Policy Briefing — March 28, 2024
OMB Memorandum M-24-10 directs U.S. federal agencies to inventory AI use cases, conduct impact assessments, and appoint chief AI officers with quarterly reporting duties.
Executive briefing: The Office of Management and Budget issued Memorandum M-24-10 on March 28, 2024, operationalizing Executive Order 14110 across federal agencies. The policy requires every CFO Act agency to designate a Chief Artificial Intelligence Officer, publish inventories of safety-impacting AI use cases, and implement minimum risk management practices by December 1, 2024. Agencies must also file quarterly reports on compliance progress and document waivers granted for national security or law-enforcement use.
Key directives
- Governance appointments. Agencies must confirm Chief AI Officers, AI governance boards, and AI implementation leads to manage policy compliance and budget integration.
- AI use-case inventory. Safety-impacting and rights-impacting systems require documented assessments, independent evaluation, and public reporting that aligns with the AI Risk Management Framework.
- Testing and oversight. Agencies must implement real-world testing, incident response plans, and shutdown procedures before deploying safety-impacting AI, with annual reviews and Inspector General oversight.
Operational priorities
- Gap analysis. Benchmark existing AI programs against M-24-10 timelines for inventories, assessments, and public transparency deliverables.
- Policy alignment. Update agency-specific AI strategies, privacy impact assessments, and procurement clauses to incorporate OMB risk controls and independent evaluation requirements.
- Reporting cadence. Establish quarterly reporting processes that capture compliance metrics, waivers, incident logs, and mitigation plans for submission to OMB and the public.
Program assurance
- Independent evaluation. Stand up external review panels or cross-functional teams that can certify pre-deployment testing and monitor ongoing AI system performance.
- Records management. Archive AI life-cycle documentation—training data lineage, evaluation artifacts, and incident tickets—to satisfy oversight and FOIA inquiries.
- Workforce readiness. Train acquisition, privacy, and mission owners on the memorandum's obligations, including waiver justification templates and shutdown decision criteria.
Sources
- OMB Memorandum M-24-10 — Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence
- OMB Fact Sheet — Governmentwide Policy to Advance Safe, Secure, and Responsible AI
Zeph Tech is supporting federal programs with M-24-10 compliance playbooks that formalize AI inventories, external evaluations, and public reporting pipelines.