Organizations rush to adopt artificial intelligence while traditional governance frameworks fail to address systems that learn and evolve continuously. Employees already use tools like Copilot without understanding data exposure risks; prompts retrieve sensitive HR records because data security controls weren't implemented before sanctioning access. The EU AI Act demands risk-based approaches, yet organizations struggle defining what constitutes high risk in their specific context versus generic definitions.

Effective AI governance requires dedicated oversight structures separate from conventional IT compliance rather than retrofitting static frameworks onto adaptive technology.

In this session, Siegfried Moyo of Americold Logistics will discuss:

• Building AI-specific committees with specialized knowledge instead of delegating ownership to CIO, CDO or legal teams individually;
• Mapping existing NIST or ISO controls to emerging AI regulations rather than creating parallel frameworks from scratch;
• Implementing Microsoft Purview or native security tools to restrict AI access to critical data before sanctioning enterprisewide deployment.