20 FAM 300
Artificial Intelligence (AI)
20 FAM 301
INTRODUCTION TO AI
20 FAM 301.1
Scope and Business Drivers (AI)
(CT:DATA-13; 02-20-2025)
(Office of Origin: M/SS/CFA)
20 FAM 301.1-1 Scope (AI)
(CT:DATA-13; 02-20-2025)
a. This chapter covers Department policies to help the Department inventory and scale the use of Artificial Intelligence (AI) to support and inform the Department's mission and operations.
b. Additionally, this chapter is meant to ensure that all Department use of AI applications comply with applicable laws, regulations, and policy, to ensure the responsible and ethical use of trustworthy AI, and to preserve scientific integrity as described in 11 FAM 820.
c. These policies apply to all AI Use Cases, as defined below, in the Department, including those using AI use cases developed internally and those acquired from third parties (e.g., other federal agencies, contractors, partners, grantees, licensors, etc.).
d. Department personnel who wish to use AI as defined below should report their AI Use Case to the Responsible AI Official (RAIO) (see 102.1-2(A)) via the annual AI Use Case Inventory, indicating owner, purpose, and that the use will comply with the principles in 20 FAM 302.2-1(A).3.
20 FAM 301.1-2 Business Drivers (AI)
(CT:DATA-13; 02-20-2025)
20 FAM 301.1-2(A) AI Risk Management Business Drivers
(CT:DATA-13; 02-20-2025)
a. In accordance with OMB M-24-10, the Department is required to implement the minimum risk management practices to the Department’s safety-impacting and rights-impacting AI (see 20 FAM 301.2), or else stop using non-compliant AI until compliance is achieved.
b. The Department must document AI risk management implementation and be prepared to report AI waivers and determinations to OMB, either as a component of the annual AI use case inventory, periodic accountability reviews, or upon request by OMB.
c. To address potential risk management gaps, the Department is encouraged to promote and to incorporate, as appropriate, additional best practices for AI risk management, such as those from:
(1) National Institute of Standards and Technology (NIST) AI Risk Management Framework;
(2) Blueprint for an AI Bill of Rights;
(3) Workforce principles and best practices for employers established pursuant to Section 6(b)(i) of Executive Order 14110; and
(4) Department-specific best practices, consistent with the principles in Executive Order 13960, Executive Order 14091, and Executive Order 14110.
(5) The Department’s most up-to-date AI best practices can be found on AI.State.