Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI governance and scaling pressure: what IAM teams need now


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: A survey of more than 300 U.S. tech decision makers found 76% are concerned about ROI on new data privacy and AI initiatives, yet 86% plan to move ahead regardless, according to Collibra and Harris Poll. The real issue is not whether organisations will adopt AI, but whether their controls can keep pace with usage, accountability, and traceability.

NHIMG editorial — based on content published by Collibra: AI innovation remains an urgent priority, but governance is essential for scaling

By the numbers:

  • 76% of respondents say that they’re concerned about the ROI on new data privacy and AI initiatives.
  • 86% said they plan to move forward with these projects, regardless of compounding external challenges.
  • 71% of organizations said they had integrated generative AI into the workplace in 2024, a near 40% increase from the previous year.

Questions worth separating out

Q: How should organisations govern AI use without slowing adoption?

A: By setting clear approval paths, ownership, and evidence requirements before broad deployment.

Q: Why is traceability so important in AI governance?

A: Because AI decisions are difficult to defend without evidence of what data was used, what system acted, and who approved the workflow.

Q: What do security teams get wrong about AI governance?

A: They often treat governance as a document set instead of an operating model.

Practitioner guidance

  • Map AI use cases to accountable owners Assign a named business owner, technical owner, and governance approver to each AI use case before it enters production.
  • Require end-to-end traceability for AI workflows Log prompts, source data, connectors, and outputs so that every material AI action can be reconstructed later.
  • Embed lifecycle checks into AI operations Review who and what has access to AI tools, data, and integrations on a recurring schedule.

What's in the full article

Collibra's full blog post covers the operational detail this post intentionally leaves for the source:

  • The survey framing and respondent breakdown behind the 76% and 86% findings
  • The article's specific checklist for AI governance, including transparency, compliance, and stakeholder engagement
  • Collibra's discussion of how organisations are aligning data reliability with AI oversight
  • The full set of recommendations for balancing innovation with governance under economic uncertainty

👉 Read Collibra's analysis of why AI governance is essential for scaling →

AI governance and scaling pressure: what IAM teams need now?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

AI governance is now an identity problem, not just a policy problem. The article shows that organisations are pushing ahead with AI even while many question ROI and risk. That combination means the real control issue is who can use AI, who can approve it, and what evidence proves that use stayed inside policy. For practitioners, governance has to bind AI adoption to identity and access controls, not sit beside them as a separate programme.

A few things that frame the scale:

  • 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases, according to The State of Secrets in AppSec.
  • Only 44% of developers are reported to follow security best practices for secrets management, which means policy intent often outpaces day-to-day behaviour.

A question worth separating out:

Q: Who should be accountable for AI risk when business teams move quickly?

A: Accountability should sit with named owners across business, technical, and governance functions, not with a generic AI steering group. When responsibilities are explicit, decisions are easier to approve, challenge, and audit. That structure also prevents risk from being pushed into the gaps between data, security, and operations teams.

👉 Read our full editorial: AI governance is the bottleneck to scaling innovation safely



   
ReplyQuote
Share: