Roles and Responsibilities

Purpose

This document defines and communicates the roles, responsibilities, and authorities for the effective implementation, maintenance, and continual improvement of the AI Management System (AIMS) in alignment with ISO/IEC 42001:2023.

Scope

This responsibility structure applies across all departments involved in the development, deployment, governance, and operation of AI systems at Rygen, including AI capabilities embedded in the Transportation Management System (TMS), the Integration Platform (IPaaS), and internal support tools.

Top-Level Responsibility and Oversight

Principal AI Engineer – Owner of the AIMS

The Principal AI Engineer is accountable for the establishment, implementation, maintenance, and continual improvement of the AIMS. This role is responsible for ensuring that AI systems at Rygen are developed and deployed in accordance with the principles of ethical, transparent, and trustworthy AI as outlined in ISO 42001. Responsibilities include:

  • Defining and managing the AI governance framework.
  • Conducting risk and impact assessments for AI features.
  • Overseeing the implementation of bias mitigation, explainability, and data accountability practices.
  • Ensuring ISO 42001 documentation and records are maintained.
  • Leading periodic reviews of the AIMS for improvement opportunities.
  • Coordinating with product and infrastructure teams to embed compliance into development workflows.

Chief Technology Officer (CTO) – Executive Sponsor of the AIMS

The CTO acts as the executive sponsor and internal champion of the AIMS initiative. All AIMS performance and progress are reported to the CTO. Responsibilities include:

  • Providing strategic oversight and support for the implementation and enforcement of the AIMS.
  • Allocating resources for AI governance, infrastructure, and compliance.
  • Acting as the escalation point for AIMS-related concerns or incidents.
  • Approving major AI policy decisions and risk mitigation plans.
  • Representing AI governance efforts to the Board and external stakeholders, if needed.

Cross-Functional Roles and Responsibilities

Team Leads

All technical team leads (including development, DevOps, and data teams) are responsible for ensuring that their teams operate in compliance with the AIMS. This includes:

  • Ensuring their teams understand and apply AIMS policies and procedures (training, documentation, reviews).
  • Facilitating regular compliance checks and contributing to internal audits.
  • Reporting performance, risk indicators, and incidents related to AI systems to the Principal AI Engineer.
  • Supporting model documentation, risk assessments, and feedback loops during development and operations.
  • Participating in the AIMS review process and continuous improvement initiatives.

AI Governance Committee

The Principal AI Engineer will initiate the formation of an AI Governance Committee, which will include:

  • The CTO (advisor)
  • The Principal AI Engineer (Chair)
  • Director of Data Platform
  • Software engineering team leads
  • DevOps lead
  • Lead Product Managers

This committee will:

  • Approve AI governance policies and frameworks.
  • Review major AI systems for alignment with ethical and regulatory expectations.
  • Review incident reports and audit findings.
  • Advise on long-term AI governance strategy and compliance roadmap.

Delegated Authorities

To ensure agility and effectiveness in AI initiatives:

AI/ML Team (under the Principal AI Engineer)

Authorized to:

  • Define and update model development, evaluation, and validation protocols.
  • Propose updates to AIMS documentation and policies based on emerging practices or findings.
  • Recommend changes to AI features or workflows based on bias monitoring, risk assessments, or performance anomalies.
  • Lead experimentation with new AI techniques and validate their alignment with Rygen’s AI governance principles.

Product Teams

Responsible for:

  • Incorporating human-in-the-loop mechanisms in AI-powered features to ensure override capability and safe fallback.
  • Documenting intended use cases, assumptions, and expected outcomes for any AI or ML-enhanced features.
  • Collaborating with the AI/ML team to ensure AI decisions are explainable and auditable from the product interface.

Software Engineering Teams

Responsible for:

  • Implementing AIMS-aligned development practices in the codebase, including required logging, explainability hooks, and feedback mechanisms.
  • Ensuring software modules interfacing with AI components comply with AI governance controls (e.g., consent tracking, confidence thresholds, user override support).
  • Supporting integration of AI-driven features in accordance with validation and risk mitigation protocols defined by the AI/ML team.
  • Participating in peer reviews and technical audits for AI-related feature development and infrastructure changes.

Operational Systems Team

Responsible for:

  • Implementing and maintaining infrastructure for monitoring, logging, and audit trails of AI model behavior and decisions.
  • Ensuring the deployment stack supports traceability, version control, and rollback of AI models and associated pipelines.
  • Managing data pipeline integrity and model-serving environments in a secure, reproducible, and governed manner.
  • Collaborating with the AI/ML team to automate drift detection, error handling, and resource optimization for AI workloads.

Reporting Structure

  • Monthly AIMS Status Reports will be submitted by the Principal AI Engineer to the CTO, summarizing:

    • Progress on AIMS milestones (e.g., ISO 42001 controls, documentation, risk assessments).
    • Any non-conformities, incidents, or stakeholder concerns.
    • Audit preparation and outcomes.
    • Training and awareness progress.
    • Recommendations for resource or process changes.

  • Quarterly Governance Reviews will be held with the AI Governance Committee to (reference sibling effort: Quarterly Infrastructure Review):

    • Review performance and incident data.
    • Validate continued ISO 42001 alignment.
    • Approve updates to policies or risk mitigation strategies.

Communication and Awareness

All personnel involved with AI systems (developers, analysts, QA, support) will be informed of their responsibilities through:

  • AIMS onboarding documentation and checklists.
  • Internal training on responsible AI and ISO 42001 principles.
  • Inclusion of AIMS-related steps in development lifecycle (e.g., during design reviews).

Continuous Improvement

All teams are expected to contribute to the continual improvement of the AIMS by:

  • Reporting issues, risks, or improvement opportunities.
  • Participating in retrospectives and governance debriefs.
  • Collaborating across teams to refine compliance workflows and tooling.

Revision History

VersionDateAuthorSummary of Change
1.02025-06-05Field BradleyInitial draft.
1.12025-09-02Field BradleyMigrated to markdown and gitlab