Governance & guardrails
AI governance framework: the components and how to build one
An AI governance framework is the structured set of policies, roles, and controls that decides how your company builds, buys, and uses AI. This page covers what actually goes in one, how to build it in a sensible order, and which of the named frameworks fits a company like yours. A framework outline you can adapt is on this page, free.
What an AI governance framework actually is
Strip away the branding and a framework is the answer to one question: how does this company use AI without betting the business on it? It names who is accountable, what the rules are, which systems carry real risk, what controls those systems get, and who is watching them in production. It is the difference between "we have AI everywhere" and "we know where our AI is and can stand behind it."
The good news is that you don't start from a blank page. The concept is settled. Definitions, the risk-based lifecycle, and the major frameworks have converged, and the academic literature agrees the goals are broadly agreed even where the mechanics are not. The hard part, the part surveys keep flagging, is turning any framework into running practice: 75 percent of organizations report having an AI policy, but far fewer have incident playbooks or named roles behind it (Pacific AI 2025 governance survey). So the work is less about choosing a framework and more about operating one.
The components every framework shares
Different frameworks number and name these differently, but they cover the same nine parts. If you can point to each one in your own program, you have a framework. If one is missing, that is your next gap.
| Component | What it is | Why it matters |
|---|---|---|
| Principles | The handful of commitments the rest of the framework enforces: human oversight, fairness, transparency, security, accountability. | Without them, every later decision is ad hoc. With them, you have a test to hold a proposed AI use against. |
| Roles and accountability | A named owner, and a clear split of who decides, who does the work, and who signs off on a high-risk use. | Governance that belongs to everyone belongs to no one. This is the part most stalled programs are missing. |
| An AI inventory | A live list of every AI system and vendor tool, including the ones a team signed up for without telling IT. | You cannot govern what you cannot see. Almost every program that skips this discovers shadow AI later, the hard way. |
| Risk tiering | A repeatable way to rate each system by likelihood and impact and sort it into a tier. | It lets you spend scrutiny where it matters and leave a low-stakes drafting tool alone. |
| Controls by tier | Access rules, data boundaries, testing, and human review, sized to the tier a system landed in. | This is where policy becomes practice. The higher the tier, the more evidence you keep. |
| Human oversight | The rule that a person, not the model, is accountable for consequential decisions, with a way to intervene. | Every major framework treats this as non-negotiable, and it is the control regulators ask about first. |
| Procurement and third parties | How AI vendors get vetted, what your contracts require of them, and who owns the risk they carry. | Most companies buy far more AI than they build, so most of your risk arrives through a vendor. |
| Monitoring and incidents | Watching systems in production for drift and misuse, plus a plan for when one causes a problem. | AI risk is not one-and-done. A model that was fine at launch drifts, and someone has to be watching. |
| Review and improvement | A set cadence to revisit the inventory, the tiers, the controls, and the framework itself. | The standards are still being revised and your AI use keeps changing. A static framework rots. |
The frameworks that matter, and which fits you
You adopt an existing framework rather than write your own vocabulary. Three names carry the field, and they were built to interoperate:
- The NIST AI RMF is a voluntary US framework built on four functions (Govern, Map, Measure, Manage). It gives you a method and a shared vocabulary, with no audit and no certificate. It is the default reference for US companies and the one most contracts now name.
- ISO/IEC 42001 is the certifiable international standard for an AI management system: clauses 4 to 10 plus 38 Annex A controls that an accredited auditor checks. You reach for it when a customer, regulator, or board wants third-party proof.
- The EU AI Act is binding law with deadlines, for any AI whose reach touches the EU market. It is the only one of the three that can fine you.
You do not pick one and ignore the rest. The sane approach is to build each governance capability once and know where it lands in all three. Published crosswalk analyses put the NIST AI RMF or ISO 42001 at roughly 60 to 70 percent of the EU AI Act's management-system and risk-governance requirements, and NIST publishes its own official RMF-to-ISO-42001 crosswalk. We put all three side by side, capability by capability, in the AI compliance framework crosswalk, which is the page to read once you have decided which regimes apply to you.
How to build one, in order
The order matters more than the paperwork. The most common failure is reaching for a 40-page policy and a committee before anyone has listed what the company is actually running. A realistic sequence for a medium-to-large company:
- Name an owner and write the principles. One accountable person or a small committee, and five or six commitments you will enforce. This can happen in a week and it is what turns intent into a program.
- Inventory your AI. List every system, vendor tool, and dataset, including shadow AI a department expensed on a card. This alone puts most companies ahead of where they were, and it is the step teams most often skip.
- Tier the inventory by risk. Rate each system by likelihood and impact so scrutiny follows the stakes. A model that affects a decision about a person needs far more than an internal summarizing tool. A scoring rubric makes this repeatable rather than a debate.
- Put controls on the systems that earned them. Access rules, data boundaries, testing, human oversight, and documentation, sized to each tier. Do the high-risk systems first and write down what you are deferring and why.
