Regulations Satisfied
ISO 42001 §10 Continual Improvement
NIST GOVERN 6.2
EU AI Act Post-Market
CO SB 26-189 (Jan 2027 transition)
CA ADMT (Jan 2027)
Federal AI Action Plan updates
G7 HAIP 2.0
G7 Trusted Partners
Required Activities
Quarterly Regulatory Horizon Scan (new laws, enforcement actions, guidance)
Annual AEGIS Framework Review - gap analysis vs. current obligations
Track: CO SB 26-189 (Jan 2027), CA ADMT significant decisions (Jan 2027), EU Annex III high-risk (Dec 2027 Omnibus), EU Annex I embedded products (Aug 2028 Omnibus)
Monitor HAIP Reporting Framework 2.0 scope, submission cycle, and OECD analytical reviews (next cutoff: 1 Sep 2026)
Track G7 Trusted Partners framework and frontier-model access restrictions affecting vendor contracts
Annual gap review: AEGIS evidence vs. HAIP 2.0 structured questions for deployer transparency
Monitor federal AI legislation developments in Congress
ISO/IEC 42001 certification program (target within 18 months)
Annual enterprise AI governance training for all AI builders and deployers
Benchmark governance maturity level annually using AEGIS maturity model
Communicate program status to board and external stakeholders
Assess G7 minors' digital-safety ministerial progress against your youth-facing AI controls (end-2026 review)
Agentic AI: As agentic AI capabilities advance (multi-agent orchestration, autonomous tool use, long-horizon planning), Pillar 7 triggers framework updates to keep Pillars 3 and 4 current with emerging risk surfaces. NIST Agentic AI RMF Profile (in development 2026) and G7 Inria agentic-AI policy work should be incorporated as released.
CAIOLegal / Regulatory AffairsAI Governance Committee