Board Governance
AI Readiness Diagnostic for Boards
Most Irish boards are treating AI as an IT matter. That is not a governance failure by management — it is a governance failure at board level. This diagnostic assesses where the board actually stands.
Request the diagnosticTL;DR
A board AI readiness diagnostic assesses whether the board has the literacy, the governance structures, and the oversight mechanisms to govern AI effectively. For most Irish boards, the answer is that literacy is low, governance structures are absent, and AI is being managed as an IT matter rather than a board governance matter. The diagnostic identifies what needs to change.
What board AI readiness means in practice
Board AI readiness is not about directors becoming AI experts. It is about the board having sufficient literacy to govern AI risk, and sufficient governance structures to exercise oversight effectively. These are governance questions, not technology questions — and they sit squarely within the board's existing remit.
The current picture in most Irish boardrooms is not encouraging. AI literacy among non-executive directors is low. Few boards have modified their governance structures to address AI risk explicitly — most are relying on existing risk committee structures that were designed for a different risk landscape. Management AI risk reporting is often absent or inadequate. And EU AI Act obligations at board level are largely unknown, even as the enforcement deadline approaches.
The diagnostic assesses the board against four dimensions and produces a written report with prioritised recommendations. It is not an executive education programme — it is an honest assessment of where the board stands and what needs to change to meet the governance standard the situation requires.
The four dimensions of board AI readiness
Director AI literacy
Do board members understand AI well enough to evaluate management's AI decisions, ask substantive challenge questions, and identify when AI risk is being managed inadequately? Literacy is the precondition for governance.
Governance structures
Has the board established AI oversight mechanisms — in board charters, committee terms of reference, reporting requirements, and policy approval processes? Most boards have not.
Oversight mechanisms
Is the board receiving adequate AI risk reporting from management? Does it have the capability to evaluate what it receives? Are there clear accountability assignments for AI governance at executive and board level?
EU AI Act compliance posture
Does the board understand its obligations under the EU AI Act as the governing body of a deployer organisation? Has it received a report on the organisation's AI systems inventory and compliance gap assessment?
EU AI Act obligations at board level
The EU AI Act places obligations on organisations as deployers of AI systems. Those obligations do not sit with the technology function — they sit with the organisation, which means they sit with the board. The board is accountable for ensuring the organisation meets its legal obligations. An AI Act compliance failure is a governance failure, and it will be treated as one by regulators.
For high-risk AI systems, the Act requires that deploying organisations conduct conformity assessments, implement human oversight measures, maintain logs, and report incidents. These are not IT tasks — they are organisational obligations that require board-level awareness, appropriate resourcing, and accountability structures.
The August 2026 enforcement deadline is twelve months away. Boards that have not yet received a report on their organisation's AI systems inventory and compliance position are behind. The diagnostic provides that report at board level — in language designed for non-technical directors, not IT governance documentation.
Why Acuity AI Advisory
Ger Perdisatt, who leads all Acuity AI Advisory engagements, is a non-executive director at DAA and Tailte Éireann — and has direct experience of what AI governance looks like from inside a boardroom. The diagnostic is informed by that board-level perspective: what boards actually need to know, what good AI risk reporting looks like, and what governance structures are proportionate and workable.
The diagnostic is also informed by Ger's background as former COO of Microsoft Western Europe — operational experience of AI deployment at scale that translates directly into board-level risk understanding. The findings will not be dressed up. If the board is not ready, the report will say so clearly and specify what needs to change.
Acuity AI Advisory is vendor-neutral and fixed-fee. The diagnostic output is not a platform for a subsequent governance software sale or a retainer engagement. It is a written report that the board can act on directly.
Questions
Common questions
What is a board AI readiness diagnostic?
A board AI readiness diagnostic assesses whether the board has the literacy, the governance structures, and the oversight mechanisms to govern AI effectively. It examines four dimensions: director AI literacy — do board members understand AI well enough to ask the right questions and evaluate management's AI decisions; governance structures — has the board established the oversight mechanisms required for AI risk; board risk posture — does the board understand the organisation's AI risk exposure; and EU AI Act obligations — does the board understand its accountability under the Act and has it taken the steps the Act requires. The output is a written report with prioritised recommendations.
How prepared are Irish boards for AI governance?
Most Irish boards are not well prepared. AI literacy among directors is low — most boards include few or no directors with direct AI experience. Governance structures for AI oversight are absent from most board charters and committee terms of reference. Risk committees are treating AI as a technology risk rather than a governance matter. And EU AI Act obligations at board level — which are real and specific — are largely unknown. The diagnostic assesses where the board sits honestly against these dimensions, without softening the findings.
What should the board do before the company deploys AI?
Before authorising significant AI deployment, a board should satisfy itself on four questions: Has management produced a comprehensive inventory of AI already in use across the organisation? Has the organisation assessed its EU AI Act obligations as a deployer and identified compliance gaps? Are there governance structures — policies, oversight mechanisms, accountability assignments — sufficient to manage AI risk? And is there a board-level understanding of the specific risks the organisation's AI use creates, including operational risk, reputational risk, and regulatory risk? A board that cannot answer yes to all four is not in a position to govern AI effectively — regardless of what management is telling it.
Related