← All posts

AI · January 25, 2026 · intSignal AI Team

Building an AI Governance Program That Actually Works

Why AI governance stopped being optional

Eighteen months ago, most organizations could treat AI as an experiment run by a few curious teams. That window has closed. Employees now paste source code, customer records, and contracts into public chatbots. Business units buy AI features embedded in SaaS tools nobody reviewed. Developers wire third-party models into production with an API key and a credit card. The result is shadow AI — a growing footprint of AI usage that no one has inventoried, risk-assessed, or is accountable for.

Two forces are turning this from a nuisance into a board-level concern.

  • Regulation is arriving with teeth. The EU AI Act entered into force in 2024 and phases obligations in through 2026 and 2027, with prohibited-use bans and penalties that can reach the higher of tens of millions of euros or a percentage of global annual turnover. It applies to any organization placing AI systems on the EU market, which sweeps in plenty of US companies. Sector rules, state privacy laws, and procurement requirements are moving in the same direction.
  • A credible framework now exists. The NIST AI Risk Management Framework (AI RMF 1.0) gives US organizations a voluntary but well-regarded structure built on four functions — Govern, Map, Measure, and Manage. It is the reference most legal and security teams will expect you to align to, the way they expect a security program to map to a recognized control set.

The takeaway is not "ban AI." Banning it drives usage underground and forfeits real productivity gains. The takeaway is that unmanaged AI is now an audited, regulated, and attackable part of your environment, and it needs a program — not a memo.

Start with an inventory, because you cannot govern what you cannot see

Every AI governance program begins where every security program begins: with an inventory. You need a living record of where AI is used, by whom, and against what data. Most organizations are surprised by how much surfaces once they look.

Capture at least these fields for each use:

  • Owner — the accountable business or technical lead, not the vendor.
  • Purpose — the decision or task the system supports.
  • Data in and out — what feeds the model and what it produces, flagged for regulated or confidential content.
  • Model and provider — first-party, third-party API, or embedded SaaS feature, including whether prompts are used for training.
  • Autonomy level — advisory, human-in-the-loop, or fully automated action.

Discovery is part technical, part human. Network and SaaS telemetry, plus data loss prevention controls, will reveal a large share of the traffic flowing to AI endpoints. Interviews and an amnesty window — invite teams to register what they already use, no blame — surface the rest. Treat the inventory as continuous, not a one-time census; new AI features ship inside tools you already own every month.

Tier by risk so governance is proportional

Not every AI use deserves the same scrutiny. A model drafting internal meeting notes is not the model deciding who gets credit, a job interview, or a medical triage. Tiering keeps oversight proportional and prevents the program from becoming a bottleneck that teams route around.

A workable three-tier model:

  1. Low risk. Productivity and drafting uses with no regulated data and no automated decisions — summarizing public documents, brainstorming, code suggestions on non-sensitive repositories. Light-touch: acceptable-use rules and logging.
  2. Medium risk. Systems that touch confidential or personal data, or that materially inform a human decision. These require a documented owner, a data review, and defined human oversight before deployment.
  3. High risk. Anything that makes or heavily drives consequential decisions about people — employment, credit, insurance, access to services — or that operates with meaningful autonomy. These get formal impact assessment, bias testing, sign-off, and scheduled review. This is also roughly where the EU AI Act concentrates its obligations, so the tier maps cleanly to regulatory exposure.

Tiering is what lets you say yes quickly to the low-risk majority while reserving real rigor for the small number of uses that can actually harm someone or the business.

The five controls at the core

Once you can see and tier AI usage, five controls carry most of the weight.

  • Acceptable use. A short, concrete policy: approved tools, what data may never be entered into public models, when human review is mandatory, and how to request a new use case. One page people actually read beats a forty-page policy nobody opens.
  • Human oversight. Define for each medium- and high-risk use who reviews output, who can override it, and who is accountable for the outcome. AI should inform decisions about people, not silently make them.
  • Data protection. Prevent confidential and regulated data from leaking into models that retain or train on it. This is where AI governance and your existing security stack meet — the same DLP, classification, and access controls, extended to AI endpoints and prompts.
  • Monitoring and audit. Log prompts and outputs for higher-risk systems, watch for misuse and model drift, and keep records that let you answer "what did this system decide, and why" months later. Auditability is now a regulatory expectation, not a nice-to-have.
  • Vendor and model due diligence. Before adopting a tool, confirm how it handles your data, whether it trains on your inputs, where processing occurs, and what security attestations it holds.

These controls also protect against the newer attack surface AI introduces — prompt injection, data poisoning, model exfiltration, and sensitive data leakage through generated output — which your defensive machine learning and AI work should account for directly.

Assign real accountability

Governance fails when it belongs to everyone and therefore no one. Name the roles explicitly:

  • An executive owner — often a CISO, chief data officer, or a cross- functional AI council — accountable for the program.
  • Use-case owners in the business, accountable for their specific systems.
  • Reviewers from security, legal or privacy, and risk who assess medium- and high-risk uses.
  • A clear intake path so employees can propose new AI uses and get a fast decision instead of going around the process.

A lightweight AI council that meets on a regular cadence, owns the inventory, and approves high-risk uses is enough for most mid-market and enterprise organizations. It does not need to be a new department.

Start lean, without stifling innovation

The most common failure is over-engineering the program on day one, producing heavy policy that teams quietly ignore. Start with a minimum viable program and mature it:

  1. Publish a one-page acceptable-use policy and a no-blame registration path.
  2. Stand up the inventory and run discovery.
  3. Apply risk tiers and set proportional requirements per tier.
  4. Extend existing security and data controls to AI endpoints.
  5. Name owners and a review body.
  6. Add monitoring, impact assessments, and audit as high-risk uses grow.

Map the whole thing to the NIST AI RMF and your regulatory obligations as part of your broader security and compliance posture, so governance reinforces the controls you already run rather than duplicating them.

Where to start

AI governance is not a document you write once — it is an operating capability that pairs policy, security controls, and continuous oversight. Done well, it lets your teams adopt AI faster because the guardrails are clear. intSignal helps organizations inventory AI usage, tier it by risk, and build governance on top of the security and data-protection controls they already have. Talk to our team and we will help you turn shadow AI into a program you can stand behind.