Policy Briefing — OMB Issues M-24-10 AI Risk Management Guidance

Executive briefing: The Office of Management and Budget issued Memorandum M-24-10 on 19 March 2024, setting governance expectations for federal AI systems that also influence vendors serving public-sector customers.

Key updates

• AI inventories. Agencies must maintain system-level AI inventories, categorize use cases by risk, and publish public dashboards.
• Safety guardrails. Mandatory impact assessments, independent evaluation, and human oversight are required for safety-impacting AI applications.
• Vendor obligations. Contractors supplying AI to agencies must provide documentation covering training data provenance, testing, and governance processes.

Implementation guidance

• Align federal account teams and product managers on documentation packages needed to support agency AI inventories.
• Embed AI risk management controls (model cards, evaluation pipelines, human-in-the-loop workflows) into public-sector product roadmaps.
• Update compliance roadmaps to meet the December 2024 dashboard deadline and annual reporting cycles.

Related briefings

Curated signals from the same pillar or overlapping topics.

Governance · Credibility 40/100 · August 19, 2025

Governance Briefing — August 19, 2025

Colorado’s AI Act takes effect on 1 February 2026, leaving high-risk deployers five months to finalize impact assessments, risk management policies, and consumer disclosure workflows.

Governance · Credibility 40/100 · September 5, 2024

Governance Briefing — September 5, 2024

Chile’s Financial Market Commission issued General Rule 501, modernising issuer disclosures with mandatory governance reporting on sustainability oversight and risk management.

Governance · Credibility 40/100 · April 4, 2023

Governance Briefing — April 4, 2023

Singapore’s refreshed 2023 Code of Governance raises expectations on board independence, risk management, fundraising transparency, and data protection under a tiered comply-or-explain regime starting in FY2024.

Governance · Credibility 40/100 · March 29, 2023

Governance Briefing — UK publishes pro-innovation AI regulation white paper

The UK government released its AI regulation white paper on 29 March 2023, proposing a context-specific framework driven by five cross-sector principles enforced by existing regulators rather than a new AI law.

Governance · Credibility 40/100 · April 1, 2025

Governance Briefing — April 1, 2025

US federal agencies face the first annual AI governance checkpoint under OMB M-24-10, requiring chief AI officer dashboards, risk reviews, and inventory publication.

Continue in the Governance pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Public-Sector Governance Alignment Playbook — Zeph Tech

  Align OMB Circular A-123, GAO Green Book, OMB M-24-10 AI guidance, EU public sector directives, and UK Orange Book with digital accountability, risk management, and service…

• Third-Party Governance Control Blueprint — Zeph Tech

  Deliver OCC, Federal Reserve, PRA, EBA, DORA, MAS, and OSFI third-party governance requirements through board reporting, lifecycle controls, and resilience evidence.

• Governance, Risk, and Oversight Playbook — Zeph Tech

  Operationalise board-level governance, risk oversight, and resilience reporting aligned with Basel Committee principles, ECB supervisory expectations, U.S. SR 21-3, and OCC…