Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM

John Rood shares how organisations can unlock real value from AI by balancing innovation, governance, and compliance. Learn why robust frameworks, practical training, and a bottom-up approach are key to sustainable AI adoption and risk management.

👉 Full Show Notes
https://www.microsoftinnovationpodcast.com/792

🎙️ What you’ll learn

• How to implement effective AI governance without stifling innovation
• Practical steps for building an AI management system
• The role of ISO 42001 and the EU AI Act in compliance
• Strategies to drive AI adoption and avoid shadow AI
• How to design ongoing AI literacy programmes for all staff

✅ Highlights

• “A poorly designed policy, I think, does stifle innovation. I think a well-conceived policy manages that trade-off.”
• “Shadow AI happens because organisations go buy an AI product and then lock it down.”
• “Our first recommendation… is that you’ve got to have someone to champion AI initiatives.”
• “Most organisations will start either from ISO 42001, or… the NIST AI risk management framework.”
• “The idea is we’re not just trying to put together a set of policies… What we’re trying to create is a living process.”
• “A great AI management system defines who has to get trained in what, and then make sure that actually happens on a regular basis.”
• “If your customers knew how you treat their data, they might not be your customers anymore.”
• “The top-down programmes tend to go poorly, whereas the… bottom-up programmes tend to do much better.”
• “When we are able to empower more people… we start to build the organisation’s muscle.”
• “The first step… is always regulatory.”
• “EU AI Act is written… to be extraordinarily broad.”
• “At the top of the pyramid, there’s a certain set of fairly robust training or literacy requirements that should be for whoever’s actually making the AI.”

🧰 Mentioned

• ISO 42001: https://www.iso.org/standard/42001
• EU AI Act: https://artificialintelligenceact.eu/the-act/
• NIST AI risk management framework: https://www.nist.gov/itl/ai-risk-management-framework
• GDPR: https://gdpr.eu/

✅Keywords
ai governance, iso 42001, eu ai act, compliance, shadow ai, risk management, ai management system, ai literacy, bottom-up adoption, regulatory, data privacy, nist framework

Microsoft 365 Copilot Adoption is a Microsoft Press book for leaders and consultants. It shows how to identify high-value use cases, set guardrails, enable champions, and measure impact, so Copilot sticks. Practical frameworks, checklists, and metrics you can use this month. Get the book: https://bit.ly/CopilotAdoption

Support the show

If you want to get in touch with me, you can message me here on Linkedin.

Thanks for listening 🚀 - Mark Smith