Subscribe to the Non-Human & AI Identity Journal

Who should own AI Act readiness across the organisation?

No single team can own it alone. Legal, privacy, security, procurement, product, and risk functions each control part of the workflow, so ownership has to be shared and explicit. The best indicator of readiness is whether those teams can produce the same evidence set without rework when a regulator asks for it.

Why This Matters for Security Teams

AI Act readiness is not a documentation exercise owned by one function. It is an operating-model problem because evidence, decisions, and accountability live across legal, privacy, security, procurement, product, and risk. The organisation must be able to show that controls were designed, reviewed, and maintained across the full lifecycle, which aligns with the control expectations in NIST SP 800-53 Rev 5 Security and Privacy Controls.

The practical failure mode is fragmented ownership: one team assumes another has captured model inventory, another assumes vendor diligence is complete, and nobody can assemble the same evidence set twice. That is exactly why AI governance work often becomes visible only after a request for proof, not before. NHIMG research on the DeepSeek breach shows how quickly AI-related exposure can become a governance issue when sensitive data, credentials, and operational boundaries are not controlled together.

Current guidance suggests readiness should be treated as a shared control system with explicit owners for each step, not a committee that meets occasionally. In practice, many organisations discover this only after procurement, legal, and security produce different answers to the same regulator question.

How It Works in Practice

Shared ownership works best when each function owns a distinct slice of the AI Act workflow, with one named coordinator ensuring the evidence model is consistent. Legal typically interprets obligations and approved claims. Privacy confirms data protection impact inputs and data minimisation. Security validates technical controls, logging, access, and incident handling. Procurement ensures vendor terms, assurances, and due diligence are complete. Product owns use-case purpose, user impact, and deployment scope. Risk ties it together into the enterprise control register.

The key is not simply assigning responsibility but defining artefacts that can be reused. A readiness pack usually includes model or system inventory, risk classification, vendor assessments, data flow maps, control testing results, and sign-off records. Best practice is evolving, but most programmes benefit from a RACI that names a single accountable owner for each artefact and a second line reviewer where independence matters. That approach maps well to governance and monitoring expectations in the NIST control catalog.

  • Use a single intake path for new AI use cases so legal, privacy, security, and procurement review the same record.
  • Maintain one source of truth for inventory, risk classification, and evidence status.
  • Require control owners to attach proof, not just attestations, for each major decision.
  • Review high-risk or externally supplied systems on a fixed cadence, not only at launch.

This is also where organisational discipline matters: NHIMG’s State of Secrets in AppSec research shows how fragmented control ownership can leave sensitive material exposed far longer than teams expect, which is a warning sign for AI governance too. These controls tend to break down when AI use cases are embedded inside product delivery teams with no central inventory, because no one function sees the full evidence trail.

Common Variations and Edge Cases

Tighter central oversight often increases coordination overhead, requiring organisations to balance speed against assurance. That tradeoff is real, especially when business teams want rapid experimentation and compliance teams want stable evidence. There is no universal standard for this yet, but current guidance suggests the answer should vary by risk tier rather than by organisational politics.

For low-risk internal use cases, a lightweight review path may be enough if legal, privacy, and security all sign off against a standard checklist. For high-impact systems, especially those touching employment, credit, health, or customer decisioning, ownership should become more formal with scheduled reviews, documented model change control, and clear escalation routes. Vendor-managed systems add another wrinkle: procurement cannot own compliance alone, because contract clauses do not prove operational control.

The most common edge case is when product teams treat AI features as ordinary software releases. That approach misses the fact that AI behaviour can shift with data, prompts, or model updates, so readiness needs recurring review. Organisations that are serious about AI Act readiness usually centralise governance standards while keeping operational ownership in the teams that control the actual risks.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Agentic AI Top 10 and CSA MAESTRO address the attack surface, NIST CSF 2.0 and NIST AI RMF set the technical controls, and EU AI Act define the regulatory obligations.

Framework Control / Reference Relevance
NIST CSF 2.0 GV.OV-01 AI Act readiness needs clear governance ownership and oversight across functions.
NIST AI RMF GOVERN The readiness question is fundamentally about organisational accountability and coordination.
OWASP Agentic AI Top 10 A2 Shared ownership must account for autonomous AI behaviour and control boundaries.
CSA MAESTRO GOV-01 MAESTRO emphasises lifecycle governance for agentic and AI systems.
EU AI Act The question is about operational readiness for compliance with AI Act duties.

Build a shared evidence process that supports risk classification, controls, and auditability.