place, AI has the potential to bring enormous benefits, such as:

• Improved healthcare outcomes.
• Increased efficiency in industries.
• Better disaster response systems.

Therefore, it is vital to establish strong governance frameworks that can promote the responsible development and use of AI.

How governments respond to AI systems today

Today, several efforts are already in progress to develop effective AI governance systems. One example is the AI Bill of Rights in the U.S., which states that AI systems should be accountable, transparent, and secure. (We’ll dive into these three topics shortly.)

In terms of regulations, advanced AI system developers now need to share critical information and safety test results with the federal government before the AI systems are deployed for public usage. The National Institute of Standards and Technology (NIST) plays the role of establishing strict standards for AI with cybersecurity, such as in areas like red teaming: identifying vulnerabilities in AIs before their wide release.

Apart from that, the Department of Commerce has developed guidelines to check that contents are authentic and watermarked in order to find out AI-generated content for fraud prevention.

In January 2025, the U.S. government issued an executive order, focused on the reduction of regulatory barriers when it comes to AI innovation. This goal of this EO, which we’ll see in time, is to promote free market principles while also ensuring that AI systems are free from any kind of ideological biases.

Other countries have also developed national strategies for responsible AI development and use, including:

• The European Union’s AI Act, the first national AI governance, which debuted in 2023
• Canada's Artificial Intelligence and Data Act
• China's Generative AI Measures

Ongoing research and discussions are also being conducted to address emerging challenges and identify potential solutions for governing AI systems.

Key concepts in AI Governance

With that background on what AI governance looks today, let’s dig a bit more into the concept. AI governance can feel like an opaque topic: what does it really mean? Breaking it into these five concepts, however, makes it easier to grasp.

Accountability

One of the core principles of AI governance, accountability involves:

• Ensuring that individuals and organizations are responsible for the development, deployment, and outcomes of AI systems.
• Creating and reinforcing mechanisms for holding individuals and organizations accountable in case of any negative consequences or violations.

Transparency

Transparency refers to making the inner workings of AI systems accessible and understandable to those affected by their decisions. This can be achieved in many ways, including clear documentation, open-source code, and testing and validation processes.

Fairness

Fairness in AI governance means ensuring that AI systems do not discriminate against any group or individual. Ensuring fairness in AI systems involves a variety of approaches, such as:

• Auditing data for biases.
• Using appropriate sampling techniques.
• Implementing fairness metrics in model evaluation.
• Updating decision-making processes to ensure equitable outcomes.

Ongoing monitoring is also important to ensure that the system continues to behave fairly as it is exposed to new data.

Privacy

Privacy concerns play a significant role in AI governance as these technologies often involve the collection and use of sensitive personal data. It is essential to establish clear guidelines for handling this data and protecting individuals' privacy rights.

Security

Security is another crucial aspect of AI governance, especially with regard to:

• The protection of sensitive information
• The prevention of cyberattacks

Robust security measures must be put in place to safeguard AI systems and their data from malicious actors. When it comes to AI governance, there is no one-size-fits-all approach. Different countries and organizations have different priorities and concerns, resulting in variations in their governance frameworks.

To get started, you can explore AI risk frameworks such as the NIST AI risk management framework (AI RMF).

See how Splunk uses AI to help organizations like yours to keep moving quickly and safely, strengthening your resilience.

How to establish AI governance for your organization

Now, let’s pivot to look at the practice side of AI governance. Your organization — like every other one today — is determining where, how, and when to engage with AI and large language models (LLMs), and may be seeking to set organization-wide policies around it.

The roles and responsibilities of legal and compliance teams

Legal and compliance teams have a crucial role to play in AI governance — do not leave it only to the product and R+D teams to decide. Inhouse legal and compliance teams ensure that the development and deployment of AI systems is responsible, ethical, and in accordance to the industry and country's applicable laws and regulations. The responsibilities include:

• Risk management: Finding out and mitigating ethical and legal risks that come with AI deployment.
• Regulations: Ensuring that the developed AI system complies with international as well as national and local regulations.
• Data privacy: Ensuring that the AI system adheres to GDPR and other applicable data privacy standards.
• Policy creation: Creation and enforcement of internal guidelines and policies, ensuring ethical AI usage.
• Training: Educating and increasing awareness among employees for the legal and ethical considerations to follow while using AI.
• Ethical oversight: Monitoring AI systems to prevent bias and ensure that AI systems are transparent and fair.
• Incident response: Creating protocols to handle legal issues in case there is a security breach related to AI.

How to measure AI governance effectiveness

An organization's effectiveness in AI governance is measured by evaluating risk management, compliance, and ethical AI deployment. Key metrics include the ones we discussed previously:

• The company must adhere to local, national, or international AI laws, internal policies, and industry standards.
• Regular assessments should be conducted to ensure that the AI models do not support discrimination.
• The organization must enforce robust cybersecurity protocols and ensure that sensitive data is safeguarded.
• The decision-making process of the AI system should be well documented to ensure transparency.
• The outputs generated by AI should be monitored to ensure reliability and minimize errors.

