Doing AI Governance

Doing AI Governance

Home
Notes
Chat
Archive
About
Creating your AI Risk Management Policy
A blueprint for implementing AI Risk Management in your organisation, along with a fully developed policy template that you can use to build on.
  
James Kavanagh
2
Choosing the right controls for AI risks
A systematic approach to selecting the most effective prevention, detection, and response measures for major AI risks, both human and technical from…
  
James Kavanagh
3
The Velocity of Harm and Dynamic Feedback in AI Risk Assessment
Practical, proven methods to assess AI risks and a straightforward way to factor and communicate unique aspects of AI risk, including dynamic feedback…
  
James Kavanagh
2

March 2025

Identifying AI Risks
In Part 2 of our short series on building your AI Risk Management Framework, here are five real-world, proven and practical ways to identify the real…
  
James Kavanagh
Creating your AI Risk Management Framework (Part 1)
A practical outline of how to build the core risk management framework for AI Governance, starting with approaches to risk categorisation and an…
  
James Kavanagh
6
Creating your AI Governance Policy
Here's how to create a straightforward, practical AI governance structure and policy aligned to ISO42001 and other frameworks - plus a complete policy…
  
James Kavanagh
7
AI Governance Mega-map: Assurance & Audit, Third-Party Suppliers and Transparency
The final control domains for assurance, third-party suppliers and transparency, concluding of our mega-map of AI Governance drawing from…
  
James Kavanagh
3
AI Governance Mega-map: Operational Monitoring and Incident Management
Two control domains that focus on how we monitor, manage and respond in production - part of our mega-map of AI Governance drawing from…
  
James Kavanagh
1
AI Governance Mega-map: Safe, Responsible AI and System, Data & Model Lifecycle
Diving into the two control domains most important to safe, responsible AI for our mega-map of AI Governance drawing from ISO420001/27001/27701, SOC2…
  
James Kavanagh

February 2025

AI Governance Mega-map: Security and Privacy
Diving into the technical control domains for our mega-map of AI governance compliance drawing from ISO420001/27001/27701, SOC2, NIST RMF AI and the EU…
  
James Kavanagh
2
AI Governance Mega-map: Leadership, Risk Management and Regulatory Operations
Diving into the first 3 master control domains for our mega-map of AI governance compliance drawing from ISO420001/27001/27701, SOC2, NIST RMF AI and…
  
James Kavanagh
7
AI Governance Controls Mega-map
A crosswalk of master controls aligning ISO42001, ISO27001, ISO27701, the NIST Risk Management Framework, EU AI Act, and SOC2, for a real-world AI…
  
James Kavanagh
14
© 2025 James Kavanagh
PrivacyTermsCollection notice
Start writingGet the app
Substack is the home for great culture