Introduction
In October 2025, a Fortune 500 insurer paused its claims-automation pilot after an internal audit found the model was rejecting valid claims at a 14% higher rate for one demographic group. The model had been in production for nine months. No one had been formally accountable for monitoring it. That story is now common: the FTC opened 27 AI-related enforcement actions in 2025, more than the previous three years combined.
AI governance is the system of policies, roles, controls, and oversight that decides what AI your organization builds, buys, or uses, and on what terms. This checklist covers the 25 capabilities every US organization needs in place before regulators, customers, or your own engineers force the issue.
Why AI Governance Stopped Being Optional
The shift happened quietly between 2024 and 2026. ISO/IEC 42001 became the first certifiable AI management system standard. The NIST AI Risk Management Framework moved from voluntary guidance to a de facto procurement requirement for federal contractors. Colorado passed the first comprehensive state AI law (SB 205, in effect February 2026), and California, Texas, and New York followed with sector-specific rules.
The economics shifted too. According to IBM’s 2025 Cost of a Data Breach Report, AI-related incidents now cost organizations an average of $4.8 million per event, 22% higher than non-AI breaches, mostly because remediation requires retraining models and re-validating pipelines, not just patching code.
Most organizations responded by hiring an AI ethics officer or running a one-time audit. Neither approach holds up. Governance isn’t a person or a project. It’s a set of repeatable controls that operate continuously across the AI lifecycle. The 25 items below define what “in place” actually looks like.
The 25-Point AI Governance Checklist
The checklist groups into six functional areas: strategy and oversight, policy and ethics, risk management, data governance, model lifecycle, and people. Skip a category and the rest weaken. Most US organizations we benchmark against have 8 to 12 of these in functional shape; almost no one has all 25.
Strategy & Organizational Oversight (1–4)
1. A board-approved AI governance charter. This is the document that establishes AI governance as a board-level concern, not an IT initiative. It defines scope (which AI systems are in or out), authority (who can approve what), and reporting cadence to the board. Without it, every other control sits on sand. The charter should be reviewed annually and signed by the CEO and the board chair.
2. A named AI governance owner with budget authority. One person, typically a Chief AI Officer, Chief Risk Officer, or General Counsel, owns governance outcomes. Committees coordinate; they don’t decide. The owner needs a discretionary budget (we see effective programs starting at 0.3–0.5% of total IT spend) and the authority to halt deployments. If your governance lead has to escalate to deploy a control, you don’t have governance.
3. A cross-functional AI governance committee. Legal, security, privacy, data science, product, HR, and a business unit representative. Meet monthly at minimum. The committee reviews high-risk use cases before deployment, approves policy exceptions, and signs off on the annual risk register. Document attendance, regulators ask.
4. An AI use case inventory. You cannot govern what you don’t see. Maintain a single source of truth listing every AI system in use across the organization, including third-party tools (Microsoft Copilot, Salesforce Einstein, every Chrome extension your sales team installed). Each entry needs: owner, vendor, data inputs, decision impact, risk tier, and last review date. Most organizations discover 3–5x more AI systems than they expected when they run the first inventory.
Policy & Ethical Framework (5–9)
5. A written AI acceptable use policy. Plain-language rules for employees: what AI tools are approved, what data can be entered, what outputs require human review, what’s prohibited entirely. Distribute it as part of onboarding and require annual re-acknowledgment. Samsung’s 2023 ChatGPT incident, engineers pasting source code into a public model, happened because no such policy existed.
6. AI ethics principles aligned to a recognized framework. Most US organizations align to the NIST AI RMF’s trustworthy AI characteristics (valid, reliable, safe, secure, accountable, transparent, explainable, privacy-enhanced, fair). Pick one framework, write your principles in your own words, and map each to specific operational controls. Principles without controls are PR.
7. A high-risk AI use case classification system. Not every AI system needs the same scrutiny. Classify by impact: low (productivity tools, no individual decisions), medium (content generation, recommendation), high (decisions about people—hiring, lending, healthcare, content moderation at scale). Each tier triggers different review depth, monitoring frequency, and approval level. The EU AI Act’s risk-tiering offers a defensible starting point even for US-only organizations.