- Stand up monitoring and an incident path. Decide how you watch systems in production and what happens when one misbehaves, before you need it rather than during the incident.
- Set a review cadence and iterate. Revisit the inventory, tiers, and controls on a schedule, and re-check the framework against the standards, which are themselves still being revised. This is a living baseline, not a one-time push.
Overlay this on what you already run. If you have ISO 27001, SOC 2, or the NIST Cybersecurity Framework, a lot of the access, monitoring, and vendor controls already exist; you are adding the AI-specific parts (model documentation, evaluation, drift monitoring, impact assessment) on top, not starting over.
A framework outline you can adapt
Below is a working skeleton for an AI governance framework document. It is not the standard itself and not legal advice; it is a starting structure to fill in with your own systems, roles, and risk decisions. It maps cleanly to the components above and to the NIST, ISO, and EU regimes. Copy it, cut what doesn't apply, and keep the version-one short.
- 1. Purpose and scope. Why this framework exists and what it covers: which entities, which AI systems (built and bought), and what is explicitly out of scope.
- 2. Principles. The commitments every AI use must satisfy. Keep it to five or six you will actually enforce, not a wish list.
- 3. Roles and accountability. The named owner, the committee or forum, and a simple split of decision rights. Who approves a high-risk use, and who can stop one.
- 4. AI inventory. How systems get registered, what you record about each (owner, purpose, data, vendor, tier), and how the list stays current.
- 5. Risk tiering. The method for rating and tiering each system, and what each tier means. This is where a scoring rubric plugs in.
- 6. Controls by tier. The minimum controls each tier requires: access, data handling, testing, documentation, and human review.
- 7. Human oversight. Which decisions require a human in the loop, what that person is accountable for, and how they intervene or override.
- 8. Data governance. What data may and may not train or feed an AI system, quality and provenance expectations, and privacy boundaries.
- 9. Procurement and third parties. How AI vendors are assessed, the clauses your contracts require, and how vendor risk is owned internally.
- 10. Monitoring, incidents, and review. Production monitoring, an AI incident process, and the cadence for reviewing the whole framework against changing rules.
The point of writing it down is not the document; it is that a new hire, an auditor, or a customer can read one thing and understand how you handle AI. A framework nobody can find is not a framework.
How much framework is enough
More governance is not automatically better. The same literature that maps the field also warns about "redundancy, organizational confusion, and superficial compliance" when companies pile on overlapping controls and produce theater instead of oversight. For a resource-constrained company the honest target is the smallest framework that actually covers your real risks: the inventory, tiers, and controls on the systems that matter, run by a named owner. You can always add rigor where evidence shows you need it. You rarely recover the trust lost to a policy everyone learned to ignore.
If you would rather have this built against your actual systems than assemble it from a template, that is the fixed-scope AI risk assessment (a stated scope, a report you keep, $20,000 to $80,000 depending on scope), and the standing version is AI governance consulting. The related pages that go deeper: the AI governance committee that runs the framework, the AI risk assessment template that powers the tiering step, and the AI governance hub for the wider map.
One line of hygiene: this page is general information, not legal advice. For obligations that apply to your specific systems, talk to counsel.
Questions people ask
- What are the components of an AI governance framework?
- They converge on nine parts: principles, named roles and accountability, an AI inventory, risk tiering, controls sized to each tier, human oversight, procurement and third-party rules, production monitoring and incident handling, and a review cadence. Frameworks brand and group these differently, but skip any one and you have a gap someone will find.
- What is the best AI governance framework?
- There is no single best one; there is the one that fits your situation. Most US mid-to-large companies build on the NIST AI RMF as the working method, add ISO/IEC 42001 if a customer or board wants a certificate, and classify against the EU AI Act if any system reaches the EU. You build one set of controls and map it to whichever you answer to; our framework crosswalk shows how they line up.
- Is the NIST AI RMF a governance framework?
- Partly. The NIST AI RMF is a risk management framework whose first function, Govern, sets the culture, policy, roles, and accountability that a governance framework needs. So it covers the governance core and a good deal more, but it is voluntary and gives you a method rather than a filled-in program. You still adapt it to your own systems and risk tolerance.
- What is the difference between an AI governance framework and an AI policy?
- The framework is the whole operating system: roles, inventory, tiering, controls, oversight, monitoring. The policy is one document inside it, the written rules people follow. A policy without the framework around it is a page nobody enforces; the framework is what makes the policy real.
- How long does it take to build an AI governance framework?
- A usable first version takes weeks, not months, if you resist the urge to boil the ocean. Name an owner, inventory your systems, tier them, and put controls on the few that need them first. Maturing it into an audited, evidence-backed program is a multi-quarter effort. The mistake is trying to reach the mature end state before you have the inventory, which is step one for every framework.
Tell us about the work.
A few lines is enough. We read every enquiry ourselves and reply within one business day.