A board's instrument is the question. Directors do not write the code, run the model or sign the supplier contract; they interrogate the people who do. With AI, that instrument has gone quiet. The item reaches the agenda, the executive presents, and the room — unsure which questions would expose a weakness — lets it pass. The problem is rarely a lack of curiosity. It is not knowing what a good answer would even look like.
Most of the question lists in circulation were written for American directors, against American assumptions. They say nothing about the five cross-cutting principles UK regulators apply, nothing about what the ICO expects, and nothing about your duties under section 172 of the Companies Act 2006. The twenty questions below are built for the UK picture. Each one comes with why it matters and what a good answer produces — and a good answer is always an artefact: a register entry, a named owner, a dated policy. Never a reassurance delivered in the room.
Key takeaways
- A good answer to every question here is an artefact — a dated document, a register entry, a named owner — because that is what a regulator, auditor or claimant will ask to see.
- The questions are grounded in obligations that already reach a UK board: the five cross-cutting principles regulators apply, ICO expectations under the UK GDPR, and directors' duties under section 172.
- The ICO's position is that the vast majority of AI use cases involving personal data trigger the legal requirement for a DPIA — so "have we done the impact assessment?" is a compliance question, not a courtesy.
- Question lists imported from the US miss the regimes where a UK board's accountability actually sits; mapping answers to UK law is the point of the exercise, not a refinement of it.
- Do not table all twenty at once. Take one group of four per board meeting, or assign groups to the committee cycle, and require the artefact rather than the verbal update.
Strategy and scope (questions 1–4)
These four establish what you are actually governing and why.
1. Where is AI already in use across the organisation — including the tools nobody asked permission for? You cannot govern what you have not counted, and staff adopt AI tools well ahead of policy. A good answer is a dated inventory of AI systems — bought, built and embedded inside software you already license — with a named owner against every entry. If the answer arrives as an estimate, the inventory does not exist, and that is the first gap to close.
2. What will we use AI for, and what have we decided not to use it for? Adoption without a position statement produces drift: each team makes its own call and the organisation's exposure accumulates unexamined. A good answer is a board-approved AI position, dated and reviewed, naming the use cases pursued and the ones ruled out, with reasons. The exclusions are the test — a strategy with no refusals in it has not been thought through.
3. Who is the named executive owner for AI, and what mandate do they hold? Accountability spread across a working group is accountability nobody holds, and the UK's accountability-and-governance principle assumes a line your board can point to. A good answer is one name, a written mandate, a budget, and a reporting route that reaches the board. A steering committee with no chair is not an answer.
4. Have we weighed our AI decisions against our section 172 duties? Section 172 requires directors to have regard to the long-term consequences of decisions, the interests of employees, relationships with customers and suppliers, and the company's reputation for high standards of conduct. An AI deployment that cuts cost this quarter but degrades fairness or service quality touches several of those factors at once. A good answer is a board paper that records the section 172 factors considered at the point of decision — not a minute reconstructed later.
Risk and regulation (questions 5–8)
These four map your systems to the rules that already reach them.
5. Which rules already bind each of our AI systems? There is no single UK AI Act; governance is principles-based and applied by the regulators you already answer to, with the UK GDPR and the Data Protection Act 2018 binding underneath. A good answer maps each system in the inventory to the regimes that reach it — the ICO in almost every case, sector rules where they apply — as a register column per system: regime, requirement, control.
6. Can we show a control for each of the five UK principles? The five principles — safety, security and robustness; appropriate transparency and explainability; fairness; accountability and governance; contestability and redress — are the lens your regulators apply, and they are deliberately abstract. A good answer is a principle-to-control mapping with a named owner per row, which is the structure we set out in our UK AI governance framework. A policy that restates the principles without naming controls is the gap, not the answer.
7. Do we have EU exposure we have not scoped? The EU AI Act is binding and extraterritorial: it can catch a UK organisation whose AI output is used in the EU, regardless of where the system was built or bought. Its high-risk application dates were pushed back under the 2026 Digital Omnibus to 2 December 2027 and 2 August 2028, though those amendments were still completing the EU legislative process as of late May 2026 — so confirm before relying on them. A good answer is a dated scoping assessment with a trigger to revisit it when the dates settle, not an assumption that Brexit closed the question.
8. Where do we make automated decisions about people, and how does someone contest one? The Data (Use and Access) Act 2025 replaced the old Article 22 with new Articles 22A to 22D, in force since 5 February 2026, keeping the right to human review where decisions are significant. The ICO's updated guidance on automated decision-making remains in draft, with final guidance expected in summer 2026. A good answer is a list of every point where a system decides without a person, the named reviewer behind each, and a documented appeal route — held as provisional until the ICO finalises its position.
Data and suppliers (questions 9–12)
These four follow the data in and the capability you bought.
9. Has every AI system that touches personal data had a DPIA? The ICO's guidance is direct: in the vast majority of cases, the use of AI involves processing likely to result in high risk, which triggers the legal requirement for a DPIA. A good answer is a completed, dated DPIA per system, refreshed on material change — and where you judged no DPIA was needed, a documented record of how you reached that view, because the ICO expects that too.
