GAICC AI Conference & Awards 2026 "Governing the Future – Building Responsible, Safe and Human-centric AI"

AI Governance Framework · v1 prototype

The framework for governing AI you can prove.

One navigable model — the Governance Framework — for any organisation, in any discipline, built to govern teams of people and AI agents as the technology changes.

Tool-neutral

Standards-based

Future-ready

Why this framework

Not another standard — the connective tissue between them.

You already have ISO/IEC 42001 and the NIST AI RMF, and this framework is built on both. What it adds is what they don’t give you on their own.

Implement once, prove to many

One management system, mapped to every regime — EU AI Act, NIST and ISO — through the crosswalk. Build the evidence once; demonstrate it to many.

Built for agentic AI

Governs hybrid human + autonomous-agent teams as a first-class capability — the frontier where today’s standards still lag.

An operating model, not just principles

Hub-and-spoke plus three lines of defence, with the roles, cadence and artifacts to actually run governance — not a list of things to do.

Maturity you can measure

A scoreable maturity model to place yourself, a sequenced roadmap to advance, and a credential for every layer.

Why not just adopt ISO/IEC 42001 or the NIST AI RMF? You should — and this framework runs on both. What it adds is the connective tissue: one model mapped to every regime, extended for autonomous AI, with the roadmap, maturity model and credentials to actually operate it.
AI Governance Framework

Your whole AI programme, on one canvas.

Governance and its roles span every layer; a continuous loop runs across the top; the management system drives the middle; foundations hold the base. Click any element for its article — where the underlying standards live. Flip to Future-ready to see how it governs AI-agent teams.

Big Picture
The whole Framework

Every layer and actor of AI governance on one canvas — the accountability layer, the management system, the lifecycle, risk and assurance, and the people who run it. Select a part above to focus on one accountability layer in context.

Board & Executive
Sets direction · governing body

For  Directors, the C-suite and the AI oversight committee.

The accountability layer: who sets AI strategy and risk appetite, who is answerable when something goes wrong, and how the board keeps AI on its agenda. Even when autonomous agents do the work, a named human stays accountable.

What it covers
  • AI policy, principles and risk appetite
  • A single accountable executive — not an unowned committee
  • Board oversight cadence and reporting
  • The risk appetite for AI autonomy
In the next decadeAs agents and automated workflows scale, the board moves from approving systems to setting the autonomy limits and escalation rules the whole control plane runs inside.
The Governance Core
Runs governance · the hub (second line)

For  The AI governance lead and the central function — your Center of Excellence.

The central hub that owns the management system: policy, the control framework, an inventory of every AI system, agent and workflow, and the standards everyone builds within. Business units run as spokes inside the rails it sets.

What it covers
  • The AI management system and its operating rhythm
  • The control framework and Statement of Applicability
  • A live registry of AI systems, agents and workflows
  • The policies and guardrails the spokes inherit
In the next decadeThe hub stops being an approval desk and becomes a control plane — policy-as-code, automated guardrails and continuous observability — so governance scales to machine speed and volume.
Delivery & Operations
Owns & operates · first line

For  Product teams, system owners, ML and AI engineers — and the AI agents themselves.

Where AI is built and run. Governance follows each system across its lifecycle, with controls applied where they belong. The operators are increasingly a mix of people and supervised autonomous agents.

What it covers
  • The AI system lifecycle, inception to retirement
  • Controls applied in build and operation
  • System owners and engineers — the first line
  • Supervised autonomous agents and their oversight points
In the next decadeMost operational work runs on agents and automated workflows; the first line designs the human-on-the-loop oversight, capability limits and stop controls that keep them safe.
Risk, Assurance & Audit
Oversees & assures · second & third line

For  Risk, compliance, internal audit and the audit committee.

The independent view: assessing AI risk and impact, testing that controls work, and giving the board assurance that the programme runs as designed — through the three lines, ending in independent audit and certification.

What it covers
  • AI risk and impact assessment
  • Trustworthiness as measurable, tested properties
  • The three lines — own, oversee, independently assure
  • Internal audit, conformity and certification
In the next decadeManual sampling cannot keep pace with thousands of models and agents, so assurance becomes continuous and largely automated — monitoring behaviour and conformance in real time.
People, Functions & Capability
Embeds & enables · the spokes

For  HR and L&D, function leads and embedded AI champions.

How governance lands in real teams: the roles people play, the credentials that build the skill, and the function-level playbooks — legal, HR, finance, procurement — that turn policy into daily practice as federated spokes.

What it covers
  • The roles map — people and AI agents
  • The credential framework, foundation to senior
  • Embedded governance in each function (the spokes)
  • Adoption, culture and change
In the next decadeThe scarce skill becomes supervising and auditing AI rather than doing the task; capability and credentials shift toward overseeing agents and automated workflows.
Future-ready view. The framework governs hybrid human + AI-agent teams and autonomous systems — with continuous, real-time assurance and an adaptive loop that flexes as the technology changes.
AI Governance Frameworkv1 · Core configuration
The governance loopDirectAssessOperateImprove

Direct → Assess → Operate → Improve — a continuous loop across every layer.

Who runs AI governance — increasingly a mix of people and AI agents.
Set direction
Board & governing body
Accountable executive
Run governance
AI governance lead
Risk & assurance lead
Data & security lead
Governance analysts & coordinators
Build & operate
Product & system owners
Domain experts
Engineers & data scientists
AI agentsAI
Autonomous agents (supervised)AI
Spans the whole programme
Evidence producedPolicyRisk registerImpact assessmentEvidenceAudit log
The assurance rhythm — a continuous cadence
Plan
Operate
Review
Audit
Improve
v1