Chiefs of Staff: Lead the Charge with AI Policy Writing for Your Company

Written By Maggie Olson

Does your company have an AI Policy? If not, who’s working on it?

Do not leave this important task up to a specialized team like Legal or Compliance. Instead, Chiefs of Staff should take the lead.

Chiefs of Staff are ideally suited for leading and writing company AI policy because they are excellent at managing strategic initiatives and collaborating with cross-functional teams. It’s what we do all day.

While legal and compliance teams should play advisory roles, the CEO’s office is responsible for making the strategic decisions that guide the business. When it comes to AI Policy writing, there’s no one better suited to lead this complex cross-functional project than a Chief of Staff.

I recently hosted a Nova Chat with AI industry experts Lawrence Coburn (Ambient) and Sophie McNaught (Vouch) about AI policy writing. See below for the major takeaways, and visit Nova’s Free Resource Library for access to our AI policy writing materials.

Why the Chief of Staff?

Lawrence Coburn supports the CoS as the ideal leader for these initiatives because the lens through which the AI policy is written significantly impacts its focus.

  • If the general counsel writes the AI policy, they will prioritize risk.

  • If the Chief Compliance Officer writes it, the focus will be on data security and information security.

  • When the CEO, Chief of Staff, and/or Head of Operations takes on this task, the policy becomes more holistic, balancing risk with the historic opportunity presented by AI technology.

Lawrence highlights that while considering controls, safeguards, and ethics is crucial, the biggest risk for companies is not leaning into the AI wave enough.

AI Strategy

Sophie McNaught supports these views, noting that AI policy writing is inherently tied to AI strategy. Unlike typical policies that legal and risk teams handle, AI policies require a focus on business opportunities and strategic thinking. Sophie's perspective underscores that legal and risk teams are not resourced to put the necessary horsepower behind such a comprehensive task. It’s also a significant career opportunity for Chiefs of Staff, allowing them to spearhead a transformative initiative and play a pivotal role in shaping the future.

Embracing AI: The Business Opportunities & Risks

Lawrence Coburn provides an insightful perspective on the opportunity risk, sharing findings from interviews with 350 Chiefs of Staff from companies of all sizes. He notes a stark difference between the approaches of small, resource-stretched startups and larger, market-leading enterprises. Startups, eager to survive and win, are ready to embrace all AI technologies, viewing them as a lifeline. In contrast, larger companies with a strong general counsel and CTO tend to be more conservative, adopting a "wait and see" approach to protect their current market positions.

Lawrence explains that this divide is natural: market leaders are cautious to protect what they have, while smaller companies with less to lose are more willing to take risks. However, he emphasizes that leveraging AI can make companies up to seven times more productive. This creates an uneven playing field where companies that adopt AI gain a significant competitive edge over those that don't.

Sophie McNaught adds that while the level of AI adoption varies by company size and industry, nearly all companies are at least discussing AI in the boardroom. She stresses that regardless of a company's governance process, employees are likely already using AI tools like ChatGPT in their daily tasks. This informal use poses risks if not properly managed with clear guidelines on data handling and privacy.

Sophie highlights several obstacles and risks in adopting AI policies. The first and most obvious obstacle is resistance from the governance team due to the many unknowns associated with AI. Strategic alignment at the executive level is crucial to overcoming this resistance. Companies must develop an internal philosophy that balances risk management with AI adoption.

Data Security

One key area to focus on is data security. Companies need to establish who is responsible for decisions around data security and ensure they have robust processes in place to manage risks. This includes addressing potential reputational issues, recruitment challenges, and vendor management concerns. Companies should start by auditing their current data to understand how it might be exposed when using AI. This audit will help determine which use cases require approval and which can proceed freely.

Statistics to Support AI Integration

  • The adoption of AI in the workplace is not just a future trend but a current reality. According to Microsoft's Work Trend Index:

  • 70% of employees would delegate as much work as possible to AI to lessen their workloads.

  • 64% of people said they struggle with having the time and energy to do their jobs.

  • 3 out of 4 people say they need AI to help with administrative tasks.

  • 85% of leaders want to use AI to assist with employee development.

