From tool to actor
We have passed the point where AI is an experiment. Organisations use AI daily — for text production, code review, data analysis, customer support and security monitoring. What has changed recently is not just the adoption, but the nature.
With agentic AI — AI systems that act autonomously, make decisions and interact with other systems — the question shifts from “how do we use AI?” to “who controls what AI does?”. It’s a governance question, not a technology question. And it’s a question that leadership, not the IT department, must own.
Note: This article focuses on governance and management responsibility — not technical AI threats like prompt injection or data poisoning. If you want to explore AI security threats in depth, read our guide on AI security for organisations.
AI governance is not a separate track
The most common mistake I see is organisations treating AI as a standalone issue — an “AI project” alongside ordinary security work. This leads to duplication of effort, unclear responsibility and policies that don’t align with reality.
AI governance is an extension of your existing information security work. AI tools process your information assets. They should be included in the same risk analysis, covered by the same access control principles and governed by the same management decisions as everything else.
Connection to NIS2
NIS2 requires organisations to manage risks to their network and information systems. AI tools that process organisational data are part of this system — regardless of whether they run internally or as external cloud services.
This means AI tools should:
- Be included in risk analysis
- Be covered by access control
- Have clear owners and responsible parties
- Be included in supplier assessment (if they are external services)
Shadow AI: The risk you don’t see
57% of employees in knowledge-intensive organisations input sensitive company information into personal AI accounts. They do it because it’s convenient, because it makes them more productive, and because no one has told them not to.
The problem is that the organisation loses control over where the information ends up. Customer data, business plans, contract drafts, source code, personnel information — everything can be input into an external AI service where the organisation has neither visibility nor control.
Shadow AI is not a technology problem. It’s a governance vacuum. Employees solve their everyday problems with the tools available to them. If the organisation doesn’t offer approved alternatives and clear guidelines, employees will find their own ways.
Organisations that completely ban AI tools drive usage underground. Employees continue — they just don't talk about it. Controlled usage with clear boundaries is always better than bans that no one follows.
Give employees AI tools with enterprise agreements that ensure data isn't used for training, that logging exists, and that the organisation retains control. Make it easier to do the right thing.
Most employees understand they shouldn't share passwords. Fewer understand that a contract draft or customer list in an AI chat can be equally sensitive. Concrete examples work better than abstract policies.
AI tools should be part of your IAM strategy (Identity and Access Management). Who has access to which AI services, and what permission levels apply?
Agentic AI: The next governance challenge
What started with chatbots is rapidly developing towards autonomous AI agents that can act independently — book meetings, send emails, run database queries, execute code. This raises new questions about access control and permission management.
If an AI agent has permission to act on an employee’s behalf — who is responsible if the agent makes an incorrect decision? If the agent has access to sensitive systems — how do you ensure it doesn’t do more than intended?
These are questions that need to be addressed before agentic AI is implemented broadly in the organisation, not after.
Three questions leadership should be able to answer
- Which AI tools are being used in the organisation? Not just the officially procured ones — also those that employees use on their own initiative. An inventory of actual AI usage is the first step towards control.
- What data is being input into AI tools? Classify what type of information is being processed. Personal data? Trade secrets? Customer data? The answer determines what protective measures are needed and which tools are acceptable.
- Who is responsible? Not "the IT department" — but a named person with the mandate to make decisions about AI usage, escalate risks to management and update policies as the technology develops.
AI Act: The regulatory landscape is growing
The EU’s AI Act phases in requirements during 2026. Although most organisations don’t develop high-risk AI, the regulation affects everyone who uses AI systems classified as high-risk. This includes recruitment tools, credit assessment, biometric identification and other applications.
AI governance isn’t just about internal risk management — it’s also about regulatory preparedness. Organisations that already have a clear AI policy and governance model have a significant advantage when new requirements come.
Start with mapping
AI governance doesn’t need to be complicated. It needs to be systematic. Start by mapping which data flows where — including through AI tools. This gives you the picture you need to make informed decisions about policy, risks and investments.
Securapilot’s information flow analysis helps you map how information moves through the organisation — including through external tools and services. It’s the foundation for both AI governance and NIS2 requirements.
Frequently asked questions
What is AI governance?
AI governance is about defining how the organisation uses, controls and takes responsibility for AI tools. It includes policies, risk assessment, access control and accountability issues — not just technical implementation.
What is shadow AI?
Shadow AI refers to AI tools that employees use without organisational approval — often personal accounts with ChatGPT, Claude, Gemini or other services. The risk is that sensitive company information leaves the organisation's control.
How does AI governance connect to NIS2?
AI tools process your information assets and should be included in your risk analysis according to NIS2 requirements. Uncontrolled AI usage can pose a risk to information security that needs to be managed.
What should an AI policy contain?
Approved tools, what data may be input, access control, accountability issues, logging and audit requirements, and training requirements. The policy should be concrete enough to provide guidance for everyday decisions.
