Responsibility, accountability and impact.
Follows instructions, completes routine tasks under close supervision, and requires guidance. Learns and applies basic skills and knowledge.
Assists and supports others, works under routine supervision, and uses discretion to solve routine problems. Actively learns through training and on-the-job experiences.
Performs varied tasks, including complex and non-routine, using standard methods. Plans and manages own work, exercises discretion, and meets deadlines. Proactively enhances their skills and impact.
Performs diverse complex activities, supports and supervises others, works autonomously under general direction, and contributes expertise to deliver team objectives.
Accountable for achieving workgroup objectives and managing work from analysis to execution and evaluation. Provides authoritative guidance in their field and works under broad direction.
Influences the organisation significantly, makes high-level decisions, shapes policies, demonstrates thought leadership, fosters collaboration, and accepts accountability for strategic initiatives and outcomes.
Determines overall organisational vision and strategy, operates at the highest level, and assumes accountability for overall success.
A. AI governance and assurance: Focuses on defining, operating and overseeing the organisational approach to AI assurance.
AI governance and assurance
View Mappings
Provides governance, risk and assurance oversight for AI systems across their lifecycle, defining expectations and challenging delivery without owning engineering or audit activities.
This role:
- defines governance expectations and decision frameworks
- evaluates risk posture and control adequacy against defined governance expectations
- supports informed decision-making without owning delivery or operations
SFIA 4
Applies defined AI governance controls and contributes to risk and assurance activities, reviewing evidence and outcomes within an agreed scope of responsibility.
Key signals:
- applies established AI governance controls and processes
- reviews design artefacts and operational evidence against defined criteria
- supports risk assessments and assurance activities led by others
- escalates governance and risk issues in line with agreed thresholds
Accountability focus
- Accountable for consistent application of defined AI governance and assurance practices within scope.
SFIA 5
Defines and leads AI governance and assurance activities, overseeing AI risk management and coordinating stakeholders across the AI lifecycle.
Key signals:
- defines governance requirements, control objectives and assurance approaches
- leads governance reviews and assurance activities across multiple AI initiatives
- oversees AI risk assessment and treatment approaches
- coordinates engineering, operational, legal and business stakeholders
- advises decision-makers on governance options, trade-offs and risk exposure
Accountability focus:
- Accountable for the effectiveness and coherence of AI governance and assurance activities within their area of responsibility.
SFIA 6
Sets organisational direction for AI governance and assurance, shaping policy, risk appetite and influencing executive decision-making on AI.
Key signals:
- establishes organisational AI governance frameworks and principles
- shapes AI risk appetite and governance priorities
- influences executive and senior leadership decisions on AI use and investment
- leads governance-by-design and assurance-by-design approaches
- monitors systemic governance issues and emerging AI risks
Accountability focus
- Accountable for organisational confidence in AI governance and assurance arrangements.
SFIA 7
Sets organisational strategy for AI governance and assurance, establishing risk appetite, policy and executive oversight for responsible AI use.
Key signals:
- defines organisational AI governance strategy and risk appetite
- ensures governance arrangements meet regulatory, ethical and societal expectations
- advises the board and executives on AI risk, assurance and accountability
- sponsors independent oversight and assurance where required
- represents organisational AI governance to external stakeholders
Typical titles:
- chief risk officer
- chief compliance officer
- chief ethics or trust officer
B. AI engineering / operations (assurance by design): Focuses on embedding assurance controls directly into the design, build and operation of AI systems.
AI engineering / operations (assurance by design)
View Mappings
Design, build, deploy, operate AI systems in line with defined governance, risk and assurance requirements, taking responsibility for governance-aware engineering and operational practices.
This positions the role as:
- accountable for how systems are built and run
- responsible for embedding governance requirements into design and operation
- not accountable for defining governance policy or risk appetite
SFIA 1
Follows defined procedures when supporting AI engineering or operational activities, working within strict instructions and supervision.
Key signals:
- implicit compliance - follows documented procedures, instructions and runbooks exactly as defined
- reports issues, errors or unexpected behaviour immediately
- does not deviate from defined processes or make independent decisions
SFIA 2
Assists with AI engineering or operational tasks, applying defined procedures and learning how governance and assurance controls are embedded in day-to-day work.
Key signals:
- assists with defined engineering or operational tasks under routine direction
- applies documented standards, checklists and controls with guidance
- learns why governance requirements exist
- produces required records and artefacts for assigned tasks
- raises questions and seeks guidance when procedures are unclear
SFIA 3
Applies agreed AI governance and assurance practices when performing assigned engineering or operational tasks, following defined procedures and escalating issues as required.
Key signals:
- follows documented engineering and operational procedures that embed governance requirements
- applies approved standards, checklists and tools without tailoring or interpretation
- produces required records and artefacts for own tasks as part of normal work
- escalates issues and exceptions to more senior roles in line with defined processes
SFIA 4
Designs, deploys and operates AI systems in line with defined AI governance requirements, within an agreed scope of delivery responsibility.
