Data Governance for AI: Emergent Issues and Key Considerations

 There’s often no one factor at fault when severe weather appears—and similarly, many factors are driving the current storm of AI development workflows, tools, and software that’s currently sweeping through modern organizations. 

The sudden storm of demands that results from data governance for AI are thrusting data leaders into the role of emergency managers. Many are now in over their heads as they’re scrambling to triage damage, manage resources, and prevent cascading failures.

A digital illustration of a conference room with a long table and chairs that illustrates the concept of data governance for ai
(Photo illustration by Gable editorial / Midjourney)

To orient those who are facing that challenge, the below sections will outline the core forces behind today’s AI surge, unpack the most pressing governance challenges that organizations are now confronting, and identify practical strategies that data leaders can use to regain clarity, coordination, and control.

Key challenges for data governance for AI in modern organizations

AI adoption is surging—experts project it to grow at a compound annual rate of 35.9% between 2025 and 2030. As a result, many organizations are rapidly embedding AI technologies into their core workflows. 


But that speed of adoption often outpaces the systems and processes that should govern it. As a result, data leaders now face a host of new challenges that traditional data governance frameworks never expected to handle.

Here are the most pressing of these challenges:

Shadow AI and ungoverned implementation

Shadow IT—the unsanctioned, unmonitored use of hardware, software, cloud services, or applications—pre-dates AI’s current commoditization by decades. But just as the growing affordability and accessibility of personal computers and software began creating issues for tech leaders in the late ’80s and early ’90s, shadow AI is producing strikingly similar issues for data leaders today. 


This problem is now even more insidious—organizations are quietly (and often innocently) adopting tools that leverage AI-powered self-learning models and predictive analytics, which employees can easily embed in approved platforms and internal workflows. While this functionality is increasingly native to AI, it circumvents the outliers and anomalies that typically tip tech leaders off that their employees are using products or solutions outside of their purview. 


For data leaders who are responsible for their organization’s data governance efforts, this means that the shadow AI that’s proliferating throughout their organizations may actively be influencing critical business processes and data assets without essential validation, oversight, and documentation. This increases risks related to data quality issues, data protection, security breaches, and regulatory compliance efforts. 

Explainability and transparency deficits

Unlike traditional software and systems, many AI systems require development through cultivation, training, and re-enforcement learning. As a result, these AI tools often function as “black boxes,” which are technically and functionally opaque—not just to outsiders but to the tools’ creators as well. 

This opacity creates tangible challenges for data leaders, especially as they work to navigate increasingly sophisticated compliance landscapes. In addition to the audit and bias issues this presents, the inability for AI designers and users to explain the decisions that their AI-driven systems go on to make can significantly undermine stakeholder trust. 

Data quality and metadata management complexities

Somewhat ironically, while AI can degrade data quality across an organization, the systems themselves depend on massive volumes of clean, structured, and well-documented data to function properly. That tension puts data leaders in a tough spot: the more they embed AI into everyday workflows, the more pressure there is to produce high-quality, context-rich data on demand. And when internal sources fall short, as they so often do, teams start reaching for third-party datasets, often without looping in governance.

Modern AI training sets can easily include terabytes of semi-structured or unstructured data that teams pull from outside vendors. At that scale, it becomes exponentially harder to confirm that no sensitive data or inappropriate material is hiding in the mix. But once something problematic—like personally identifiable information—finds its way into a model’s neural network, it’s almost impossible to detect through standard audits or basic security reviews.

Operational drift and model risk

Finally, AI systems introduce unique operational risks like model performance degradation and suboptimal monitoring infrastructures, which traditional governance frameworks may be ill-equipped to handle.


When they’re unmanaged (or unmanagable), AI systems can also exhibit model drift. This occurs when external factors related to business operations—like shifts in user behavior, market or regulatory changes, and shifting patterns due to seasonal or temporal changes—differ from an AI system’s training data. Without proper governance, these data incongruencies can degrade performance and reliability, especially for predictive models that teams use for tasks like capacity planning or fraud detection. 

Additionally, many organizations lack clearly defined policies that dictate who in the organization is responsible for verifying, validating, or intervening when tools like large language models (LLMs) fail (assuming that leadership is aware that their teams are using them in the first place).

In the face of these escalating challenges, it’s clear that data leaders can’t treat governing AI as an add-on to legacy frameworks. Instead, they need to ensure that their governance efforts are effective for AI, which requires new thinking, practical guidance, and a flexible, forward-looking approach to data change management

5 ways to adapt data governance best practices for AI

Inevitably, there will be some organizations that decide they need to create entirely new governance programs to manage AI separately. But in many cases, the more urgent need is to ensure that existing data governance practices can handle AI’s demands: its scale, opacity, speed, and unpredictability. 

The five steps below are practical entry points for doing exactly that:

  1. Double down on organizational culture and change management

Despite the new challenges that AI use is creating for data leaders, one cardinal aspect of data governance remains unchanged: an organization’s data literacy will greatly determine its success or failure to modernize key pillars of data quality management. And data governance is no exception.

According to Deloitte’s Q4 2024 findings, organizations that invest in organizational readiness—specifically in data, governance, compliance, and workforce capability—are far better positioned to realize success from their AI efforts, regardless of how quickly the technology evolves.

For data leaders, this points to the need for a cultural assessment that surfaces the organization’s current level of data maturity, risk tolerance, and readiness for change. Based on what they find, it may be necessary to launch pilot programs that show data governance’s value in real AI workflows.

To reinforce that momentum, leaders should establish clear feedback loops to capture employee concerns, surface blind spots, and spotlight where they’re using AI without proper oversight. And to keep governance efforts ahead of the curve—not just chasing it—regular surveys and behavioral assessments can help them track how well the culture is evolving.

Comments