S8E1: Stop Asking For Another AI Framework
AI risk feels like driving at night with broken headlights, so leaders keep demanding “a new framework” that will finally make everything clear. We think that’s the wrong ask. The guidance already exists, and it’s more mature than most teams admit: the NIST AI Risk Management Framework, ISO/IEC 42001 certifications, sector-specific control objectives in financial services, and the hard edge of enforcement through the EU AI Act. The real reason risk and compliance teams still feel stuck is that frameworks are built to prove defensibility, not to tell you what to build.
We unpack John A. Wheeler’s argument from RiskTech Journal and translate it into a practical way to design an AI governance program that actually works day to day.
Sign up to read this post
Join Now