The Complete AI Governance Glossary: 80 Terms Every Professional Needs to Know

A

This AI governance glossary defines the essential terms that compliance professionals, board directors, legal teams, and AI practitioners need to understand in 2026. It covers regulatory terminology (EU AI Act risk categories, GPAI, conformity assessment), governance concepts (accountability, transparency, explainability, human oversight), technical terms (model drift, hallucination, RAG, fine-tuning), and framework references (ISO 42001, NIST AI RMF, AIRA). Each definition is written for practical application, not academic abstraction.

Adverse action notice — A legally required notification given to an individual when an automated decision goes against them, particularly in credit, employment, and insurance contexts. In the US, the Equal Credit Opportunity Act and Fair Credit Reporting Act require adverse action notices for credit decisions. The notice must provide specific reasons for the adverse decision — "the algorithm decided" does not satisfy the requirement. See also: explainability, automated decision-making.

AI Governance — The policies, structures, processes, and controls that enable organisations to develop and use AI responsibly. Distinct from AI ethics (the principles) and AI compliance (the legal obligations), though related to both. Effective AI governance is operational — it shapes real decisions about AI deployment, not just documentation produced for auditors.

AI Lifecycle — The stages through which an AI system progresses: design and scoping, data collection and preparation, model development and training, validation and testing, deployment, monitoring, and decommissioning. Governance obligations apply at each stage and differ between stages. Pre-deployment governance (risk assessment, bias testing, documentation) is different from post-deployment governance (monitoring, incident response, performance review).

AI literacy — The knowledge and skills needed to understand, evaluate, and use AI effectively. Distinct from AI technical expertise (the ability to build AI systems). AI governance requires a specific form of AI literacy: understanding how AI systems work at a level sufficient to assess their risks, evaluate their governance, and engage meaningfully with technical experts about their design and operation.

AI system — The EU AI Act defines an AI system as a machine-based system with varying autonomy, potentially adaptive after deployment, that infers from inputs how to generate predictions, content, recommendations, or decisions affecting physical or virtual environments. This definition is intentionally broad — it captures most software that uses machine learning, not just systems explicitly called "AI."

Alignment — The property of an AI system pursuing the objectives that its developers and users actually intend, rather than proxy metrics or unintended objectives. Alignment failures can occur when: the objective function specified does not capture the true objective (reward hacking), the AI system behaves differently in training versus deployment (distributional shift), or the AI system's behaviour changes as capabilities increase (emergent misalignment). Alignment is primarily a technical AI safety research concept but has direct enterprise governance implications.

Algorithmic bias — Systematic and unfair discrimination produced by an AI algorithm. Can arise from: biased training data that reflects historical discrimination, feature selection that proxies for protected characteristics, objective functions that optimise for metrics that disadvantage protected groups, or feedback loops that amplify initial disparities. Algorithmic bias can be direct (the algorithm explicitly uses a protected characteristic) or indirect (the algorithm uses proxies correlated with protected characteristics). Legal liability does not require intent — disparate impact is sufficient.

Algorithmic transparency — The principle that AI systems and their decision-making processes should be understandable and open to scrutiny. Distinct from explainability (the ability to explain a specific decision) and interpretability (the ability to understand a model's internal workings). Full algorithmic transparency — publishing model weights and training data — is rarely achievable due to IP protection and privacy obligations; the governance question is what level of transparency is appropriate for each context.

Agentic AI — AI systems configured to take sequences of autonomous actions in pursuit of goals, rather than responding to individual prompts and producing single outputs. Agentic AI can browse the web, write and execute code, send communications, and interact with external systems with limited human oversight of individual actions. Agentic deployment creates specific governance challenges around human oversight, action scope limitation, and accountability for agent-initiated actions.

Audit trail (AI) — A record of AI system inputs, processing, and outputs sufficient to reconstruct the basis for any significant decision and to support post-hoc review, regulatory examination, and incident investigation. EU AI Act Article 12 requires logging of high-risk AI system operation to the extent technically feasible. Audit trails must be maintained for a specified period (at least six months under EU AI Act) and must be accessible to relevant authorities on request.

B

Bias testing — The systematic assessment of an AI system for unfair outcomes across different groups of people. Includes testing for disparate impact (different outcomes for different groups without adequate justification) and disparate treatment (different processing of inputs from different groups). Bias testing requires: demographic data about the population affected, defined fairness metrics, statistical methodology to assess significance of disparities, and documentation of both the methodology and the results. Bias testing before deployment and ongoing monitoring after deployment are both required for high-risk AI.

