AI Governance Institute logo
AI Governance Institute

Practical Governance for Enterprise AI

← All news

Topic

Google

Google is a major technology company that develops AI systems, cloud infrastructure, and enterprise tools relevant to AI governance and compliance. As a creator of large language models like Gemini and a provider of AI services through Google Cloud, Google's practices, policies, and product offerings significantly influence how organizations implement responsible AI governance. Understanding Google's approach to AI safety, data privacy, and regulatory compliance is important for enterprises evaluating AI platforms and governance frameworks.

3 items

ResearchGlobal2026-05-06

AI Governance Gaps Persist Across Global Enterprises, Cloud Security Alliance and Google Find

The Cloud Security Alliance, commissioned by Google, released 'The State of AI Security and Governance,' a data-driven research report examining how enterprises are adopting generative and agentic AI. The report documents significant gaps in AI governance maturity, security integration practices, and data exposure controls across global organizations. It also finds that multi-model AI strategies are concentrated among a small number of providers, and that security teams are among the earliest enterprise adopters of AI in cybersecurity workflows.

Cloud Security AllianceGoogleAI governanceAI securityenterprise riskdata exposuregenerative AIagentic AIrisk managementtransparency
Corporate PolicyUS2026-05-01

Frontier Model Forum Launched by Anthropic, Google, Microsoft, and OpenAI to Set AI Safety Standards

Anthropic, Google, Microsoft, and OpenAI have jointly established the Frontier Model Forum, an industry body dedicated to advancing safety and responsibility in the development of frontier AI models. The forum will focus on producing technical evaluations, safety benchmarks, and shared best practices drawn from member expertise. Its formation follows voluntary AI safety commitments announced by the White House, which were signed by seven major technology companies including Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI. For enterprise compliance teams, the forum signals a growing industry-led standard-setting process that may shape expectations around model evaluation, documentation, and risk disclosure ahead of formal regulatory requirements. Organizations deploying or procuring frontier models should monitor outputs from the forum, as its benchmarks and best practices could be adopted as reference points by regulators and auditors. The voluntary commitment framework also represents a precedent for government-industry coordination on AI safety obligations.

AnthropicGoogleMicrosoftOpenAIMetaAmazonFrontier Model ForumUnited StatesAI safety standardsindustry self-regulationmodel evaluationrisk managementvoluntary commitments
ResearchUS2026-04-19

82% of Top 100 GenAI SaaS Tools Rated Medium to Critical Risk as Employees Routinely Enter Sensitive Data, Cyberhaven Labs Finds

Cyberhaven Labs released its 2026 AI Adoption and Risk Report on February 5, 2026, drawing on analysis of billions of real-world data movements across generative AI SaaS platforms, endpoint AI applications, and AI agents used in enterprise environments. The report finds that 82% of the top 100 GenAI SaaS tools are classified as medium to critical risk, and that employees are entering sensitive data into AI tools on average once every three days. A significant shadow IT dimension is documented: 32.3% of ChatGPT usage and 24.9% of Gemini usage occurs through personal accounts rather than corporate-managed accounts, placing that activity outside enterprise data governance controls. For compliance teams, the findings underscore a structural gap between the pace of AI adoption and the maturity of data loss prevention, acceptable use policies, and third-party risk management programs. Organizations lacking visibility into AI tool usage at the endpoint level may face exposure under data protection obligations in multiple jurisdictions, including the EU AI Act, various US state privacy laws, and sector-specific regulations governing sensitive data handling.

CyberhavenChatGPTGeminiOpenAIGoogleEU AI ActEUUnited Statesshadow ITdata governancedata loss preventionthird-party risk managementtransparencyenterprise AI risk