Risk
Governance Misalignment
Description
AI policy conflicts with or doesn't integrate with existing security, privacy, or data governance policies.
Example
AI policy allows cloud processing while data policy prohibits it, causing compliance violations.
Assets Affected
AI Policy
Data governance docs
Security policies
Mitigation
- Cross-functional policy review
- Policy mapping matrix
- Integrated governance framework
- Regular alignment checks
Standards Mapping
- ISO 42001: A.2.3
- NIST AI RMF: GOVERN 1.2, GOVERN 1.4
- DASF v2: GOVERNANCE 4.1, 4.2