Theme 3: Designing - Executive Summit 2026

THEME 3: Designing Governance, Trust & Cyber Resilience into AI

AI adoption in FM requires strong governance, trust, cybersecurity and ethical safeguards. This theme aligns directly with the Knowledge Café question on governance, risk and trust, which asked what role the C-suite should play in ensuring strong AI governance, cybersecurity and ethical safeguards while enabling innovation.

Participant notes suggest that executives viewed governance not as a barrier to AI adoption, but as the condition that allows AI to be used safely, responsibly and at scale. The core message is that AI needs trust before it can create value.

Subthemes, focus & example comments

Subtheme	Focus	Example comments
3.1 Executive ownership & sponsorship	The C-suite must actively sponsor, resource and legitimize responsible AI adoption.	“Ownership”; “ROI”; “funding”; “support”; “direction”
3.2 Guardrails, policy & decision rights	AI requires clear rules, responsibilities, permissions, and governance structures.	“Programmatic guardrails”; “RACI”; “privacy”; “compliance”
3.3 Cybersecurity & data protection	AI adoption increases the importance of cyber resilience and secure data practices.	“Cybersecurity”; “data security”; “increased cyber support”
3.4 Human, legal & stakeholder safeguards	Governance must protect people, core competencies, legal obligations, the environment, shareholders and communities.	“Protect people, core competencies, legal, environmental, shareholders, community”; “trust!”
3.5 Feedback loops & adaptive governance	Governance should evolve as AI is tested, implemented and scaled.	“Organization comms on strategic priorities”; “receive feedback at speed of execution”; “Adjust priorities”
3.6 Managing shadow AI and non sanctioned tools	Organizations need to understand and manage informal AI use before it becomes a source of risk.	“AI tool adoption & misuse”; “non sanctioned AI tools”

Why this matters

AI introduces new forms of opportunity, but also new forms of organizational risk. In FM, those risks are not limited to data privacy or cybersecurity. They also relate to building systems, operational continuity, employee confidence, legal compliance, supplier relationships and the protection of organizational knowledge.

This builds on IFMA’s earlier work on digital risk and cybersecurity, particularly The Convergence and Cybersecurity Breaches in Facility Management reports, both of which highlighted the growing exposure of FM as buildings, systems and operational technologies become more connected.

FM sits at the intersection of physical assets, digital systems, people, suppliers and critical services. As AI becomes more embedded in FM decision-making, the consequences of weak governance become more significant. Poorly governed AI could lead to inaccurate decisions, insecure data practices, unclear accountability, misuse of tools, unmanaged vendor risk or reduced trust among employees and stakeholders.

Implications for FM leaders

FM leaders should treat AI governance as a core part of AI strategy. Governance should be designed early, before tools are scaled or embedded into operational workflows.

A practical starting point would be to define an AI governance framework for FM that covers the following areas:

Governance area	Key leadership question
Ownership	Who is accountable for AI adoption in FM?
Sponsorship	Who provides executive support, funding and direction?
Decision rights	Who decides which AI tools are approved and where they can be used?
Data security	What data can be used, shared or uploaded into AI tools?
Cybersecurity	How are AI-enabled systems protected from cyber risk?
Compliance	What legal, regulatory and policy requirements apply?
Human safeguards	How will AI protect people, jobs, expertise and trust?
Vendor risk	How will AI vendors and platforms be evaluated?
Feedback loops	How will issues, concerns and lessons be captured?
Shadow AI	How will informal or non sanctioned AI use be identified and managed?

FM leaders should work closely with IT, cybersecurity, legal, HR, procurement and risk functions. AI governance cannot be owned by FM alone, but FM has a responsibility to ensure that governance reflects the operational realities of buildings, services, assets and workplace experience.

Theme 3 summary

Governance is not the opposite of innovation. In the context of AI-enabled FM, governance is what allows innovation to happen responsibly. Participants recognized that AI adoption requires clear ownership, executive sponsorship, guardrails, cybersecurity, privacy, compliance and stakeholder protection.

AI will only scale in FM when leaders design trust, governance and cyber resilience into adoption from the beginning.

International Facility Management Association (IFMA) supports over 26,000 members in 140 countries. Since 1980, IFMA has worked to advance the FM profession through education, events, credentialing, research, networking and knowledge-sharing.