Black box AI — Colloquial term for AI systems whose internal operations cannot be directly observed or understood, even by the people who built them. Complex neural networks are often described as black boxes because their decision-making process cannot be explained in human-understandable terms. The governance implication: black box AI used in high-stakes decisions creates specific challenges for explainability obligations, bias auditing, and human oversight. See also: interpretability, explainability.

C

Conformity assessment — The process by which high-risk AI systems under the EU AI Act are assessed for compliance with the Act's requirements before being placed on the market or put into service. For most Annex III high-risk AI systems, conformity assessment can be conducted by the provider themselves (self-assessment). For biometric identification systems and some critical infrastructure AI, third-party notified body assessment is required. Self-assessment does not mean lightweight — it requires comprehensive documentation against all applicable requirements.

Content moderation AI — AI systems used to identify and remove or restrict access to content that violates platform policies or legal requirements. Content moderation AI creates governance challenges around: accuracy (both false positives and false negatives have significant consequences), bias (moderation systems may treat different languages, dialects, or cultural contexts differently), and accountability (automated removal of content implicates freedom of expression obligations).

Credit scoring AI — AI systems used to assess the creditworthiness of loan applicants or existing credit customers. Credit scoring AI is high-risk AI under EU AI Act Annex III and is subject to specific regulatory requirements in most jurisdictions: adverse action notice requirements in the US, Article 22 GDPR rights in the EU/UK, and responsible lending obligations in Australia. Credit scoring AI has a documented history of discriminatory outcomes through proxy variables.

D–G

Data governance — The policies, processes, and standards for managing data quality, availability, and appropriate use. For AI governance, data governance addresses: training data quality and provenance, data subject rights in relation to AI training data, data minimisation in AI systems, and ongoing data quality monitoring for deployed AI. Distinct from AI governance but foundational to it — AI systems are only as good as the data they are trained on and operated with.

Deployer (EU AI Act) — An organisation or individual that uses a high-risk AI system under its own authority. Distinguished from the provider (who develops or places on the market). Deployers have specific obligations under the EU AI Act including: using AI within its intended purpose, implementing human oversight, ensuring appropriate monitoring, reporting serious incidents, and maintaining logs. Deployer obligations cannot be transferred to the provider through contract.

Disparate impact — When a neutral policy or practice has a disproportionately adverse effect on a protected group, even without discriminatory intent. Disparate impact is actionable under anti-discrimination law in Australia (indirect discrimination), the EU (indirect discrimination), and the US (disparate impact doctrine under employment and fair lending law). AI systems can produce disparate impact through proxy variables, biased training data, or optimisation for metrics that correlate with protected characteristics.

Explainability — The ability to explain the basis for a specific AI decision in human-understandable terms. Distinguished from interpretability (understanding a model's internal workings) and transparency (openness about the AI system's existence and operation). Explainability is a legal requirement in many jurisdictions: EU AI Act Article 13 requires transparency of high-risk AI; GDPR Article 22 requires meaningful information about the logic of automated decisions; US financial regulation requires specific adverse action reasons. The challenge: some AI systems that produce accurate outputs cannot provide reliable explanations of those outputs.

Foundation model — A large AI model trained on broad data at scale, capable of being adapted to a wide range of downstream tasks. GPT-4, Claude 3, and Gemini Ultra are examples. Foundation models are governed under the EU AI Act's GPAI (General Purpose AI) provisions, with additional obligations for models with systemic risk (trained above 10^25 FLOPs). Enterprise organisations that deploy foundation models through APIs are deployers, not providers, but have deployer obligations under the EU AI Act.

Frontier AI — The most capable AI systems at any given time, operating at or near the boundary of what is technically possible. Frontier AI creates governance challenges that existing frameworks were not designed for: emergent capabilities, agentic deployment potential, and scale of potential impact. The UK AI Safety Institute and the US AI Safety and Security Board specifically focus on frontier AI governance.

GPAI (General Purpose AI) — AI models that can be used for a range of purposes, as distinct from AI developed for a specific use case. Under the EU AI Act, GPAI models have specific transparency and safety obligations. Models with "systemic risk" — trained with more than 10^25 FLOPs — have additional obligations including adversarial testing, incident reporting, and cybersecurity measures.

H–M

Hallucination — When an AI language model generates confident-sounding but factually incorrect or fabricated content. Hallucination is not a bug in the traditional sense — it is a characteristic of how large language models generate text, producing statistically plausible rather than necessarily accurate content. Enterprise governance implications: AI outputs used in consequential contexts (legal documents, medical advice, financial analysis, regulatory submissions) must be verified by humans with appropriate expertise before reliance.