These statistics underscore the importance of integrating AI thoughtfully and strategically into business operations. Chiefs of Staff, with their unique skill sets and strategic oversight, are ideally positioned to lead this integration, ensuring that AI is leveraged to enhance productivity and drive innovation while effectively managing associated risks.

Tactical and Strategic Steps to Writing an AI Policy for Your Company

Preparation and Initial Steps

  • Understand the Basics: Start with a clear understanding of AI and its implications for your business.

  • Gather Resources: Utilize existing guides and templates, such as the AI policy writing guide from Vouch, which is available in the Nova Free Resources Library.

  • Formulate Internal Principles: Develop internal principles on AI that reflect your company's values and risk tolerance.

Strategic Alignment

  • Conversation with CEO/Business Leader: It's crucial for the Chief of Staff to have a conversation with the CEO or business leader to understand their goals and objectives for AI implementation.

  • Key Questions for Leaders: Ask about primary objectives, alignment with business strategy, specific impact areas, ethical concerns, success criteria, transparency levels, and whether the AI policy should be public or internal.

  • Establish a Philosophy: Create a philosophy that integrates AI into your company’s core strategy while balancing risk management.

  • Executive Sponsorship: Ensure strong support from top executives, ideally the CEO, to underscore the importance of the AI policy.

  • Cross-Functional Team: Set up a cross-functional working group involving key stakeholders from various departments (e.g., security, product, legal, governance).

Data Security Focus

  • Prioritize Data Security: Define your approach to data security, identifying responsible individuals and processes for decision-making.

  • Audit Current Data Usage: Conduct an audit to understand how AI is currently being used and potential exposure risks.

Drafting the Policy

  • Outline Prohibited and Approved Uses: Clearly delineate prohibited uses, accepted uses requiring approval, and permitted uses of AI.

  • Evolve with Changes: Recognize that the AI policy will need to evolve over time, updating it as AI technologies and their applications develop.

Communication and Implementation

  • Employee Communication: Develop a strategy for communicating the AI policy to employees, ensuring clear guidelines and understanding. Most companies already have values, an employee handbook, training, and an L&D team. Use these channels to communicate the AI policy.

  • Utilize Employee Surveys: Conduct employee surveys to gather insights on current AI usage and operational efficiencies.

  • Monitor and Audit AI Tools: Implement regular audits and automated monitoring to ensure AI tools are used appropriately and align with company values.

Continuous Improvement

  • Stay Informed: Keep abreast of developments in AI and continuously refine your AI strategy and policy.

  • Engage with Stakeholders: Regularly engage with stakeholders to gather feedback and make necessary adjustments to the policy. Highlight what employees cannot do, but also communicate the company's AI philosophy. Make it clear that the company is AI-forward and seeks employee feedback. Focus on guiding rather than policing.

Practical Tips

  • Leverage Existing Tools: Identify AI features already integrated into current software and assess their impact on efficiency.

  • Quantify AI Usage: Use surveys to quantify how AI is being used and its benefits, such as time savings and productivity improvements.

By following these steps, Chiefs of Staff can lead their companies in effectively integrating AI, ensuring both strategic alignment and robust risk management.

Learn more about how to harness the power of AI in Nova’s Leverage AI as a Chief of Staff course. Watch the full recording from our AI Policy Writing Nova Chat.

Meet the AI Experts

Sophie McNaught: The AI go-to-market lead at Vouch Insurance. She is a corporate lawyer and insurance advisor adept at navigating the intertwining paths of legal risk, management, and technology. Her niche is offering expert advice on regulatory matters such as AI risk management and data privacy. She is also experienced in helping venture-backed companies fundraise and navigate the complexities of working with Fortune 500 companies.

Lawrence Coburn: The CEO and co-founder of Ambient, an AI assistant purpose-built for Chiefs of Staff and Head Ops roles. Previously, he co-founded Twine, a leader in network software, and DoubleDutch, the market leader for mobile events apps. Lawrence lives in San Francisco, CA.

Maggie Olson
Previous

Nova Founder Maggie Olson on Neurodiversity
Next

Servant Leadership as a Chief of Staff