8. Prohibited use cases list. Document what you will not build or buy under any circumstances. Common entries: emotion recognition in employment contexts, social scoring systems, real-time biometric surveillance in public spaces, generative AI for impersonation. A clear “no” list prevents months of wasted procurement evaluation and signals seriousness to regulators.
9. Vendor and third-party AI policy. Most AI risk now enters through procurement, not in-house development. Require vendors to disclose: what models they use, what training data, what evaluation results, what their own governance looks like. Bake into contracts: notification of model changes, audit rights, indemnification for IP and bias claims.
Risk Management (10–13)
10. An AI-specific risk register. Separate from the enterprise risk register. Track risks unique to AI: model drift, training data poisoning, prompt injection, hallucination in customer-facing outputs, IP leakage through model training, regulatory non-compliance. For each: likelihood, impact, owner, mitigation, residual risk, review date. Update quarterly.
11. AI impact assessments for high-risk use cases. A documented assessment completed before any high-risk system goes live. The NIST AI RMF Playbook provides a workable template; ISO/IEC 42005 (AI impact assessment guidance) was published in 2024 and is becoming the global reference. Cover: intended use, affected populations, potential harms, mitigation measures, monitoring plan, kill-switch criteria.
12. Bias and fairness testing protocols. Standardized testing run before deployment and on a defined cadence after. The protocol should specify: which fairness metrics apply to which use cases (demographic parity, equalized odds, calibration), thresholds for acceptable disparity, and what happens when thresholds are breached. Without thresholds defined in advance, every test result becomes a debate.
13. Adversarial testing and red-teaming. Internal or external teams actively try to break your AI systems: prompt injection, jailbreaks, data extraction, output manipulation. For high-risk systems, red-team before launch and every six months after. The OWASP Top 10 for LLM Applications gives you the standard attack taxonomy. Document what you tested, what you found, what you fixed.
Data Governance for AI (14–17)
14. Training data provenance documentation. For every model you train or fine-tune: where did the data come from, what’s its license, what consent supports its use, what biases are known. The New York Times v. OpenAI lawsuit and the spate of 2024–25 copyright claims made provenance documentation a litigation defense, not a nice-to-have.
15. Data minimization controls for AI workflows. Engineers should not be sending production customer data to third-party AI APIs. Implement: data classification tags, automated DLP rules for AI endpoints, synthetic or de-identified data for development, contractual data-processing terms with every AI vendor. The 2024 California AB 1008 amendment explicitly extended CCPA to AI-system inputs.
16. AI data retention and deletion policies. Models trained on personal data inherit deletion obligations. Document: what personal data went into training, how it can be removed (retraining vs. machine unlearning), what your response is to a deletion request that targets training data. This is one of the most-litigated open questions in US privacy law right now.
17. A data quality framework specific to AI. Garbage in, governance failure out. Define minimum data quality standards for AI pipelines: completeness, accuracy, freshness, representativeness. Run automated checks at ingestion. Block model retraining when thresholds aren’t met. Spotify’s 2024 engineering blog detailed how a single upstream schema change degraded their recommendation model for six weeks before anyone noticed.
Model Lifecycle Management (18–22)
18. A model inventory with version control. Every production model: ID, version, training data snapshot, owner, purpose, performance baseline, deployment date, planned retirement. Tools like MLflow, Weights & Biases, or Vertex AI Model Registry handle this technically, but the inventory needs an organizational owner who actually keeps it current.
19. Pre-deployment validation gates. Models do not move from development to production without passing defined criteria: performance benchmarks, fairness thresholds, security scan, documentation completeness, sign-off from the use-case owner. Make the gate enforceable in your CI/CD pipeline, not just a checklist someone fills out.
20. Continuous monitoring for drift and performance degradation. Statistical monitoring of input distributions and output quality, with alerts when they shift beyond defined bounds. The Zillow Offers shutdown in 2021, a $304 million write-down, was fundamentally a monitoring failure: the iBuyer model kept producing confident estimates as the housing market shifted underneath it. Set drift thresholds before you need them.
