Establishes policy for North Dakota's AI use to ensure safety, privacy, and ethical standards. Requires AI reliability, transparency, and accountability. Mandates risk management, privacy assessments, and compliance with legal frameworks. Directs NDIT to provide training and evaluate new AI technologies.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding internal government policy with mandatory compliance requirements, enforcement mechanisms, and clear accountability structures for North Dakota executive branch agencies.
The document has good coverage of approximately 8-10 subdomains, with strong focus on privacy compromise (2.1), AI system security (2.2), false information (3.1), lack of robustness (7.3), and lack of transparency (7.4). Coverage is concentrated in privacy/security, misinformation risks, and AI system safety domains. The policy addresses operational risks and governance but does not extensively cover malicious actor scenarios, socioeconomic impacts, or advanced AI safety concerns.
This is an internal government policy that primarily governs AI use within the Public Administration sector. It applies to North Dakota executive branch state agencies and the University Systems Office, covering government operations and public services. The policy does not regulate private sector activities or other economic sectors.
The document covers multiple AI lifecycle stages with primary focus on Deploy and Operate and Monitor stages. It addresses planning through risk assessment requirements, verification through validation and testing requirements, deployment through approval processes, and ongoing monitoring through regular assessments. The Build and Use Model stage receives minimal coverage, while data collection is not substantially addressed.
The document explicitly mentions AI, Machine Learning, Large Language Models, Deep Learning, and Generative AI with definitions provided. It does not mention frontier AI, general purpose AI, task-specific AI, foundation models, predictive AI, open-weight models, or compute thresholds. The focus is on generative AI tools and general AI/ML technologies used in government operations.
North Dakota Chief Information Officer (CIO); North Dakota Chief Information Security Officer (CISO); North Dakota Information Technology (NDIT); Governance Review Team
The document is proposed and created by North Dakota state government IT leadership. The CIO directs IT policy creation under North Dakota Century Code Chapter 54-59-09, and the CISO directs security and privacy policy creation. The Governance Review Team is responsible for policy review and updates.
North Dakota Information Technology (NDIT); NDIT Security Governance, Risk, and Compliance team; Entity leadership
NDIT and specifically its Security Governance, Risk, and Compliance team are responsible for enforcement. They receive non-compliance reports and address them with Entity leadership. NDIT also manages the exception process and maintains oversight of AI technology approvals.
North Dakota Information Technology (NDIT); NDIT Security Governance, Risk, and Compliance team; Governance Review Team; Business Owners; Data Owners
NDIT monitors compliance through its Security Governance, Risk, and Compliance team and maintains an AI technology inventory. The Governance Review Team conducts routine reviews and updates. Business and data owners are responsible for monitoring their specific AI implementations and conducting regular assessments.
North Dakota executive branch state agencies; University Systems Office; Entity leadership; Business Owners; Data Owners; Data Stewards; Team members; Users
The policy applies to all North Dakota executive branch state agencies including the University Systems Office. It targets various roles within these entities including business owners, data owners, data stewards, team members, and users who deploy or use AI technologies in government operations.
8 subdomains (5 Good, 3 Minimal)