• AI Governance Overview
  • 358 pages and 90 vendors
  • 90 controls and 25 case studies
  • Mappings to EU AI Act and NIST AI RMF
Vertical Line
  • Agentic AI Governance
  • 19 case studies
  • 11 Agentic AI platforms
  • Companion to AI Governance Comprehensive
Marquee Hyperlink Example
YDC_AIGOV Shadow AI Governance Agents to highlight risks associated with AI embedded within vendor applications

Data as a National Treasure for the Kingdom of Saudi Arabia

Sunil Soares, Founder & CEO, YDC April 2, 2024

This analysis was done way back in November 2022 before data became the new oil in the context of AI.

The Kingdom of Saudi Arabia (KSA) has established the National Data Management Office (NDMO) within the Saudi Data & AI Authority (SDAIA) to define how data should be used effectively and impartially within the kingdom. The NDMO mission statement refers to data as the new oil.

The YDC team used publicly-available information to quantify the financial value of data for the largest companies in the KSA.

The Aggregate Data Value for KSA was at least SAR 467 Billion, or 4.8 Percent of Corporate Value and 14.9 Percent of Gross Domestic Product (GDP). These numbers are based on a YDC analysis of a sample of publicly-traded companies that accounted for more than 88 percent of the market capitalization of the Saudi Stock Exchange Tadawul.

Based on a population of 35.3 million, the Per Capita Data Value was SAR 13,223. Approximately 63 percent of the Per Capita Data Value flowed from hydrocarbons with the remaining 37 percent flowing from non-hydrocarbon businesses. The hydrocarbon data value essentially flowed from Saudi Arabian Oil Company (Aramco).

The DMI™ Index is the ratio of data value to corporate value or GDP. A higher DMI Index is generally preferable across companies and industries. By way of reference, internet companies have a higher DMI Index because most of their enterprise value is derived from data. For example, Google’s DMI Index is more than 90 percent because it generates most of its revenues from advertising based on user interaction data.

Fairness & Accessibility

Component

Component ID: 5.0

Mitigate bias and manage AI accessibility.

List of Controls:

  • Bias
  • Accessibility
Mitigate Bias
Control
ID: 5.1

Ensure that AI systems are fair and manage harmful bias.
Component
Sub-Control
Regulation
 
Source
Address Fairness and Accessibility EU AI Act -Article 10(2)(f)(g) – Data and Data Governance (“Examination of Possible Biases”)

Vendors

Detect Data Poisoning Attacks
Control

ID: 10.4.1

Data poisoning involves the deliberate and malicious contamination of data to compromise the performance of AI and machine learning systems.

Component
Control
Regulation
Source
10. Improve Security10.4 Avoid Data and Model Poisoning AttacksEU AI Act: Article 15 – Accuracy, Robustness and Cybersecurity 

Vendors

Improve Security
Component

Component ID: 10

Address emerging attack vectors impacting availability, integrity, abuse, and privacy.  

List of Controls:

  • Prevent Direct Prompt Injection Including Jailbreak
  • Avoid Indirect Prompt Injection
  • Avoid Availability Poisoning
    • Manage Increased Computation Attack
    • Detect Denial of Service (DoS) Attacks
    • Prevent Energy-Latency Attacks
  • Avoid Data and Model Poisoning Attacks
    • Detect Data Poisoning Attacks
    • Avoid Targeted Poisoning Attacks
    • Avoid Backdoor Poisoning Attacks
    • Prevent Model Poisoning Attacks
  • Support Data and Model Privacy
    • Prevent Data Reconstruction Attacks
    • Prevent Membership Inference Attacks
    • Avoid Data Extraction Attacks
    • Avoid Model Extraction Attacks
    • Prevent Property Inference Attacks
    • Prevent Prompt Extraction Attacks
  • Manage Abuse Violations
    • Detect White-Box Evasion Attacks
    • Detect Black-Box Evasion Attacks
    • Mitigate Transferability of Attacks
  • Misuse of AI Agents
    • Prevent AI-Powered Spear-Phishing at Scale
    • Prevent AI-Assisted Software Vulnerability Discovery
    • Prevent Malicious Code Generation
    • Identify Harmful Content Generation at Scale
    • Detect Non-Consensual Content
    • Detect Fraudulent Services
    • Prevent Delegation of Decision-Making Authority to Malicious Actors

Identify Executive Sponsor

ID : 1.1 

Appoint an executive who will be accountable for the overall success of the program.

ComponentRegulationVendors
1. Establish Accountability for AIEU AI Act 
We use cookies to ensure we give you the best experience on our website. If you continue to use this site, we will assume you consent to our privacy policy.