Blog Insights
Creating a Generative AI Policy for Your Organization – Where to Start?
It comes as a shock to no one that Artificial Intelligence (AI) is on the minds of pretty much every single mission-driven organization that we work with. The term encompasses a wide range of tools and practices that can support an equally wide range of work and strategies.
Nonprofit leaders know there are both challenges and opportunities that need careful consideration before adopting AI tools.
An organization-wide use policy and associated training can help educate employees on some of the risks and pitfalls of the technology and provide rules and recommendations for how to responsibly use AI in their daily work.
Forum One is approaching AI through research, planning, and side-by-side client work.
Organizations need an AI policy to regulate how AI is used at work, prevent legal violations, protect sensitive data, monitor quality and accuracy, reduce bias and discrimination, promote accountability, and foster employee trust.
Here is what we have learned so far about how to create an organizational AI use policy that helps you and your team get the most out of AI without putting the organization at risk.
1. Determine your policy scope, purpose, and objectives
The first step to crafting your corporate use policy is to consider the scope – will this cover ALL forms of AI or just generative AI? Focusing first on generative AI can help address the most pressing issues that most organizations face because of the scale and speed of possible effects of the technology. Defining the purpose and objectives of a generative AI policy ensures clarity, alignment, and responsible use within your organization. Objectives offer specific, measurable outcomes or principles that guide the implementation of AI technologies.
It can help to bring in outside counsel to determine how best to approach, especially if Ai is not “owned” by a specific department or team within your organization. Forum One’s Strategy Team routinely partners with our nonprofit and government clients to help guide them through this complex process and ensure that whatever policy is created is flexible to meet their needs and durable.
2. Identify and engage all stakeholders involved
Engaging a diverse group of stakeholders allows you to create a comprehensive policy aligned with organizational goals, and helps increase adherence. Engage representatives from all parts of the organization in some kind of AI working group that regularly convenes to gather feedback and review the policy.
3. Identify the use cases
Working with all stakeholders, create a list of all known internal and external “use cases” that are being applied today at your organization, as well as those envisioned for the future. Some potential use cases may include using generative AI tools to develop copy for marketing materials, implement search functionality for a mobile app, or combine large language models with enterprise data.
4. Get legal and HR involved
Departments such as Human Resources and Legal should play a lead role in approving and disseminating the policy across the organization. Additionally, they can assist in helping you familiarize yourself with the intricate web of relevant laws and regulations that govern the particular area of focus.
5. Make it a living document
It should come as no surprise that whatever policy is created, it will need to be continuously reevaluated and adapted in response to emerging use cases, shifting external market conditions, and advancements in technology. This ongoing process of review and adjustment ensures that the policy remains effective and aligned with the evolving landscape of requirements and opportunities.
6. Share broadly across the organization
Once you’ve created a framework, provide multiple training and education sessions. Since policies often get quickly forgotten, or not even read, it’s impossible to offer these learning opportunities early and often. This may include creating training videos, hosting quarterly live Q&A sessions with suitable groups (IT, legal, marketing, etc.), and providing relevant examples to help make it real to employees.
At this sea-change moment, we’re working with organizations to set holistic AI strategies and governance as part of their core organizational strategies. Much like early corporate social media policies, spending time on this now will help mitigate evolving risks in the years to come.