High-risk AI — Under the EU AI Act, AI systems that pose significant risks to health, safety, or fundamental rights, listed in Annex III. Includes AI in biometric identification, critical infrastructure, education, employment, essential private and public services, law enforcement, border control, and administration of justice. High-risk AI providers and deployers have the most demanding compliance obligations under the EU AI Act.

Human oversight — Mechanisms enabling humans to monitor, understand, and when necessary intervene in AI system operations. EU AI Act Article 14 requires deployers of high-risk AI to implement human oversight measures. Human oversight must be genuine — nominal review without real capacity to assess or intervene does not satisfy the requirement. The specific implementation of human oversight depends on the AI system's decision speed, volume, and consequence profile.

Interpretability — The property of an AI model that allows its internal workings to be understood directly. Distinct from explainability (explaining specific outputs) and transparency (openness about the system's existence). Logistic regression models are fully interpretable — the relationship between inputs and outputs can be precisely described. Deep neural networks are generally not interpretable at the level of individual computations, though interpretability research is producing techniques that provide partial insight.

Model card — Structured documentation of an AI model's intended uses, training data, performance characteristics, limitations, and ethical considerations. Model cards are a best practice in responsible AI development and are becoming a regulatory requirement. EU AI Act technical documentation requirements align closely with model card content. Model cards support the explainability obligations that apply to high-risk AI and provide the baseline information for bias auditing.

Model drift — The degradation of an AI model's performance over time as the statistical distribution of real-world data diverges from the training data distribution. Model drift is a governance concern because it can cause an AI system that passed pre-deployment testing to perform poorly in production — including producing biased or inaccurate outputs. Monitoring for model drift is a requirement under EU AI Act human oversight provisions and a component of responsible post-deployment AI governance.

Model risk management — The framework for identifying, measuring, monitoring, and controlling the risks posed by AI and statistical models used in decision-making. Originated in financial services regulation (US Federal Reserve SR 11-7 guidance) and extended to AI/ML models by financial regulators globally. Model risk management requires: model inventory, independent validation, performance monitoring, model owner accountability, and governance of model changes.

N–R

Notifiable Data Breach (AI) — A data breach triggered by an AI system failure — for example, an AI that returns other users' personal data, a model inversion attack that recovers training data, or an AI-assisted cyberattack that results in data exfiltration. Notifiable data breach obligations under the Privacy Act (Australia) and GDPR (EU/UK) apply to AI-related breaches on the same terms as other data breaches. The 30-day notification clock under the Australian scheme runs from when the organisation becomes aware of the breach.

Post-quantum cryptography — Cryptographic algorithms designed to be secure against attacks by both classical and quantum computers. NIST finalised post-quantum cryptography standards in August 2024 (FIPS 203, 204, 205). Enterprise organisations with data that must remain confidential beyond 2030-2035 should begin migrating to post-quantum cryptography now, due to the "harvest now, decrypt later" threat.

Proxy variable — A variable used in an AI model that is correlated with a protected characteristic (race, gender, age, disability) without explicitly referencing it. Postcode can be a proxy for race in housing markets. Purchase history can be a proxy for gender in retail. Credit history can be a proxy for age. Using proxy variables can produce discriminatory outcomes that are legally actionable as indirect discrimination even where the protected characteristic is not explicitly included in the model.

Provider (EU AI Act) — An organisation or individual that develops or places on the market an AI system or general purpose AI model. Distinguished from the deployer (who uses the AI). Providers of high-risk AI have the most extensive obligations: conformity assessment, technical documentation, registration in the EU AI Act database, post-market monitoring, and serious incident reporting. Providers of GPAI models have obligations around transparency, copyright compliance, and for systemic risk models, additional safety requirements.

S–Z

Safety case — A structured argument, supported by evidence, that an AI system is acceptably safe for its intended use in a specific operational context. Safety cases are required for AI in high-consequence industries including aviation, nuclear, medical devices, and autonomous vehicles. The safety case methodology — developed in aerospace and nuclear before AI — provides a rigorous framework for demonstrating safety that is increasingly being applied to AI in other high-stakes contexts.

Systemic risk (AI) — The risk that an AI system could have significant negative effects on a large number of people, disrupt critical systems, or cause widespread harm. Under the EU AI Act, GPAI models trained above 10^25 FLOPs are presumed to have systemic risk and are subject to additional obligations. Systemic risk is also relevant to AI in financial services (where AI failures can amplify market instability), critical infrastructure (where AI failures can affect essential services), and information ecosystems (where AI-generated content can influence public opinion at scale).

