Group of three adults comparing a piece of paper to something shown on a tablet

Mitigate AI Risk - Building a Policy Roadmap

As organizations begin to experiment with, and fully incorporate AI use into their operations, outlining acceptable use cases and identifying governance and accountability is becoming increasingly important.

Building an AI policy roadmap can help mitigates risks such as data privacy violations, misinformation, and bias by defining accountability, usage boundaries, and review processes, ensuring AI supports, rather than undermines, your organization’s goals. Learn more how our team of nonprofit AI strategists can help you build a custom policy roadmap.

 
Our Process Overview

Our five phase approach to developing an AI policy helps organizations build a framework to prepare for regulatory requirements, ensure compliance, and essential funder needs.

Phase 1

Groundwork & Organizational Readiness​

Define the mission-aligned reasons for adopting AI and determine the scope, including covered stakeholders, tools, use cases, and organizational jurisdictions.
Phase 2

Policy Design – Ethical & Responsible Use Framework

Articulate collective values regarding fairness, transparency, accountability, and privacy. Align policy with existing frameworks such as Microsoft's AI Governance Framework for Nonprofits and the White House AI Bill of Rights.
Phase 3

Implementation & Oversight

Review and approve AI-enabled tools, maintain an approved tools list, and require software/security reviews for new tools.​ Mandate human review of AI outputs to check for bias, accuracy, precision, and plagiarism.​
Phase 4

Training, Monitoring & Continuous Improvement​

Provide role-specific training on AI tools and responsible use. Limit the proportion of work replaced by AI to no more than 20%, Conduct regular audits to ensure ongoing compliance, monitor performance, and identify unintended consequences.​
Phase 5

Governance & Accountability​

Define roles and assign responsibility for AI oversight, including contacts for questions and reporting violations, and procedures for data protection, provisioning, and destruction.​

Service Description and Timeline

Initiation Phase: 1 – 5 Weeks 
Execution Phase: 6 – 12 Weeks
Wrap-up Phase: 13 – 14 Weeks

The final deliverable includes a custom draft of an AI policy that can be iterate for future needs.