The Board’s Role In Navigating AI Risks And Rewards

Cal Al-Dhubaib is a globally recognized data scientist and Head of AI at Further, a privacy-first data, cloud and AI company.

While 86% of enterprises see artificial intelligence (AI) as essential to business transformation, fewer than 20% have strategies that truly align AI initiatives with their broader business goals. Boards today face the unique challenge of turning AI from a set of abstract opportunities into concrete, strategic wins.

While oversight remains a core responsibility, boards increasingly find themselves at the center of driving AI's strategic adoption. This means asking hard questions: Where can AI create measurable impact? What risks are worth taking, and which ones demand stricter guardrails? Boards need to go beyond risk mitigation and position AI as a lever for competitive advantage—integrating it into the company’s larger vision and priorities.

This article breaks down three critical areas where boards should focus their efforts: identifying and mitigating risks unique to AI, committing to ongoing education about its capabilities and implications and integrating AI risk management with other governance processes.

Inventory AI Risks In Context Of Business Objectives

The goal is not to shun risk but to determine the level of investment required to enable the value AI creates for your organization and your customers. This includes assessing operational and reputational risks that could arise from AI adoption. Can your board confidently map where AI is being used across the business? Are use cases prioritized by risk and value? How frequently are these assessments revisited? Without a clear, up-to-date inventory of AI systems and their impact, boards are flying blind in a rapidly evolving market.

But boards don’t need to start from scratch. Many existing processes—like cybersecurity and privacy assessments or internal audit workflows—provide a strong foundation. In fact, areas flagged as high-risk in these domains often overlap with unique AI challenges, such as algorithmic bias or data misuse.

The priority isn’t just identifying risks but understanding their context within the broader business strategy. Boards should push for metrics that connect AI initiatives directly to business outcomes. For instance, how does an AI system’s operational risk weigh against its potential to improve revenue or customer retention? Boards must connect AI risks to business outcomes, ensuring oversight investments align with measurable value.

Commit To Continuous Learning

AI is rapidly evolving and board members are often removed from daily operations, which can create gaps in understanding AI’s practical impact on the workforce and execution. Boards should have honest conversations about how closely their experience aligns with the company’s AI activities. While every board member can’t become an “AI expert,” understanding how AI impacts day-to-day operations and what it could mean for the organization is a great first step.

This could mean shadowing the company’s AI initiatives to understand firsthand how these systems are reshaping operations, decision making and customer experiences. Engage with the teams implementing these solutions and ask critical questions: How do these systems align with our strategic priorities? How are we measuring their success? Where might they fall short? How are they impacting our workforce?

Boards that stay disconnected from these processes risk letting AI become a black box—misunderstood and misaligned with organizational goals. By fostering ongoing dialogue with executives, data teams and external advisors, directors can demystify AI and ensure it’s not just operationally sound but strategically indispensable.

Complement Existing Expertise With AI Governance Capacity

Boards can’t afford to address AI strategy in isolation. Instead, they can add capacity by taking these steps:

1. Recruit specialized AI expertise. The complexity of AI calls for specialized advisors or dedicated AI councils who can bridge the gap between technical intricacies and strategic decision making. This isn’t about just adding a seat at the table—it’s about ensuring the board has the right voices to challenge assumptions and uncover opportunities.

2. Certify leaders within the organization. Industry certifications, like the International Association of Privacy Professionals’ (IAPP) AI Governance certification, provide structured frameworks to address common risks. At Further, we’ve prioritized this, with four team members—myself included—now officially certified, and more on the way. These certifications ensure we don’t just talk about AI governance but actively build the expertise to deliver it.

3. Integrate AI governance into broader risk management. Boards shouldn’t approach AI governance as a separate initiative requiring entirely new processes. Instead, they should look for ways to build on existing frameworks like cybersecurity, privacy and compliance audits. These are proven pathways for managing high-stakes risks, and many AI-specific concerns align closely with these domains.

The challenge for boards isn’t just managing the risks of AI but ensuring it drives the broader ambitions of the organization. In a world where technology evolves faster than strategy, the boards that thrive will be those that embrace AI as both a safeguard and a driver of meaningful innovation.

Success lies not in treating AI as a science experiment but in reimagining how it drives strategy and delivers competitive advantage. Boards that help their organizations thrive will be those that actively cultivate AI literacy, align AI strategy with broader business goals and take ownership of their organization’s AI journey. The choice is clear: Lean in and adapt—or risk being left behind.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?