Loading…
Johnie T Young
AI Expert
Johnie T Young is an AI expert and governance practitioner with deep experience helping fast-moving technology companies implement responsible AI practices at small-team scale. With a focus on practical, actionable frameworks, Johnie built AI Policy Desk to close the gap between enterprise-grade compliance tooling and the real-world needs of lean product teams. Before founding AI Policy Desk, Johnie worked across a range of technology companies advising on AI risk management, GDPR readiness, and EU AI Act compliance. With the rapid emergence of AI regulation globally, Johnie identified a clear need: governance resources written for 10-person teams, not Fortune 500 legal departments — practical templates, checklists, and guides that teams can pick up and use today.
- AI governance practitioner
- EU AI Act and GDPR specialist
- AI risk management expert
- Compliance frameworks for small teams
EU AI Act complianceAI governance frameworksGDPRRisk assessmentShadow AI managementVendor evaluationAI incident responseModel risk management
224 articles by Johnie T Young
Compliance·20 min
Read →AI Data Privacy for Small Teams: 9-Tool DPA Table + GDPR/CCPA Checklist (2026)
GDPR and CCPA compliance for AI tools: 9-tool DPA status table, Article 22 automated decision rules, training data opt-out guide, and a copy-paste DPA request email template. Includes 2026 enforcement fines. Updated May 2026.
gdprccpaprivacygovernance
Guides·16 min
Read →AI Governance Roles and Responsibilities for Small Teams: The 3-Role Model (2026)
Three named roles cover AI governance for teams of 5-50 without dedicated compliance staff. Copy-paste RACI, escalation matrix, and EU AI Act role requirements included.
governancerolesraciframework
Guides·8 min
Read →Governing Embedded AI in Third-Party Tools
Notion AI, Copilot, HubSpot AI, and Zoom AI ship embedded features your team uses whether you approved them or not. How to audit and govern each tool.
embedded-aisaasvendor-riskgovernance
Templates·7 min
Read →AI Register Template for Small Teams (2026)
Copy-paste AI register template: one row per tool, tracks owner, data sensitivity, DPA status, and review date. Covers approved tools and shadow AI.
templatesinventorygovernanceaudit
Templates·9 min
Read →AI Vendor Due Diligence in 30 Minutes (Questions + Scoring Sheet)
AI vendor due diligence in 30 minutes: 5 pass/fail gate questions, 8 deep questions, a 1-3 scoring sheet, and a copy-paste procurement email. No dedicated security team required.
vendorprocurementchecklistsecurity
Templates·7 min
Read →AI Vendor Evaluation Checklist for Small Teams (20-Point)
Checklist to evaluate AI vendors before signing: data handling, training opt-out, DPA availability, security certifications, and exit rights. Under 30 min.
vendorchecklistprocurementsecurity
Templates·6 min
Read →AI Governance Checklist (2026)
Quarterly AI governance checklist for small teams: inventory, policy currency, vendor DPA status, incident log review, and training refresh.
checklistgovernanceauditsmb
Templates·7 min
Read →ChatGPT Usage Policy for Employees: 3-Tier Rules Template
Practical rules for ChatGPT and similar assistants: what employees can paste, what needs approval, and how to stay compliant.
chatgptpolicyemployeesusage