Technical documentation (AI) — The detailed documentation required for high-risk AI systems under the EU AI Act, demonstrating compliance with the Act's requirements. Must include: description of the system and its intended purpose, design specifications, training data documentation, performance metrics, bias testing results, cybersecurity measures, and human oversight mechanisms. Technical documentation must be created before deployment and maintained throughout the system's lifecycle.

Training data — The data used to train an AI model. Training data quality, provenance, and composition fundamentally determine the model's performance, biases, and limitations. Key governance obligations relating to training data: lawful basis for using personal data in training (GDPR/Privacy Act), copyright compliance for training on creative works, bias in training data creating discriminatory model outputs, and documentation of training data composition in technical documentation.

AI Sandboxing — A controlled environment where AI systems can be tested, evaluated, and monitored before deployment in production. Regulatory sandboxes allow organisations to test AI applications under regulator supervision with temporary relaxation of certain requirements. The EU AI Act requires member states to establish at least one regulatory sandbox by August 2027.

AI Washing — The practice of making misleading claims about the use or capabilities of AI in products or services. Similar to greenwashing, AI washing creates compliance risks including false advertising exposure, securities law violations (for public companies), and consumer protection liability. The SEC and FTC have both signalled enforcement interest in AI washing.

Algorithmic Impact Assessment — A structured evaluation of an AI system's potential effects on individuals and communities before deployment. Required or recommended under multiple frameworks including the EU AI Act (fundamental rights impact assessment for high-risk AI), Canada's Algorithmic Impact Assessment Tool, and various US state laws. Distinct from a DPIA, which focuses specifically on data protection.

Autonomous System — An AI system that can perceive its environment, make decisions, and take actions without continuous human direction. Includes autonomous vehicles, industrial robots, trading algorithms, and agentic AI. The Five Eyes joint guidance (May 2026) identifies five risk categories specific to autonomous AI: privilege, design, behavioural, structural, and accountability risks.

Brain-Computer Interface (BCI) — A device that creates a direct communication pathway between the brain and an external computing system. BCIs collect neural data — arguably the most sensitive category of personal data. As of 2026, four US states (Colorado, California, Connecticut, Minnesota) have enacted neural data privacy laws, with six or more states considering additional legislation.

Cognitive Liberty — The right of individuals to mental self-determination, including freedom from involuntary neural monitoring, protection against mental manipulation, and control over one's own neural data. Recognised in UNESCO's global neuroethics standards (November 2025) and emerging in national legislation through neural data privacy laws.

CPS 230 — APRA's prudential standard on operational risk management, effective 1 July 2025. Requires APRA-regulated entities to maintain operational resilience including for AI systems, manage material service provider dependencies (including AI vendors), and test business continuity arrangements. APRA's April 2026 industry letter reinforced CPS 230 obligations for AI vendor management.

Data Protection Impact Assessment (DPIA) — A systematic assessment of the risks that data processing activities pose to individuals' privacy and data protection rights, required under GDPR Article 35 for processing likely to result in high risk. Mandatory for most AI systems that process personal data, particularly those involving profiling, automated decision-making, or large-scale processing of special category data.

Deepfake — AI-generated synthetic media — images, video, or audio — that realistically depicts events that did not occur or words that were not spoken. The EU AI Act requires transparency labelling of deepfake content (Article 50, effective August 2026). The EU Digital Omnibus (May 2026) introduced a new prohibition on AI systems enabling non-consensual sexually explicit deepfakes.

Digital Twin — A virtual representation of a physical system, process, or environment that uses AI to simulate, predict, and optimise real-world operations. Used in manufacturing, infrastructure, healthcare, and urban planning. Governance requirements include model validation, data accuracy, decision-making transparency, and clear accountability when actions are taken based on digital twin outputs.

Edge AI — AI processing performed on local devices (phones, sensors, cameras, wearables) rather than in centralised cloud servers. Edge AI can enhance privacy by keeping data on-device, but creates governance challenges around model updates, performance monitoring, and ensuring consistent governance across thousands of distributed devices.

Extended Reality (XR) — An umbrella term covering augmented reality (AR), virtual reality (VR), and mixed reality (MR). AI-powered XR systems collect biometric data (eye tracking, facial expressions, body movement) that qualifies as sensitive personal data under GDPR and similar laws. The EU AI Act prohibits real-time biometric identification in publicly accessible spaces, which may affect AR applications with facial recognition.