10. What do our suppliers' models do with our data? Most boards now deploy AI capability they did not build, and the contract is where governance over it starts. A good answer is clauses you can quote — whether your data trains the supplier's models, where it is processed, what happens on exit — recorded in a supplier register entry, with due diligence dated before signature rather than assembled after an incident.
11. What happens when the model changes underneath us? Vendors update models without asking, and behaviour shifts from version to version, which means a control tested in January may not describe the system running in June. A good answer is a notification obligation in the contract, a re-test trigger in your change process, and a log showing the last time a model change was actually re-assessed. If no such log exists, the control exists on paper only.
12. Is the AI itself secure — against AI-specific attacks, not just generic ones? Prompt injection, data poisoning and model extraction are not covered by an ordinary IT security policy. The UK baseline is set by the NCSC's guidelines for secure AI system development, published in November 2023, and DSIT's voluntary AI Cyber Security Code of Practice of January 2025. A good answer is a security assessment that references both, owned by your security lead and dated within the last year.
People and oversight (questions 13–16)
These four test whether humans around the AI are equipped and real.
13. Do staff know what they may and may not do with AI? Unwritten rules produce the shadow usage question 1 uncovered. A good answer is a dated, communicated acceptable-use policy with a named owner — plus evidence that communication happened, such as training completions or attestations. A PDF on the intranet is a policy; it is not a control.
14. What AI training has this board had, and when is the next session? Directors cannot interrogate what they have never been taught, and a single briefing two years ago is not current in a field that moves quarterly. A good answer is a dated record of board-level training with a planned refresh — training built for directors rather than technicians, focused on the questions in this list rather than the mathematics.
15. Where is the human in the loop, and is the review real? A reviewer who approves every output at speed is a rubber stamp, and ICO guidance expects human review of significant decisions to be meaningful. A good answer names the reviewers, records their interventions — accept, modify, reject — and documents their authority to overrule the system. If the override rate is zero, ask why.
16. Which committee owns AI oversight, and how often does it report? AI that belongs to no committee surfaces at board level only after an incident. A good answer is amended terms of reference — audit and risk is the usual home — a standing agenda item, and a reporting cadence written into the annual workplan, all dated. "We discuss it when it comes up" means it does not come up.
Evidence and assurance (questions 17–20)
These four test whether any of the above would survive scrutiny.
17. If the ICO wrote to us tomorrow, what could we produce within a fortnight? Accountability under the UK GDPR means demonstrating compliance, not asserting it. A good answer is an evidence pack that already exists — the inventory, the DPIAs, the policies, the training log, the relevant minutes — rather than one assembled under pressure with the deadline running.
18. Is our AI risk register alive, or annual? A register refreshed once a year is a record that governance once happened, not evidence that it is happening. A good answer is a register updated on triggers — a new system, a model change, an incident, a regulatory shift — with dated entries and named owners. We make the full argument in our piece on the register as living evidence.
19. Has anyone independent tested any of this? Self-assessment drifts optimistic, and the external pressure is rising: for premium-listed companies, Provision 29 of the FRC's 2024 Corporate Governance Code asks boards to declare on the effectiveness of material internal controls for financial years beginning on or after 1 January 2026 — and if AI runs a material process, its controls belong in that conversation. A good answer is an internal-audit review or external assessment on a dated plan; and where you are working towards ISO/IEC 42001, a route to UKAS-accredited certification rather than a consultant's certificate.
20. Do we know our score today — and what it should be in six months? A board cannot govern improvement without a baseline, and "we are making progress" is not a measurement. A good answer is a dated baseline the whole board has seen, a target, and a re-score date in the diary. Our free Board AI Scorecard produces that baseline in about two minutes, across the same five areas as this list — score yourselves before you put the questions to the executive.
How to use the twenty
Do not table all twenty at one meeting. The answers will be thin, the executive will feel ambushed, and the exercise will be quietly dropped. Two patterns work. The first is four questions — one group — per board meeting, completing a full pass across five meetings, then repeating annually. The second is to assign groups to the committee cycle: audit and risk takes risk and regulation plus evidence and assurance; the people or nominations committee takes people and oversight; the main board keeps strategy and scope.
Whichever rhythm you choose, hold the standard that runs through every question above: the answer is an artefact, not an assurance. Each question names the document a good answer produces — ask for the document. Where the artefacts do not exist, that is not a failure of the meeting; it is the work plan. A structured diagnostic (ours start from £3,950) turns that list of gaps into a sequenced programme with owners and dates.
The discipline here is not the questions themselves — any board can read a list aloud. It is refusing to accept an answer that cannot be shown. That is the standard a regulator will apply, it is the standard an auditor will apply, and it is a standard your board can adopt at its next meeting without waiting for anyone's permission.
Last reviewed: 12 June 2026.
If your board wants to know where it stands before putting these questions to the executive, score yourselves first — it takes two minutes — then see how board-level training and a structured diagnostic turn the gaps into a plan.
