Impact Assessment
Back to insights

AI Governance

How to Run an AI Impact Assessment — A Practical Guide for Real Organisations

2 min read

Impact Assessment Editorial Team

Insights

How to Run an AI Impact Assessment — A Practical Guide for Real Organisations

AI impact assessments (AIIAs) are quickly becoming a core part of governance.

Regulators expect them. Organisations are adopting them. Frameworks are emerging everywhere.

But for many teams, there is still a fundamental gap:

They understand what an AI impact assessment should include — but not how to actually run one in practice.

The core mistake: treating AIIAs as documents

Like PIAs, AI impact assessments are often implemented as templates.

Teams fill out sections, describe risks, and produce a report.

But this approach breaks down quickly because:

  • work is not structured
  • ownership is unclear
  • evidence is disconnected

A practical execution model

To run an effective AIIA, the focus needs to shift from documentation to workflow.

Step 1: Define scope and system context

Start by clearly identifying:

  • what the AI system does
  • where it is used
  • who is involved

This sets the foundation for execution.

Step 2: Break governance requirements into tasks

Translate high-level principles into actionable work:

  • fairness checks
  • risk identification
  • validation steps

Each becomes a task.

Step 3: Assign ownership across teams

AI governance is inherently cross-functional.

Ownership should be explicit for:

  • technical validation
  • risk assessment
  • legal and compliance input

Step 4: Capture evidence alongside work

Evidence should include:

  • model documentation
  • testing outputs
  • design decisions

Attach it directly to tasks.

Step 5: Generate outcomes continuously

As work progresses:

  • risks are identified
  • findings are documented
  • recommendations are formed

What this approach changes

When AIIAs are run as workflows:

  • execution becomes predictable
  • coordination improves
  • reporting becomes easier

Most importantly, governance becomes enforceable.

Final thought

AI impact assessments are not just about understanding risk.

They are about ensuring that risk is assessed consistently, visibly, and at scale.

That requires more than templates.

It requires a structured way to run the work.

Related insights

Continue with related perspectives.

AI Governance

3 min read

AI Governance in Practice: Bridging the Gap Between Principles and Execution

AI governance has moved from a theoretical concern to a board-level priority in a remarkably short time.

Read article

Next step

See how this works in practice.

Explore the governed workflow in product detail, or validate fit with a real initiative through a pilot.

View ProductStart a PilotBook a Demo