IAPP Executive Describes Who Owns AI Governance
AdExchanger published an interview with Ashley Casovan, managing director of the IAPP's AI Governance Center, about who holds responsibility for AI governance inside organizations. AdExchanger reports that IAPP research finds companies say they lack sufficient budget and resources for governance professionals and that the privacy function often bears primary responsibility for AI governance. The interview notes that responsibility is uneven: privacy, cybersecurity, and data-governance teams are all being pulled into AI governance work, and some organizations are creating roles focused almost entirely on AI governance. Casovan is quoted saying, "There isn't a consistent model yet" and "It looks very different from one organization to the next." The article lists AI governance tasks ranging from policy translation and committee set-up to technical evaluations.
What happened
AdExchanger published an interview with Ashley Casovan, managing director of the IAPP's AI Governance Center, about how organizations are allocating responsibility for AI governance. AdExchanger reports that IAPP research finds companies say they lack sufficient budget and resources for governance professionals, and that the privacy function often carries primary responsibility for AI governance. The article quotes Casovan: "There isn't a consistent model yet" and "It looks very different from one organization to the next." AdExchanger also reports that cybersecurity and data-governance professionals are being drawn into AI governance alongside privacy teams.
Technical details
The interview and reporting describe AI governance work as spanning both policy and technical activities. On the policy side, responsibilities include translating high-level principles into concrete rules, establishing governance structures such as committees or boards, and defining acceptable use cases. On the technical side, reporting notes involvement in fairly technical evaluations, which can include data-minimization considerations and assessments of consent.
Industry context
Editorial analysis: Organizations facing similar governance gaps commonly distribute AI oversight across existing functions, creating role ambiguity and coordination friction. Industry-pattern observations show that when governance duties are added onto existing teams, that can strain capacity and slow decision cycles. Observers tracking regulatory and compliance trends see this fragmentation as increasing the importance of cross-functional coordination and clearer budgeting for governance work.
What to watch
Indicators that will clarify ownership include creation of dedicated AI governance roles, explicit budget lines for governance staff, formal governance committee charters that list participating functions, and use of technical review frameworks or external audits. AdExchanger's piece notes variability by organization size and sector, which suggests those indicators may emerge unevenly across industries.
Quoted material
"There isn't a consistent model yet," said Ashley Casovan, managing director of the IAPP's AI Governance Center. "It looks very different from one organization to the next."
Scoring Rationale
The story highlights a widespread operational issue-who owns AI governance-which affects compliance, product risk, and team workflows. It is notable for practitioners managing governance but not a frontier technical or regulatory landmark.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
