Have you established an AI governance team that’s different than your data and IT governance group?

We are working through this as well but ultimately AI is "just another piece of software" so needs to follow existing governance and oversight as do all software purchases in my mind. What we are also working through is how to handle all the requests that will surely come in over time, filter them to what should move forward through that normal process. We are thinking that a somewhat informal Community of Practice will be set up to do that, along with sharing and unblocking in prompt engineering and the like. 

Two years ago we established an AI Steering Team at the Director level in the organization. The charter of the team is to oversee all AI operations across departments and decide if medium and high risk applications of AI will move forwards based on our Responsible AI Principles and Mission, Vision and Values. AI is connected to all existing  governance processes such as purchasing, security, data and software reviews. Low risk AI applications move forwards without barriers, if it's medium or high risk the steering team reviews and determines next steps, such as a conditional approval. 

We have established a separate AI steering group, but it has participants from information security, legal, data, comms, business representation, etc.  Its remit was first to establish our original AI usage guidelines, but now functions as an initial governing body to vet proposed initiatives and help advance responsible and valuable use of AI across the company.

Many of the typical 'governance' functions around AI are handled by the normal groups (Information Security, IT compliance, Legal, Risk, etc.)

We have established a separate AI governance team but it is expected to be for the short term. We expect to be able to address AI governance through existing compliance and steering groups related to IT security, data governance etc. One of the key aims of the AI governance team is to identify reasons why that can or can't happen, and assuming it can, to help incorporate AI governance into other forums for efficiency.

For us, we're a relatively small operation, and we tend to run lean. We have a compliance committee and an internal legal group, but we're still working on an official AI policy. Currently, AI is managed manually through IT leadership in close partnership with our compliance and security teams. We have a tight partnership with WebBank and are looking at their AI policy and management strategies. While we have a draft policy, it's not fully executed yet. We don't have a separate standing committee just for AI. Instead, we aim to integrate AI into our existing processes as another technology, without the need to establish a whole new group.