Guide on Departmental AI Responsibilities

Functions of departmental chief data officers and chief information officers

Successful AI implementation requires a multidisciplinary approach, bringing together technology, data, policy and subject matter expertise. Because of their role in data analytics and data science, including AI, departmental chief data officers (CDOs) should have a lead function in AI adoption and departmental AI governance and policy.

The Directive on Service and Digital states that CIOs are responsible for the strategic management of IT, information and data. This guide does not alter or replace that policy but reinforces the importance of the departmental CDO and their involvement in responsible AI deployment. Where a department does not have a CDO, this guidance applies to the official responsible for the management of the department’s data governance and analysis or digital enablement.

Departments should seek to develop their own AI strategies to guide their direction for AI adoption and management. These strategies must align with GC direction and outline a vision to transform their departments into AI-enabled organizations where employees are empowered to leverage AI responsibly to generate insights, drive operational efficiency, and improve programs and services.

Business opportunities and return on investment

Before implementing AI, departments should ensure that AI is the right tool to meet their needs. Departmental CDOs can help policy, program and service delivery experts identify opportunities where AI would be an appropriate technology to meet business needs and ensure that all preconditions for success can be met.

Opportunities for AI adoption must:

• clearly provide business value, generating improvements to departmental efficiency, effectiveness and/or productivity
• be feasible
• be assessed for scalability

The performance of implemented AI solutions should be measured throughout their life cycles.

Maturity

Departments considering AI adoption will be at differing levels of data, technological and policy maturity. Before beginning a project, departments considering AI projects should review their existing departmental data governance and assets and consult their departmental CDO on the department’s data maturity.

Relevant data assets will need to be well organized and of good quality for use with AI solutions. Where appropriate, AI tools can responsibly support data maturity by generating synthetic data to augment datasets, ensuring privacy and diversity without compromising sensitive information. They can also enhance data quality through:

• automated cleaning processes
• detecting anomalies that fall outside acceptable ranges
• identifying and correcting errors to maintain data integrity

Additionally, AI-driven insights can help facilitate better decision-making, enabling organizations to leverage their data assets more effectively.

Where data maturity is not sufficient for AI, departments should consider leveraging tools that are less demanding of data, such as robotic process automation, until the conditions for AI are in place.

Governance and risk management

Poorly governed AI can amplify risks to fairness, equity, privacy, security and legal compliance, leading to biased results and reputational harm.

Before adopting AI, departments should familiarize themselves with the Directive on Automated Decision-Making and the Guide on the Use of Generative AI to understand the risks involved and ensure the responsible use of AI solutions. They must also review privacy and security policies and consult departmental CDOs and privacy, security, legal, data ethics and equity teams to determine what assessments and mitigations are required.

Considerations and the degree of consultation needed will vary according to the AI tool or use case. In general, a high-risk, high-impact project, such as predictive modelling using personal information, will require significant consultation through the project life cycle with the departmental CDO and with privacy and security teams.

Departments should implement robust tracking, assessment and monitoring processes to advance promising AI use cases to maximize AI’s benefits across the policy service continuum.

Departments should commit to responsible and ethical AI development that reflects the diverse experiences and needs of their clients, stakeholders and workforce. Using a human-centric approach to developing AI initiatives:

• ensures fairness, inclusivity and transparency
• helps ensure that underserved populations are not adversely impacted

Strong AI governance builds in the guardrails that ensure that AI decisions provide consideration for essential elements, including human rights, privacy, ethics, security and the use of trusted data, while aligning with departmental priorities.

Capacity

Departments will need to attract, develop and retain or re-skill employees with specific skills for successful AI adoption. Although the skills needed will vary depending on whether AI is developed in-house or outsourced, they may include:

• technical skills such as programming, modelling, data management and data science and analytics
• complementary non-technical skills such as service delivery, project design, management, ethics and procurement

To ensure success, departments should not invest in technology unless they have the capacity needed to understand, develop and maintain the project. Until then, departments should prioritize capacity-building and employee upskilling while making use of free and low-cost tools such as online generative AI tools to experiment following a risk-based approach.

As a first step, departments should look to the GC’s 2024 Application Hosting Strategy to support these efforts. The Canada School of Public Service, departments and third-party providers also offer courses, communities of practice and events on AI that can help develop AI literacy.

It is also important to consider the department’s capacity to integrate AI solutions into their greater enterprise IT architecture. Departments should align with the Government of Canada Enterprise Architecture Framework to ensure that their digital initiatives are consistent with enterprise architectures across business, information, application, technology and security domains.

AI should not be regarded as a means to replace employees. Instead, departments should evaluate AI tools and solutions for their potential to enable employees, departments and Canadians to do more, faster and better, and to free employees to undertake the kind of challenging, complex and creative tasks at which humans excel. Over time, some of these repetitive tasks will be replaced by higher-value work, which will require changes to GC business models and how the GC’s workforce operates.

Infrastructure

Issues such as legacy systems and vendor lock-in can impede AI integration by limiting system interoperability, data access or modifications. Departments that have aging infrastructure will need to assess whether AI tools can be integrated into existing systems without excessive costs, workarounds or system destabilization. Should integration prove too costly or complex, departments could consider software as a service (SaaS) solutions that require minimal system integration until their infrastructure has been modernized but must ensure that these meet any requirements for security, privacy and data sovereignty.