Newsroom
Events
Subscribe

From principles to practice: AI governance foundations in government

Establishing AI governance as a differentiator for public sector organizations

May 28, 2026

Key takeaways

Government organizations operate under high expectations for transparency and accountability.

AI can modernize operations for government organizations, but the right guardrails are necessary. 

AI governance frameworks can help entities balance innovation with transparency and compliance.

#
Risk consulting Government State & local government Technology risk consulting

As artificial intelligence continues to reshape public sector operations, government organizations are facing a pivotal moment—not whether to adopt AI, but how to do so responsibly.

Government organizations are exploring AI to improve efficiency, enhance service delivery and better support the communities they serve. At the same time, rising expectations for transparency, fairness and accountability mean leaders must adopt AI in ways that strengthen trust while withstanding regulatory and public scrutiny.

AI can modernize decision making and operations across government functions, but only when it is introduced with the right guardrails. Strong governance foundations help align AI systems with mission objectives, while protecting civil liberties and delivering sustainable value.

As part of our 2026 Q1 government services webinar series, RSM US Principal John Huyette and Manager Arthur Sellers discussed the core AI governance principles most relevant to government organizations and how governance frameworks can help them balance innovation with transparency, compliance and public trust.

Below, we explore key AI governance considerations for government leaders, including foundational principles, risk management approaches and lifecycle governance practices, and how to set the stage for applying these concepts in practice.

Why AI governance matters more in government

AI governance carries a higher level of responsibility in the public sector than in many private sector environments because government organizations operate under heightened expectations for transparency, civil rights protection and accountability. These are expectations that AI systems must meet by design, not as an afterthought. 

“It’s not necessarily a question of if agencies will use AI. It’s whether they’re going to govern it well enough to sustain trust, withstand scrutiny and actually scale responsibly.”
John Huyette, Principal, RSM US LLP

In government, AI often does more than automate routine tasks. It increasingly informs decisions related to benefits eligibility, enforcement actions, public safety, health care delivery and other services that directly affect people’s lives. When these AI systems fail or are poorly governed, the consequences are not minor inconveniences. They can introduce legal exposure, ethical violations and reputational damage that erodes public trust.

This reality makes AI governance not simply important, but essential for government agencies. 

Common challenges facing government organizations

Several recurring governance challenges consistently emerge as AI use expands.

Bias and data limitations

AI systems trained on incomplete, historical or biased data can produce inequitable outcomes and disproportionately affect underserved or underrepresented communities.

Lack of transparency and explainability

If agencies cannot explain how an AI system reached a decision, they risk compliance challenges, diminished trust and difficulty responding to citizen or regulatory inquiries. 

Accountability gaps

Unclear ownership across the AI lifecycle—who is responsible for the model, the data, the outcomes—creates blind spots and slows decision making when issues arise. 

Security and privacy risks

AI introduces new attack surfaces, including risks tied to nonhuman identities, sensitive data access and misuse of system outputs. In government, these risks are amplified by existing privacy and data protection laws that already govern how personal and sensitive information must be handled and protected, regardless of whether AI-specific regulations are in place.

For many organizations, AI governance already serves as the practical link between evolving privacy obligations and emerging AI risk. 

“Shadow AI” and fragmentation

AI capabilities are increasingly embedded into existing tools, often without centralized oversight, which can result in untracked usage (known as “shadow AI”), inconsistent controls and uneven risk management.

Without a strong governance foundation in place, these risks tend to compound as AI adoption expands. 

Navigating an evolving regulatory landscape

AI regulation continues to evolve across both federal and state levels, leaving government organizations without a single, settled standard for AI-specific requirements. At the same time, privacy and data protection laws already shape many AI use cases—particularly those involving personal, sensitive or constituent data—and those obligations continue to evolve as more states introduce unique privacy requirements.

While recent federal actions signal efforts toward a more unified approach to AI regulation across the United States, state-level AI legislation continues to advance. Organizations must navigate shifting and sometimes overlapping expectations across privacy that continue to evolve alongside AI risk.

In this environment, strong AI governance is essential. Clear governance foundations help government organizations align AI use with privacy-by-design principles, meet statutory privacy and transparency expectations, and make consistent, defensible decisions as regulatory direction continues to develop.

A practical framework for responsible AI governance

To move from principle to practice, organizations should follow a trusted framework to guide AI adoption and usage. For example, RSM’s AI Governance Framework aligns AI governance efforts with established standards such as the National Institute of Standards and Technology (NIST) AI Risk Management Framework (RMF). Our framework offers a practical, scalable structure designed with public sector needs in mind.

Rather than introducing entirely new governance structures, this approach enables government agencies to extend existing IT, data and enterprise governance practices to address AI-specific risks.

Governance as an enabler, not a constraint

A common misconception is that AI governance slows innovation. In practice, the opposite is often true. 

“A lot of people hear ‘governance’ and think it’s just going to slow things down and not scale quickly. But when you really think it through, strong AI governance and a thought-out process should have the opposite effect.”
John Huyette, Principal, RSM US LLP[

Organizations that rush into AI without proper governance often run into stalled pilots, duplicated efforts across departments and solutions that never reach production. In most cases, the technology isn’t the problem. The absence of structure, clarity and oversight is.

Strong governance helps government organizations:

  • Accelerate decision making through clear processes and ownership
  • Reduce rework and failed implementations
  • Build confidence among stakeholders, leadership and regulators
  • Enable scalable, repeatable AI adoption

When governance is embedded early, organizations can innovate with confidence—for example, piloting AI in service delivery with clear ownership, oversight and escalation paths already defined.

“If organizations don’t establish roles and accountability up front, they often struggle once AI reaches production and starts influencing real decisions.”
Arthur Sellers, Manager, RSM US LLP

Laying the groundwork for AI in action

For government organizations, the real challenge with AI is not understanding its potential, but rather sustaining progress once adoption begins. As AI initiatives expand across programs and departments, success depends less on individual use cases and more on whether the organization can support AI as an enterprise capability.

This is where governance becomes the differentiator. When governance is established early, organizations are better positioned to move beyond experimentation, absorb change and integrate AI into how decisions are made and services are delivered. It creates the discipline needed to support growth, align stakeholders and respond, as expectations from regulators, leadership and the public continue to evolve. 

“Effective risk management enables long-term success and enables the public sector to best serve their communities.”
Arthur Sellers, Manager, RSM US LLP

RSM works with government organizations across the enterprise AI journey, helping leaders move from early exploration to scalable, well-governed adoption. Our experience spans governance design, risk management, strategy, implementation and ongoing oversight, allowing organizations to deliver intended AI value while maintaining control as adoption matures.

Ready to get started? RSM’s experienced AI advisory team understands the importance of AI governance and the foundational elements needed to manage risk, support responsible adoption and create long-term value. Contact our team to learn how a governance-first approach can help your organization move forward thoughtfully and with confidence.

RSM contributors

  • John Huyette
    John Huyette
    Principal
  • Arthur Sellers
    Arthur Sellers
    Risk Consulting Manager

Related insights

THE POWER OF BEING UNDERSTOOD

ASSURANCE | TAX | CONSULTING

RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent assurance, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit rsmus.com/about for more information regarding RSM US LLP and RSM International.

© 2026 RSM US LLP. All rights reserved.