Now, let's discuss the different teams that are tasked with implementing AI governance.

Which teams are involved in the implementation of AI governance?

In an organization, the following teams are tasked with implementing AI governance:

• Data science and AI teams develop, test, and audit AI models, ensuring fairness and accuracy.
• Cybersecurity teams protect the AI system from threats.
• Legal and compliance teams perform one of the most important tasks, as we already covered. They ensure that the AI system is adhering to ethical guidelines and regulations.
• Product management teams check that AI initiatives are aligning with user requirements and business goals.
• Risk, ethics, and human resources (HR) teams are tasked with finding out ethical concerns and potential AI risks and ensure that the AI system promotes inclusivity and fairness and is free from bias.
• Internal control and audit teams execute independent assessments of AI risks and compliance.
• Operations teams integrate approved AI governance into business workflows.
• Public relations (PR) teams manage AI-related public trust, transparency, and communication with the stakeholders.

All these teams collaborate and ensure that AI is deployed securely, responsibly, and ethically.

AI governance models based on human involvement

To ensure responsible AI development, we need to consider how much human oversight is required. Here are three models to consider:

Human-in-the-loop

In this model, humans are involved in the decision-making process and have the final say. Machines provide recommendations or assist in decision-making — but ultimately, a human has the power to override their suggestions.

This model allows for human intervention when necessary, ensuring that ethical considerations are taken into account before any decisions are made.

Human-on-the-loop

"Human-on-the-loop" is a concept related to the operation and oversight of autonomous systems, especially in the context AI and military applications.

It represents a middle ground between fully autonomous systems ("human-out-of-the-loop") and those that require continuous human control or decision-making ("human-in-the-loop"). For example, a human can intervene and abort an action taken by the AI at any time.

Human-out-of-the-loop

In this model, machines make decisions autonomously without any human involvement.

This can be useful in situations where time is of the essence or when humans may not have all the necessary information to make informed decisions. However, it also creates potential risks if something goes wrong and there is no human oversight.

(Related reading: machine data & machine customers.)

Challenges in AI governance

As with any emerging technology, developing effective AI governance systems is not without its challenges. Here are some possible challenges organizations will face:

• Lack of understanding and expertise. AI is a complex field. Policymakers, regulators, and even developers may not have the necessary knowledge and skills to understand its implications fully.
• Balancing innovation with regulation. On one hand, regulators need to keep up with the rapid pace of AI advancements. On the other hand, they must ensure that proper regulations are in place to mitigate potential risks.
• Coordination between different stakeholders. AI governance involves the collaboration of various stakeholders, including policymakers, researchers, industry experts, and civil society. Coordinating these diverse groups can be challenging.
• Global and cross-border implications. AI is already a global phenomenon. So, developing effective governance frameworks that can address cross-border issues is essential.

To help address these challenges, let’s look at some potential solutions.

Potential solutions for effective AI governance

Despite the challenges, efforts are being made to develop effective AI governance systems. Here are some potential solutions that can contribute to achieving this goal:

Collaboration and coordination

Coordinating between different stakeholders is vital for effective AI governance. International collaborations, partnerships between the public and private sectors, and multi-stakeholder forums can help facilitate this. One example is the AI Governance Alliance, coordinated by the World Economic Forum.

Regulatory sandboxes

These are controlled environments where companies can test new products or services under regulatory supervision. This allows developers to innovate while regulators can:

• Monitor potential risks.
• Make necessary adjustments, both to models and to regulations.

(Know the basics about regulatory compliance.)

Ethical guidelines and codes of conduct

Many organizations have already developed ethical AI principles that can serve as a framework for responsible development and use of AI systems.

Certification schemes

Similar to product safety certifications, these schemes can provide assurance that AI systems comply with certain standards and are safe to use.

(Check out cybersecurity certifications which increasingly include AI governance components.)

Continuous monitoring and evaluation

It is essential to continuously monitor and evaluate AI systems' performance (through robust AIOps) and their impact on society. This can help identify any potential issues and inform necessary updates or adjustments to governance frameworks.

FAQs about AI governance

What roles can the public and private sectors play in AI governance?

The public sector can play a pivotal role in AI governance by setting regulations, providing oversight, and promoting transparency and accountability.

The private sector, on the other hand, can contribute by innovating responsibly, adhering to established regulations, and actively participating in conversations around ethical AI practices.

How does AI governance support privacy rights?

AI governance supports privacy rights by establishing guidelines on how sensitive personal data is collected, stored, used, and shared. This includes:

• Implementing proper data anonymization techniques.
• Obtaining informed consent from users.
• Ensuring you comply with data protection laws.

Final thoughts

AI governance is crucial for ensuring the responsible development and use of AI systems. While it presents its fair share of challenges, efforts are being made to address them and develop effective governance frameworks.

As AI continues to advance and integrate into various aspects of our lives, it is essential to continuously monitor and evaluate its impact on society and make necessary adjustments to governance systems. Therefore, organizations must stay informed about current developments in the field and participate in conversations around ethical AI practices.