Ref: https://www.udemy.com/course/aws-ai-practitioner-certified/learn/lecture/44887839

• Contents:

Regulated Environments and Workloads

• Some industries require extra level of Governance and Compliance:
  • Financial services
  • Healthcare
  • Aerospace
• Example:
  • Reporting regularly to federal agencies
  • Regulated outcome: mortgage and credit applications
• If you need to comply with regulatory frameworks (audit, archival, special security requirements…), then you have a regulated workload!
  • 💡 E.g. sensitive data usually leads to regulated workloads!

Importance of Governance & Compliance

• Build Trust
  • Ensure responsible and trustworthy AI practices
  • Foster public trust and confidence in the responsible deployment of AI
• Mitigate risks
  • Bias, privacy violations, unintended consequences…
  • Protect from potential legal and reputation risks
• Support management, optimization, and scaling in regulated environments
  • Establish clear policies, guidelines, and oversight mechanisms
  • Ensure AI systems align with legal and regulatory requirements
• AWS Tools for Governance (see AWS Security Services for details):

Governance Framework

• Example approach:
  1. Establish an AI Governance Board or Committee
     • Team should include representatives from various departments, such as legal, compliance, data privacy, and Subject Matter Experts (SMEs) in AI development
  2. Define Roles and Responsibilities of governance board
     • e.g. oversight, policy-making, risk assessment, decision-making processes…
  3. Implement Policies and Procedures
     • They should address the entire AI lifecycle (from data management to model deployment and monitoring)

Governance Strategies

• Policies – principles, guidelines, and responsible AI considerations
  • Data management, model training, output validation, safety, and human oversight
  • Intellectual property, bias mitigation, and privacy protection
• Review Cadence – combination of technical, legal, and responsible AI review
  • Clear timeline: monthly, quarterly, annually…
  • Include Subject Matter Experts (SMEs), legal and compliance teams and end-users