Which external frameworks are commonly referenced for AI governance?

The choice of NIST and ISO publications as a reference for AI governance is grounded in their widespread recognition and established frameworks that address various aspects of information security, risk management, and quality assurance. The National Institute of Standards and Technology (NIST) has developed guidelines that outline standards and best practices for managing risks associated with AI technologies, particularly in its Cybersecurity Framework. Similarly, the International Organization for Standardization (ISO) provides international standards that ensure quality and consistency across various industries, including those that leverage AI.

These frameworks are instrumental for organizations that seek to implement robust AI governance practices. They offer a structured approach to understanding and addressing the implications of AI technologies, guiding organizations on compliance, ethics, and operational efficiency. By referencing these external frameworks, organizations can align their AI governance strategies with recognized best practices, thereby enhancing their credibility and operational integrity in the rapidly evolving AI landscape.

The other options do not provide the same level of structured guidance for AI governance. While federal regulations and state laws are important legal frameworks, they often lack specificity regarding the operational management of AI technologies. Company internal policies tend to be tailored for specific organizational needs and may not reflect broader industry standards. Technical standards and guidelines are vital for implementation but may not address the comprehensive governance aspects