Have you published corporate guidance establishing guardrails for use of commercial generative AI services?

Innovation & Emerging Trends Machine Learning (ML)

3.1k views1 Upvote2 Comments

Sort by:

CTO in Transportation2 years ago

We are developing new guidelines and running pilots with several teams right now. Our current guidelines ask teams to consult and evaluate each solution and use case individually until our general guidelines are finished.

Principal Information Security Officer in Education2 years ago

Yes. The organization, through a collaborative process came up with the guidelines and they have just been disseminated by top leadership to everyone in the organization via web and email:

1. Don't enter confidential information or legally restricted data or any data the organization's data classification policy identifies as moderate or high risk into an AI tool.

2. Assume all information shared with an AI tool will be made public.

3. Follow academic integrity guidelines (e.g. on attribution, copyright, intellectual property) and institutional standard of conduct (e.g. for use of AI in research/academic work as well as for student's coursework).

4. Check for for bias and inaccuracy -- review & verify the output from AI tools (particularly if it will be included in works for publication).

5. Protect yourself and your credentials (from the use of AI tools for fraud -- such as creating phishing and similar schemes).

6. Seek support if you are considering the procurement of AI tools (e.g. for teaching and learning there is a guide created by one of our center's which provides an excellent webpage on AI for teaching and learning).

Content you might like

As enterprise AI adoption accelerates, how is your organization adapting its governance and risk oversight to keep pace?

Established AI governance framework with defined policies and oversight39%

Currently developing governance models and risk controls69%

Relying on existing security/compliance frameworks (no AI-specific policy)30%

No formal AI governance approach in place3%

View Results

Anyone using a transcription service for meeting minute capture for larger meetings that are held in person? If so which tooling are you using? Seen lots of transcription tools for video meetings, but I'm looking to see if anyone has implemented a solution for meetings in person that might have 10 to 12 people in a room.

Data Analytics-as-a-Service (DAaaS) is a cloud-based delivery model for data analytics & AI. What do you see as the most important enabler for you to adopt DAaaS for your business?

Ease of getting my data into the DAaaS platform11%

Tools that make it easy to create use cases with the DAaaS platform41%

A pre-existing library of dashboards and report templates to help me quickly get up-and-running31%

The ability to try out the DAaaS platform for free before buying7%

Services from the DAaaS vendor (consulting, support, training)4%

Confidence that my data is safe in the cloud3%

View Results

What's the most challenging conversation you've had about balancing AI initiatives against foundational IT needs? What resistance did you encounter?

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?