Key signals:
- follows established governance patterns and constraints
- produces required evidence as part of normal engineering or operational work
- escalates governance issues when thresholds are exceeded
SFIA 5
Leads the application of AI governance-by-design practices within engineering and operational activities, coordinating delivery teams to address AI risks across the system lifecycle.
Key signals:
- interprets governance requirements for delivery contexts
- integrates governance controls into engineering workflows
- supports governance and assurance reviews with credible evidence
SFIA 6
Shapes engineering and operational practices to embed AI governance by design at scale, influencing platform, tooling and delivery approaches to meet organisational governance expectations.
Key signals:
- influences standards, patterns and shared services
- balances delivery objectives with governance constraints
- works with governance and assurance leaders to evolve practicable controls
SFIA 7
Sets organisational expectations for AI engineering / operational practice, ensuring AI systems are designed and operated in line with governance, safety, security and ethical commitments.
Key signals:
- sets executive direction for AI engineering and operational standards
- sponsors governance-by-design and assurance-by-design practices in delivery
- balances innovation, performance and risk at organisational level
- allocates resources to address systemic delivery and operational risks
- accepts accountability for AI system outcomes and impacts
Typical titles:
- chief technology officer
- chief digital officer
- chief data and AI officer
C. AI change enablement (assurance by design): Focuses on making AI governance and assurance work in practice across the organisation.
AI change enablement (assurance by design)
View Mappings
Enables the people, role and organisational changes required to adopt and embed AI-enabled ways of working.
This role:
- analyses how AI affects jobs, skills and ways of working designs
- delivers role-relevant learning to support assurance by design
- enables sustainable adoption without owning AI delivery or governance
SFIA 4
Applies defined change and enablement approaches to support AI adoption within an agreed scope, contributing to workforce, role and learning impacts.
Key signals:
- applies agreed change and adoption methods in AI initiatives
- supports job, task and skill impact analysis
- delivers or supports role-based learning on assurance by design practices
- works with delivery, HR and learning specialists
- escalates adoption and capability risks in line with agreed thresholds
Accountability focus:
- accountable for effective application of AI change and enablement activities within scope.
SFIA 5
Defines and leads AI change enablement activities across functions or programmes, coordinating stakeholders to support consistent adoption and capability uplift.
Key signals:
- defines change and enablement approaches for AI initiatives
- leads analysis of organisational, role and skill impacts
- designs learning approaches aligned to assurance by design expectations
- coordinates learning, communications and adoption activity
- advises leaders on adoption risks and workforce readiness
Accountability focus:
- accountable for the effectiveness and coherence of AI change enablement activities within their area of responsibility.
SFIA 6
Shapes organisational approach to AI change enablement, influencing senior leaders on workforce readiness, organisation design and adoption priorities.
Key signals:
- sets direction for AI-related organisation and workforce change
- aligns AI initiatives with workforce and learning strategies
- influences senior leadership on assurance capability maturity
- sponsors scalable learning and enablement approaches
- monitors systemic adoption challenges and capability gaps
Accountability focus:
- accountable for organisational readiness to adopt and embed AI-enabled ways of working.
D. Independent AI audit and oversight: Focuses on providing objective, independent confidence in AI systems and governance arrangements.
Independent AI audit and oversight
View Mappings
Provide independent, objective assessment and challenge of AI governance, risk management and control effectiveness, offering assurance to senior management and oversight bodies on the adequacy of AI-related controls and practices.
This role:
- is structurally independent of AI delivery and governance ownership
- evaluates whether controls and practices are adequate and effective
- provides independent validation of AI governance, risk and assurance claims across the lifecycle.
- does not design, implement or operate AI systems or governance frameworks
SFIA 4
Performs defined AI audit and assurance activities under direction, reviewing evidence and assessing compliance against established criteria.
Key signals:
- executes planned audit or review activities
- reviews documentation, controls and evidence provided by first and second lines
- reviews AI governance, risk and assurance claims and tests supporting evidence across the lifecycle
- identifies control gaps, weaknesses and non-conformities
- reports findings in line with defined audit standards
Accountability focus
- Accountable for accurate, objective assessment of assigned AI audit activities.
SFIA 5
Leads AI audit and oversight activities within an agreed scope, exercising professional judgement to evaluate control effectiveness and risk exposure.
Key signals:
- plans and conducts AI audits or independent reviews
- evaluates adequacy of governance frameworks, control design and supporting evidence integrity
- provides independent validation of AI governance, risk and assurance claims across the lifecycle.
- assesses consistency between policy, implementation and outcomes
- communicates findings, risk implications and recommendations to stakeholders
Accountability focus
- Accountable for the quality, independence and reliability of AI audit conclusions.
SFIA 6
Sets the approach for independent AI audit and oversight, shaping assurance strategy and influencing executive and board-level understanding of AI risk.
Key signals:
- defines AI audit and oversight strategies and priorities
- determines assurance coverage in line with organisational risk profile
- provides authoritative, independent challenge to senior management and governance bodies
- advises on systemic weaknesses, emerging risks and assurance gaps
- ensures audit independence, scope and reporting align with regulatory expectations
Accountability focus
- Accountable for organisational confidence in the independence and effectiveness of AI audit and oversight.