21. Human-in-the-loop requirements for high-impact decisions. Define which decisions require human review before action, which require human availability for review, and which are fully automated. Document why. Colorado SB 205 and the EU AI Act both require disclosed human oversight for high-risk systems. Having the documentation ready saves a six-month scramble during enforcement.
22. Incident response plan for AI-specific failures. Adapt your existing IR plan for AI scenarios: model produces harmful output, model is jailbroken, training data leaks, third-party model is deprecated mid-quarter, regulator requests an explanation of a specific decision. Test it. The organizations that handle AI incidents well in public have a playbook; the ones that handle them badly are improvising.
People, Skills & Culture (23–25)
23. Role-based AI training for every employee who touches AI. Not the same training for everyone. A sales rep using a generative AI assistant needs different training than a data scientist building credit models. Map roles to training requirements; track completion. Frameworks like ISO/IEC 42001 require demonstrable competence, that means records, not assumptions.
24. Leadership AI literacy program. Your CEO does not need to write Python. They do need to understand: what AI can and cannot do, where it fails, what your organization’s exposure looks like. Quarterly briefings, scenario walkthroughs, and exposure to your own incident reports work better than vendor demos. Boards are now being asked AI-readiness questions in director liability insurance applications.
25. A whistleblower channel for AI concerns. Engineers and frontline staff see AI failures first. Provide a documented, protected channel for them to raise concerns about a model, dataset, or deployment without retaliation. The Frances Haugen disclosures and the OpenAI safety researcher departures of 2024 both surfaced through informal channels because formal ones didn’t exist. Build the formal one.
How to Use This Checklist
Treat the 25 items as a maturity assessment, not a to-do list to plough through in order. Score each item 0–3: 0 = doesn’t exist, 1 = ad hoc, 2 = documented, 3 = operational and audited. Total possible: 75.
A score below 25 means you have an exposure problem. Start with items 1, 2, 4, 5, and 7. These five give you a foundation that the rest can build on within 90 days. A score between 25 and 50 means you have the pieces but they don’t connect. Focus on the lifecycle and monitoring items (18–22). Above 50, you’re in the top quartile of US organizations and should be working toward formal certification under ISO/IEC 42001.
Three sequencing tips that come up in nearly every implementation:
- Inventory before policy. Writing an AI policy without knowing what AI you have produces a policy nobody can comply with. Item 4 first.
- Tier before testing. Bias testing every chatbot the same way you test a credit model wastes resources and obscures real risk. Item 7 before items 12 and 13.
- Contracts before consequences. Most AI risk now comes from vendors. Items 9 and 14 give you legal recourse when something goes wrong; without them, you absorb the loss.
Aligning the Checklist with US Regulations and Standards
Three frameworks dominate US AI governance practice in 2026: the NIST AI Risk Management Framework, ISO/IEC 42001, and the patchwork of state and sectoral laws led by Colorado SB 205, NYC Local Law 144, and the EEOC’s 2023 guidance on AI in employment.
The NIST AI RMF maps directly to most checklist items. The framework’s four functions: Govern, Map, Measure, Manage, line up with the checklist’s strategy, inventory, testing, and monitoring categories. Federal contractors and vendors selling into healthcare and financial services should treat NIST alignment as table stakes.
ISO/IEC 42001 takes the controls in this checklist and turns them into a certifiable management system. The advantage: third-party verification you can show to enterprise customers and regulators. The cost: 9–18 months of implementation work and ongoing surveillance audits. For organizations selling AI products or processing AI on behalf of regulated customers, certification is increasingly being written into RFPs.
State laws fill in specifics that federal frameworks leave open. Colorado SB 205 requires impact assessments and disclosure for “consequential decisions.” NYC Local Law 144 requires bias audits for automated employment decision tools. California, Illinois, and Texas all have AI-related bills active in 2026 sessions. The compliance pattern that works: build to the strictest applicable standard, document your reasoning, and update annually rather than chasing each new law.
| Framework | Best For | Implementation Time |
|---|---|---|
| NIST AI RMF | US federal contractors, regulated industries | 3–6 months |
| ISO/IEC 42001 | Organizations selling AI globally; enterprise B2B | 9–18 months |
| State laws (CO, NYC, CA) | Sector-specific compliance overlay | Ongoing |
What This Checklist Doesn’t Cover (And Why That Matters)
A governance checklist is a floor, not a ceiling. Three areas need attention beyond what any 25-point list can capture:
Domain-specific obligations. Healthcare AI hits HIPAA and FDA rules. Financial services hits SR 11-7 and the OCC’s model risk guidance. Employment AI hits EEOC and state fair-employment laws. The checklist gives you a horizontal foundation; vertical regulations add requirements you cannot skip.
