Literature Review of Artificial Intelligence Security Governance Frameworks: Risk Management Strategies for Regulated Industries Including Healthcare, Financial Services, and Gaming
College of Business, University of Texas Permian Basin, Odessa. TEXAS 79765. USA.
Review Article
World Journal of Advanced Research and Reviews, 2023, 18(02), 1503-1522
Publication history:
Received on 03 April 2023; revised on 23 May 2023; accepted on 28 May 2023
Abstract:
The fast development of artificial intelligence in the regulated sphere has generated an intricate and dynamic security governance environment that the current regulatory framework did not intend to tackle in all its aspects. This literature review is a systematic review of AI security governance frameworks in three highly regulated areas, namely healthcare, financial services, and gaming. In a PRISMA-conformant approach, we compiled 16 peer-reviewed articles out of an original sample of 48 Scopus documents, complemented with regulatory documents, industry report, and data on expert surveys (n=124 cybersecurity professionals). Cohen-based kappa (κ = 0.88) was used to determine the inter-rater reliability and it was found to be very high. The review assesses the NIST AI Risk Management Framework, the ISO/IEC 42001, and the EU AI Act on eight dimensions of governance. This indicates that financial services are the most mature area of governance (compliance score: 87/100 by 2023), whereas the gaming industry has the lowest level of audit of algorithmic bias, explainability, and compliance of cross-border data. The case of healthcare is full of paradoxes of good regulatory intent and poor execution. There are five important areas of governance that need to be addressed as a matter of urgency, which include AI model explainability, standards of adversarial robustness, supply chain AI risk management, cross-sector incident sharing, and adaptive regulatory sandboxing.
Keywords:
Artificial Intelligence Security; Ai Governance Frameworks; Healthcare Ai Risk; Financial Services Ai Regulation; Gaming Ai Compliance; Nist Ai RMF; Iso/IEC 42001; Eu Ai Act; Cybersecurity Governance; Risk Management
Full text article in PDF:
Copyright information:
Copyright © 2023 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0