What is responsibility mapping in AI governance?
Responsibility mapping assigns specific governance roles to specific people for each AI system: who registers the system, who completes the technical intake, who runs the screening, who reviews the result, who approves the decision, and who is responsible when conditions change.
It transforms generic organisational accountability ("the compliance team handles it") into per-system, per-step, named responsibility. Without responsibility mapping, governance actions have no clear owner and audit trails have no attribution.
Key points
- Responsibility is mapped per system and per governance step. The same person may own multiple systems, but each system must have a named owner for each step.
- The mapping must distinguish between the person who performs the work and the person who approves it. Separation of duties is a governance requirement.
- Responsibility mapping must be documented in the governance record, not assumed from the org chart.
- When personnel change, responsibility must be formally reassigned. An AI system whose owner has left without handover has a governance gap.
Why it matters
The most common governance failure in enterprise AI is not lack of process — it is unclear ownership. Multiple teams assume someone else is responsible. When an audit reveals a gap, no individual can be identified as accountable. Responsibility mapping prevents this by making ownership explicit, documented, and visible in the governance record.
How EAB approaches this
EAB maps responsibility through its role structure: Business Operators provide context, AI System Owners manage technical details, Supervisors review and approve, Auditors verify. Each AI system in the Registry has assigned owners. The Enterprise Governance layer provides portfolio-level visibility into responsibility distribution.