Federated Learning — A machine learning technique where AI models are trained across multiple decentralised devices or servers without exchanging raw data. Each device trains a local model and shares only model updates. Federated learning can support data minimisation and privacy-by-design principles, but governance must address model convergence, fairness across data distributions, and the risk of inference attacks on model updates.

Model Collapse — The degradation of AI model quality that occurs when models are trained on data generated by other AI models, creating a feedback loop that amplifies biases and reduces diversity. A growing concern as AI-generated content becomes an increasing proportion of internet text. Governance implications include training data provenance, quality assurance, and output monitoring.

Multimodal AI — AI systems that process and generate multiple types of data — text, images, audio, video, code — within a single model. GPT-4, Claude, and Gemini are multimodal. Governance must address the distinct risks of each modality: text hallucination, image generation ethics, audio deepfakes, and the compound risks when modalities are combined.

Neural Data — Information generated by or derived from the central or peripheral nervous system, including brainwave data from EEG devices, signals from brain-computer interfaces, and derivative data such as attention scores, emotional state classifications, and cognitive load estimates. Four US states have enacted neural data privacy laws as of 2026, classifying it among the most sensitive categories of personal data.

Neural Privacy — The right to keep one's neural data private and free from unauthorised collection, analysis, or use. An emerging legal concept addressed through neural data privacy laws in Colorado, California, Connecticut, and Minnesota, and through UNESCO's global neuroethics standards (November 2025). Distinct from broader data privacy because neural data can reveal cognitive and emotional states that other data types cannot access.

Product Liability (AI) — Legal liability for harm caused by AI-enabled products. The EU's revised Product Liability Directive (2024/2853), which member states must implement by December 2026, explicitly covers AI and digital products. It introduces a presumption of defectiveness when manufacturers fail to disclose relevant AI system information, and extends liability to software providers.

Prompt Injection — An attack technique where malicious instructions are embedded in input data to manipulate an AI system's behaviour, causing it to ignore its original instructions or produce harmful outputs. Particularly relevant for agentic AI systems that process external data. The Five Eyes guidance identifies prompt injection as a key behavioural risk for agentic AI deployments.

RAG (Retrieval-Augmented Generation) — An AI architecture that combines a large language model with an external knowledge retrieval system, allowing the AI to access and cite specific documents or data sources rather than relying solely on training data. RAG reduces hallucination risk and improves factual accuracy, but governance must address the quality, currency, and access controls of the retrieval knowledge base.

Red Teaming (AI) — The practice of systematically testing AI systems by attempting to make them produce harmful, biased, inaccurate, or policy-violating outputs. Required or recommended by the EU AI Act (for GPAI with systemic risk), NIST AI RMF, and the White House AI commitments. Effective red teaming requires domain-specific expertise and structured methodology, not just adversarial prompting.

Regulatory Sandbox (AI) — A controlled environment established by a regulator where organisations can test AI innovations under regulatory supervision with temporary flexibility on certain requirements. The EU AI Act requires member states to have at least one operational AI regulatory sandbox by August 2027 (extended from 2026 by the Digital Omnibus). Multiple jurisdictions including Singapore (AI Verify), UK (FCA, ICO), and Australia have established or are developing AI sandboxes.

Shadow AI — The use of AI tools and systems within an organisation without the knowledge, approval, or governance oversight of IT, security, or compliance teams. Analogous to shadow IT but with higher risk due to the potential for data leakage, regulatory non-compliance, and ungoverned decision-making. APRA's April 2026 letter implicitly addresses shadow AI through its expectation of comprehensive AI use case inventories.

SR 26-2 — The Federal Reserve's Supervisory Guidance on Model Risk Management, issued April 2026 to replace SR 11-7 (2011). SR 26-2 explicitly covers AI and machine learning models, requiring banks with over $30 billion in total assets to implement model risk management frameworks that address AI-specific characteristics including learning-based model updates, opaque decision-making, and emergent behaviour.

Synthetic Data — Artificially generated data that mimics the statistical properties of real data without containing actual personal information. Used for AI training, testing, and development when real data is unavailable, insufficient, or too sensitive to use. Governance considerations include whether synthetic data truly eliminates re-identification risk, whether models trained on synthetic data perform fairly across demographic groups, and regulatory acceptance of synthetic data for compliance testing.

Further reading: ISO 42001

Related reading

• What Is AI Governance? The Complete Guide for Business Leaders
• ISO 42001: A Practical Implementation Guide for 2026