← Strategy Hub
02 — Governance

AI Governance & Risk

Model risk, regulatory compliance (MAS TRM, APRA CPS 234, EU AI Act), and responsible AI deployment.

17 guides in this track·3.4h reading·Risk & Compliance
What you'll learn

Ship AI responsibly — model risk management, regulatory obligations (EU AI Act, MAS TRM, APRA CPS 234, NIST RMF), and the audit trail a serious governance program actually needs.

Who this is for

Risk, compliance, and audit leads, and heads of AI accountable for the safe deployment of models in regulated environments.

How to use it

The guides are numbered — read in order for the curriculum path, or jump straight to the one you need. Each card is self-contained.

The guides

Ordered by recommended reading path
01
Why AI Governance Is a Board-Level Priority in 2026

Why 2026 is the year AI governance moved from working group to board agenda, and what boards actually own.

10 minRead →
02
Guardrails Without Killing Innovation: The Risk-Tiered Philosophy

How to design governance that speeds up safe work and slows down only the things that need to slow down.

11 minRead →
03
The AI Risk Landscape: Bias, Hallucination, Privacy & Security

A working map of the risks that actually show up in production, from bias and hallucination to privacy and prompt injection.

12 minRead →
04
The Global AI Regulatory Map: What's In Force by Late 2026

A practitioner's map of the AI rules in force globally, from binding regimes to sectoral supervision.

12 minRead →
05
The EU AI Act Explained for Practitioners: 2026 State of Play

The EU AI Act in the specific detail practitioners need in 2026, tiered by risk and timed by phased milestones.

12 minRead →
06
Provider or Deployer? Your Obligations Under the EU AI Act

Which role you play under the EU AI Act, and the very different obligations that come with each.

11 minRead →
07
US AI Regulation: The Federal Reset and State-Level Divergence

How US AI regulation actually works in 2026, across federal executive orders, sectoral agencies, and diverging state law.

11 minRead →
08
AI Governance in Australia: APRA, ASIC & the 2026 Supervisory Shift

APRA, ASIC, the OAIC, and the 2026 supervisory shift, and what Australian firms should be doing now.

11 minRead →
09
AI Governance in Singapore & APAC: MAS FEAT, Veritas & TRM

How Singapore's MAS and the broader APAC region regulate AI, and how their approach differs from EU-style rules.

13 minRead →
10
The NIST AI Risk Management Framework: A Working Guide

The NIST AI RMF as a working operating system for AI risk: Govern, Map, Measure, Manage in practice.

13 minRead →
11
Building an AI Governance Framework with ISO/IEC 42001

Using ISO/IEC 42001 as the scaffolding for an AI management system that scales beyond a single team.

12 minRead →
12
Model Risk Management for AI & LLMs

How MRM discipline extends to LLMs and agents: tiering, validation, monitoring, and challenger models.

12 minRead →
13
Model Documentation: Cards, Datasheets & Audit Trails

Model cards, datasheets, and audit trails that survive a regulator, an incident, and a change of team.

12 minRead →
14
Responsible AI in Practice: Fairness, Explainability & Human Oversight

Turning fairness, explainability, and human oversight into concrete operating practice, not slogans.

13 minRead →
15
Governing Agentic AI: New Risks When AI Takes Action

The new risk surface when AI takes action, and the guardrails, permissions, and oversight that keep it safe.

12 minRead →
16
Managing Third-Party AI and Shadow AI Risk

Governing the AI you didn't build and the AI your teams adopted without asking, without slowing the business.

13 minRead →
17
AI Incident Response, Red-Teaming & Audit Readiness

Incident response, red-teaming, and audit readiness for AI systems, treated as a single operating capability.

15 minRead →

Related tracks

Continue in the same group
01 — StrategyData & AI StrategyAI roadmaps, data governance, and build-vs-buy decision frameworks.03 — OrganisationAI Operating ModelAI CoE design, team structures, MLOps culture, and the organisational changes that make AI programs work.04 — ValueBusiness Case & ROIMeasuring AI impact, closing the pilot-to-production value gap, and building the CFO conversation.