As AI adoption surges across the public sector, many agencies are facing a growing governance gap. This article outlines the risks of inaction and practical steps leaders can take to regain control.
AI is already inside your organization. The question is whether you are in control of it, or it is in control of you.
At the recent InnoTech Austin conference, I had the privilege of moderating a panel titled "No Policy, No Control: Why IT Leaders Must Act on AI Governance Now." I shared the stage with three exceptional technology leaders from the State of Texas: Tanya Acevedo, Chief Information Officer for CapMetro; Jessica Iselt Ballew, Chief Information Technology Officer for the Texas Department of Public Safety (DPS); and Rafael Pimentel Pinto, Chief Information Officer for the Texas State Board of Pharmacy.
We discussed the governance gap that most organizations are quietly ignoring. AI tools are being adopted faster than policies are being written, faster than risks are being assessed, and faster than leaders are being held accountable. This is not a technology problem. It is a leadership priority.
When I asked the audience if they had full visibility into all AI usage within their organizations, not a single hand went up. This is the reality we face.
Rafael Pimentel Pinto highlighted that shadow IT has evolved into shadow AI. Employees have access to powerful AI tools on their mobile devices and are bringing them into the workplace. They are taking pictures, uploading data, and experimenting without oversight. Establishing policies is one thing, but enforcing them without the right tools is incredibly complicated.
Tanya Acevedo shared a pivotal moment when AI governance became urgent for CapMetro. During an executive meeting, discussions about AI use cases at other state agencies prompted the realization that CapMetro needed to get ahead of the curve with policy and governance. Implementing a tool to monitor and inventory AI usage was eye-opening, revealing a much larger footprint than anticipated.
Innovation is essential, but it must be balanced with appropriate guardrails. Jessica Iselt Ballew detailed how DPS navigates this tension through their Public Safety Solutions Center. This lab environment allows them to partner with vendors and other agencies to creatively solve problems and test solutions before full-scale deployment.
Their approach—proof it, pilot it, and then propagate it—ensures that operational viability and return on investment are validated. By starting with small pilot groups, they can manage change effectively, identify necessary adjustments, and mitigate risks before a broader rollout.
The consensus among the panelists was clear: ignoring AI governance is not an option. Tanya Acevedo warned that organizations failing to act will struggle, fall behind, and potentially face embarrassing security breaches involving unauthorized AI tools.
Jessica Iselt Ballew emphasized that attempting to ban AI entirely is futile; it will still be used. The only viable path is to plan for its use in a controlled environment, supported by the right tools and expertise.
Rafael Pimentel Pinto added that the lack of governance could lead to uncomfortable public hearings and legal implications, given the stringent regulations surrounding data privacy.
For organizations that have yet to start their AI governance journey, the panelists offered actionable advice for the next 90 days:
At Darwin AI, we are focused on helping public sector teams bring clarity and control to AI adoption. We understand the complexities of government operations and are committed to providing the tools necessary to govern AI responsibly.
The conversation at InnoTech Austin reinforced that AI governance is a team sport. It requires collaboration, clear policies, and the technical controls to enforce them. The time to act is now.
If you'd like to learn more, about Darwin's solutions and how it can benefit your agency, you can book a time to connect with Kelli.
.png)
.svg)