The Governance Memo — Issue 01 (Friday June 5, 2026)

Thirty-nine percent of digital trust professionals do not know whether their organization has a documented process for shutting down or overriding its AI systems. Fifty-six percent cannot say how long it would take to halt one after a security incident. Both numbers come from ISACA's 2026 AI Pulse Poll, released last month, built on more than 3,400 responses from people in audit, governance, security, and privacy roles. These are not the people who are vague on AI. These are the people closest to it.

Read those two findings next to a third from the same poll. Ninety percent say employees are already using AI inside the organization. Only 22 percent say the return has met expectations.

So the picture is this. AI is everywhere, the payback is thin, and four in ten of the people best positioned to know cannot tell you how to turn it off.

In my experience, the discipline that separated mature security organizations from the rest was never the firewall. It was the runbook. The documented answer to one question: when this fails, who decides, and how fast can we contain it. A system you cannot shut down on demand is not a capability decision. It is an unmanaged risk that has been allowed to keep operating.

Here is the part worth sitting with. In the same poll, 38 percent of organizations now report a formal, comprehensive AI policy, up from 28 percent a year ago. Real progress. But a policy that says "AI will be used responsibly" and a procedure for overriding an agent mid-decision are not the same artifact. One is a statement of intent. The other is a control. Most organizations have been writing the first and skipping the second.

I have argued for years that security done right produces compliance as a by-product, never the reverse. The same holds here. The off switch is the control. The policy is what you get to write once the control exists.

So the question for your next meeting is not "do we have an AI policy." Most of you now do. The question is sharper. If your highest-risk AI system started doing the wrong thing on Monday morning, who turns it off, how, and how fast. If nobody in the room can answer that, the policy is decoration.

1. August 2nd is 58 days away — and it is not the finish line. On August 2, 2026 most of the EU AI Act becomes applicable, including the obligations for high-risk systems listed in Annex III. That is the milestone that matters this year, not full enforcement: high-risk AI built into regulated products has until August 2, 2027, and the prohibited-use ban and AI-literacy duty have applied since February 2025. Top-tier penalties reach 7 percent of global revenue, higher than GDPR ever set. The board action is the inventory: what AI are we running, what does it do, and can we show a regulator we understood the risk before we approved it. Most organizations cannot answer "what AI are we using" any better today than they could answer "what personal data are we collecting" in 2017.

2. Accountability is already pointing at the board. In the ISACA poll, half of respondents in Oceania said boards and executive leadership are ultimately accountable when AI causes harm or serious error. That instinct is not regional. Delaware's Caremark line, reinforced by Marchand and the 2023 McDonald's ruling, already obliges boards to maintain reasonable monitoring of mission-critical operations. When an AI deployment fails publicly, that is exactly the kind of incident that puts directors, not the vendor, in front of the question.

3. Almost nobody enforces disclosure. Only 18 percent of ISACA respondents say their organization requires and enforces disclosure when AI created or substantially changed a piece of work. For a board, undisclosed AI in customer-facing output or in the numbers that feed a filing is not a brand problem. It is a misstatement-and-liability problem waiting for the first dispute.

Everything that has gone live since the last Memo.

Mythos doesn't matter — yet. This is what matters. → (June 3) Anthropic's Mythos preview found ten thousand critical vulnerabilities in a month. None of them are how your enterprise gets breached this quarter. Two days earlier, the Verizon DBIR put vulnerability exploitation ahead of stolen credentials as the number-one way in — 31 percent of breaches. The frontier capability is real, and gated. What is bleeding you now is the unpatched backlog of known bugs and the missing MFA. The board move is to renegotiate the vendor deal before that capability becomes the cheap option, not after.

The Quiet Rehire → (May 20) Boards are approving AI-driven layoffs against a 24 percent task-completion ceiling. Klarna reversed. Commonwealth Bank reversed. Gartner expects half the companies cutting customer service while citing AI to rehire by 2027. The piece lays out the only sequence that survives Delaware, the EU, and the SEC: augment, validate, consolidate, redeploy — each one a governance gate, not a slide title.

What GDPR Taught Us About How the EU AI Act Will Actually Bite → (May 29) The fine is not the story. GDPR's real legacy was forcing organizations to inventory their data and own the accountability they used to outsource. The EU AI Act is the same forcing function for AI, on a faster clock and at a higher ceiling. What the second-order effects looked like in 2018, and what to plan for in the next 58 days.

Also live: Information Security Was Never Just IT's Job. AI Governance Won't Be Either. → (May 15), my 2016 essay on shared responsibility reissued with a 2026 preface — swap "AI governance" for "information security" and it holds word for word. And The Architecture Question → (May 13), the five architectural decisions every enterprise is already making, one of which ends in "what is the kill switch," straight back to the number at the top of this memo.

Reading about oversight and practicing it are different things. The site now has a way to practice. The Governance Game puts you through five governance situations built from real director decisions. Each choice is scored against the three frameworks boards are actually being measured against: NIST AI RMF, ISO 42001, and the EU AI Act. Roughly fifteen minutes. No login. Your answers stay in your browser.

It is the fastest honest read I know of on where your own instincts land before a regulator or a plaintiff's attorney tests them for you. Run it before August 2nd, not after.

Forward this to a director who should be reading it.

— Fredrik