← Back to glossary

Model Governance

Definition

Processes, roles and documentation that steer the lifecycle of an AI model in a company — from selection through validation, sign-off, monitoring and re-approval to decommissioning. Encompasses responsibilities, eval requirements, risk classification, versioning, audit trails and escalation paths.

Noise — Signal

Model governance is often summarised as an "AI governance framework" on a single slide — typically a diagram with arrows between roles such as "AI Lead", "Risk Owner", "Compliance Officer". Substantive governance isn't the diagram, it's the answer to concrete questions: who is allowed to deploy which model for which use case? At which risk level does which escalation kick in? Which eval thresholds are binding? Who monitors model drift in live operation, and what triggers a rollback? Without documented answers to these questions, model governance is a PowerPoint artefact that does not carry weight in audits.

The right question

Not: "Do we need a model governance framework?" But: "Which of the concrete lifecycle decisions — model selection, sign-off, drift detection, re-approval, decommissioning — are today assigned by name to a role, with documented thresholds and a traceable decision history?"

Related terms

AI Act (EU AI Act)

EU Regulation 2024/1689 governing AI systems, with staggered application through 2027 and separate obligations for general-purpose AI models.

DORA (Digital Operational Resilience Act)

EU Regulation 2022/2554 on the digital operational resilience of financial entities, applicable since 17 January 2025.

Evaluation (Eval)

Systematic, reproducible measurement of an AI system's quality against defined criteria.

AI Red Teaming

Structured, adversarial testing of an AI system against security, bias, hallucination and misuse patterns.

← Back to glossary