We recently presented at the ALARM Scotland seminar in Glasgow, a leading forum bringing together risk, resilience, and public sector leaders to explore emerging priorities and sector-wide innovation.
We were invited to share insights from our AI readiness research alongside our academic collaborator Dr Luciana Blaha (Heriot-Watt University), who set the foundation by outlining key concepts, methodology, and scoring approach for a risk-focused audience.
Building on this, GoLLM CEO Daniel Shorr and research analyst Chunche Lee presented findings from over 800 AI initiatives, showing how organisations are progressing at very different levels of maturity.
One message came through clearly: AI is no longer a future consideration, it is now a governance and risk priority.
AI through a risk lens
Unlike many AI events centred on innovation, this seminar focused on practical concerns: risk exposure, governance, accountability, organisational readiness, and public sector responsibility.
This reflects a broader shift confirmed by the Institute of Risk Management’s Risk Trends 2026 report, which ranks AI and digital disruption as the top emerging risk, followed by cyber and data resilience. The report highlights how rapid AI deployment is creating governance challenges, bias, automation errors, and data integrity risks, while cyber threats are increasingly linked to the use of generative AI.
The question for organisations is no longer whether to adopt AI but how to do so in a controlled and responsible way.
Why readiness still matters
A recurring theme was uncertainty around preparedness. Many organisations are adopting AI but lack a clear view of their own readiness.
This aligns with our AI Readiness of UK Local Authorities (2025) report, led by Daniel Shorr, CEO of GoLLM, in collaboration with Dr Luciana Blaha, which finds that Scotland’s local authorities are among the most advanced in the UK.
Crucially, readiness is not just technical. It depends on governance structures, internal capability, and the ability to deploy AI with confidence and oversight.
Across the initiatives analysed, adoption is accelerating but maturity is uneven. Some organisations have embedded AI into structured processes, while others remain at an experimental stage. Without the right foundations, AI can amplify existing risks rather than deliver value.
A more mature conversation
What stood out at ALARM Scotland was the level of practical focus. There was clear recognition that AI adoption must be accountable, that risk frameworks need to evolve alongside technology, and that organisations need actionable tools, not just strategy.
Examples shared during the session highlighted how platforms like GoLLM’s D.A.V.E. are already helping councils and organisations synthesise large volumes of feedback data, from public consultations to employee engagement, in a scalable and efficient way.
AI is increasingly being treated alongside cyber and data risks within organisational frameworks, reflecting its shift into a core governance concern.
From awareness to accountability
AI is now firmly part of the governance landscape. The conversation is moving from exploration to execution, with greater emphasis on oversight and responsibility.
For organisations, the priority is clear: understand your level of readiness and put the right structures in place to adopt AI with confidence.