Get Started
AI governance: A corporate counsel’s guide to doing it right

ARTICLE | September 18, 2025 | VOICES

AI governance: A strategic imperative for CIOs

Organizations need the right approach—and the right skills—to get the most out of AI

By Russ Elmer, General Counsel, ServiceNow

AI governance. The term itself was only a blip on the corporate radar up until generative AI hit the scene. Today, it’s much more than a blip; it’s a strategic imperative—one that chief information officers (CIOs) ignore at their own (and their organization’s) peril.

But what do we mean by “AI governance”?  To me, it means that our AI has been designed to do good and not harm, that we are watching our AI applications to check that they are working the way we intended them to, and that we continue to check that our AI continues to do good and not harm as it evolves.

According to ServiceNow’s 2025 Enterprise AI Maturity Index, AI is evolving faster than organizations can update their governance initiatives. Only 44% had formalized policies regarding data governance, privacy, and compliance this year, down from 47% last year.

It’s no surprise, then, that our 2025 Workforce Skills Forecast found the terms “observability” and “AI ethics” appearing more frequently in job ads. While these positions are in their nascency, we predict tangible growth as organizations start taking AI governance more seriously.

Related

Dig into the 2025 Workforce Skills Forecast data. Download the research report here.

Read the report

AI governance isn't a compliance checkbox you can tick off and forget about. It's an ethos that needs to be woven into the very fabric of how you approach AI in your organization.

As a CIO, you're dealing with technology that has incredible possibilities. We're talking about productivity improvements we haven't even imagined yet and customer experiences that could revolutionize entire industries. But here's the reality check: If you don't get governance right from the beginning, you're setting yourself up for serious problems.

Without an AI governance framework in place, you're looking at potential liability, terrible customer experiences, and significant reputational risk. There's bias that can creep in, incorrect information that can get propagated, and bad experiences that can spread among your employee base and, more critically, cascade to your customers.

But when you get it right? You unlock the full potential of AI—genuine productivity gains, exceptional employee experiences, and customers who benefit from technology that actually works as intended.

 

Here's something I tell every CIO: If AI governance is everyone's job, it's nobody's job. At the same time, every employee must be responsible for how they use AI. Both approaches must work together.

Governance by design should be embedded in your workflows from day 1. This requires a centralized authority—one person whose job it is to think about AI governance all the time. This person helps you work through policies, regulatory requirements, and technology considerations. They're your governance champion.

Then everyone else needs to learn that guidance and own it. We don't leave it to front-line people to figure out regulatory frameworks on their own. They need to learn the rules, understand the guidelines, and embed them in their daily work. It's their own responsibility to know and follow the guidance.

AI governance isn't a compliance checkbox you can tick off and forget about. It's an ethos that needs to be woven into the very fabric of how you approach AI in your organization.

One of the most common questions people ask is how best to approach hiring AI talent. The good news? You don't need to hire an army of AI governance experts. The principles can be disseminated across the organization if you invest the time, resources, and energy in doing so.

Take people from your existing team who are already learning the technology and train them into these new governance roles. There are infinite ways to structure this. The key is investing in your current people rather than assuming you need to build a completely new team.

Culture starts at the top. At its core, governance is about ensuring your product does what you say it does, making sure its technology works the way you think it's working, and keeping an eye on it to verify it continues performing as expected.

As CIO, you set the tone to position governance as an enabler, not a roadblock. If you embrace governance and understand its critical importance, your organization will naturally follow.

When you're ready to scale AI governance skills across your organization, here's my three-step approach:

1) Take time to understand what your program will be. Work with legal, compliance, HR, finance, engineering, product, and even marketing teams to develop a common approach.

2) Develop policies that encourage and guide AI usage, with clear guardrails and milestones for creating quality work.

3) Educate your entire team on these guiding principles. Hold them accountable, and you'll find people start teaching each other. Once everyone knows the rules, they can help each other out, and you'll scale faster than you thought possible.

Remember, this is an extension of your ongoing digital transformation. It's not all that different from what we've done before—it's just faster. The principles of good governance remain the same, whether you're talking about AI or any other digital transformation initiative.

This reminds me of a quote from Wipro’s AI and cloud solutions head, Saurabh Vadhera: “AI is only as effective as the people behind it. From mapping and analyzing business processes to designing, training, and governing models, it’s human talent that transforms AI from a tool into a strategic advantage.”

I couldn’t have said it better. When people across the organization work together, AI governance becomes more than just avoiding risk—it becomes the key to unlocking the full potential of what AI can do for your organization.

Trending articles

Related articles

Balancing governance and innovation
ARTICLE
Balancing governance and innovation

How Pacesetters navigate AI risk and opportunity

Scaling responsible AI adoption
ARTICLE
Scaling responsible AI adoption

Organizations racing to seize AI-powered opportunities can’t afford to overlook governance

Outpacing the AI hype: What top enterprises are doing differently
VOICES
Outpacing the AI hype: What top enterprises are doing differently

The strategies leaders are using to innovate with, not just invest in, AI

AI governance: A corporate counsel’s guide to doing it right
ARTICLE
AI governance: A corporate counsel’s guide to doing it right

The transformative potential of AI is profound. The risks can be as well. Here’s how to strike the right balance.

Author

Author Russ Elmer
Russ Elmer is ServiceNow’s general counsel 
Articles by Russ Elmer