Generative AI’s unique risks. Copyright exposure on training data, prompt injection, hallucination in legal or medical contexts, and the IP status of AI-generated outputs are all evolving faster than governance frameworks. Build a quarterly review specifically for generative AI policy.
Cultural change. Every governance program eventually hits the question of whether the organization actually wants the controls to bite. If your governance committee’s recommendations get overruled when they slow a launch, the program will collapse within 18 months. The checklist items are necessary; an organizational commitment to act on them is sufficient.
FAQs
1. What is AI governance and why does my organization need it?
AI governance is the framework of policies, roles, processes, and controls that determine how an organization develops, buys, deploys, and monitors AI systems. US organizations need it because AI failures now produce legal liability under state laws like Colorado SB 205, regulatory action from the FTC and EEOC, and contractual penalties from enterprise customers requiring NIST or ISO/IEC 42001 alignment. Without governance, AI risks are unowned and uncontrolled.
2. How is AI governance different from data governance?
Data governance covers the lifecycle of data assets: quality, access, lineage, retention. AI governance covers the lifecycle of models and AI-driven decisions, including training data provenance, model behavior, deployment controls, and ongoing monitoring. The two overlap (training data sits in both) but solve different problems. Most organizations need both, with explicit coordination between them.
3. Which AI governance framework should US organizations adopt?
The NIST AI Risk Management Framework is the most widely used in the US and is becoming a de facto procurement standard. Organizations selling internationally or to regulated industries often layer ISO/IEC 42001 on top of NIST for certifiable assurance. Sectoral organizations should also follow domain-specific guidance: SR 11-7 for banking, FDA guidance for healthcare AI.
4. Who is responsible for AI governance in an organization?
Governance ownership typically sits with a Chief AI Officer, Chief Risk Officer, or General Counsel, supported by a cross-functional committee covering legal, security, privacy, data science, and business units. Critical principle: one named owner with budget authority and the power to halt deployments. Distributed ownership produces distributed accountability, which means none.
5. How long does it take to implement an AI governance program?
A foundational program (items 1–5 of this checklist) can be operational in 60–90 days with executive sponsorship. Full coverage of all 25 items typically takes 9–18 months for mid-sized organizations. ISO/IEC 42001 certification adds another 3–6 months for audit preparation. The pace depends less on framework choice than on how aggressively leadership backs the program.
6. What does AI governance cost?
For mid-market US organizations, mature governance programs run 0.3–0.7% of total IT spend. The largest cost components are dedicated headcount (typically 2–6 FTEs for a $500M revenue organization), tooling for model inventory and monitoring ($50K–$300K annually), and training. Costs scale with the number and risk tier of AI systems, not company size alone.
7. Do small businesses need AI governance?
Yes, but proportional to their AI footprint. A small business using only off-the-shelf AI tools needs items 4, 5, 9, and 23 at minimum: an inventory, an acceptable use policy, vendor terms, and basic employee training. The full 25-item checklist applies to organizations developing AI, deploying AI in customer-facing decisions, or operating in regulated sectors.
The Bottom Line
The organizations that will avoid the next $5M AI incident are not the ones with the most sophisticated models. They are the ones who decided, before regulators forced the issue, that AI governance is an operational capability rather than a compliance afterthought. The 25 items in this checklist define what that capability looks like in practice.
Start with an honest scoring of where you stand today. The gap between your current score and 75 is your roadmap for the next 12 months. If you want a structured path to operationalize the checklist with international certification, the GAICC ISO/IEC 42001 Lead Implementer program walks through every control on this list as part of a recognized AIMS implementation methodology.
