Environmental sustainability refers to every interaction with the environment in which the primary intent is to avoid the degradation or depletion of natural resources, thus preserving long-term environmental quality. Achievement of environmental sustainability is hindered by critical barriers. First, the global temperature is rising, with 2024 being the warmest year in human history.1 Second, resource rarity and scarcity have both intensified.2 Freshwater systems are being stress-tested, and biodiversity loss is accelerating, with up to one million species at risk of extinction.3 Enterprises are being pressured by regulatory bodies, investors, and consumers to address environmental sustainability by taking tangible actions with transparent results. This necessitates solutions that can process vast amounts of environmental data, identify patterns that the human eye could miss, and optimize resource usage across a complex mesh of systems, people, and processes. This is where artificial intelligence (AI) has shown great promise and a remarkable initial proof of value. AI provides capabilities that can alleviate the pressure to ensure environmental sustainability and, beyond that, respond to some of the associated risk on a sustained basis. For example, AI can provide:
- Advanced predictive modeling of climate impacts and resource depletion4
- Optimization of energy consumption and distribution networks5
- Automated monitoring of ecosystem health and biodiversity6
- Enhanced resource management across global supply chains7
- Improved reporting and compliance with evolving environmental regulations8
That said, despite AI's potential, it also involves new risk based on its technological nature and dependence on data. Any failure of implementation or data quality variance may worsen the environmental landscape rather than protect it. Enterprises must first understand and then respond to the risk posed by these emerging technologies.
This requires a framework for AI implementation that balances innovation with appropriate controls across three key dimensions: operational controls, technical safeguards, and governance structures. Although AI integration has inherent risk, this risk can be effectively mitigated through a targeted framework, as demonstrated by successful case studies across different sectors. This analysis is particularly relevant for IT governance professionals, risk managers, and sustainability officers seeking to implement and oversee AI solutions to environmental sustainability issues while ensuring proper risk management.
The Intersection of AI and Sustainability
Risk management sustainability professionals—including chief sustainability officers; environmental compliance managers; environmental, sustainability, and governance (ESG) directors; and sustainability consultants—are under pressure to deliver results, even as supply chains are becoming increasingly complex. These professionals must develop and deploy sustainability solutions that measure environmental impact, ensure regulatory compliance, and report progress to all stakeholders. Operating at the intersection of environmental science, business operations, and technology, their role is essential to the design and operation of the supply chains of the future, which need to be more circular, more equitable, less polluting, and less consuming.
To adequately manage AI-driven sustainability initiatives, enterprises need a simple, pragmatic risk and control framework that balances adaptive risk management with productive operation.Essentially, sustainability risk drivers such as climate change, resource scarcity, and biodiversity loss are no longer just environmental concerns; they are serious threats to how enterprises operate. For example, extreme weather disrupts supply chains because it prevents the delivery of goods in a predictable and timely manner. Scarce resources drive up costs and put pressure on the pool of consumers, reducing overall transactions and negatively affecting economic activity. Damage to ecosystems harms the production of both goods and services by making access to water and other vital resources more difficult; this, in turn, can negatively affect an enterprise’s reputation. All these drivers directly impact an enterprise’s balance sheet as well as its ability to operate. Thus, enterprises have an incentive to reduce this risk and increase their resilience when such disruptions occur.
Technologies such as AI can help, but the combined risk landscapes of AI usage and sustainability extend beyond traditional risk taxonomies with respect to certain operational, technological, and regulatory aspects. For example:
- AI can introduce significant risk to an operating system by disrupting existing processes and creating dependencies that lead to vulnerabilities.
- Technology issues may stem from poor data quality or inadequate integration, leading to system failure. For example, AI might perpetuate bias or unfairness, or hard-code ineffective behaviors into execution. In addition, a lack of explainability could make it hard to understand and fix output errors. These problems may lead to production failures and unreliable outcomes. In the context of environmental sustainability, these problems may be compounded, impacting both the supply chain and the ecosystem. For example, an AI system that is supposed to allocate subsidies to production units based on their carbon reduction efforts may be positively biased toward a specific region, leading to the unfair distribution of subsidies and potentially rewarding units that are actually more polluting.
- Regulatory requirements are fluid as authorities in some areas of the world implement stricter environmental standards and reporting mandates, causing uncertainty for enterprises and potentially increasing their compliance burden. Stricter standards and mandates respond to the growing need for both responsible and ethical AI, on the one hand, and more tangible, sustainability-oriented action, on the other hand. The changing nature of these regulations creates compliance challenges and imposes requirements that may consume value.
To adequately manage AI-driven sustainability initiatives, enterprises need a simple, pragmatic risk and control framework that balances adaptive risk management with productive operation. Such a framework focuses on three key areas: operational controls, technical safeguards, and governance structures.
These three areas are important because they directly address how complex and interconnected the risk is, including how any negative impacts from technology-related risk may be compounded in fragile environmental ecosystems. First, operational controls manage the day-to-day use of AI, establishing a proper use perimeter and ensuring that AI is applied correctly and efficiently to achieve organizational sustainability targets. Second, technical safeguards protect the integrity of AI systems themselves, responding to data bias, security breaches, and algorithm failures that could undermine the success of sustainability efforts as well as upset the balance and symbiosis of the environment. Finally, governance structures provide the necessary oversight and ethical guidelines to ensure that AI is used responsibly. Together, these key areas form a holistic risk management approach that includes everything from daily operations to strategic direction and ensures that AI is used effectively, securely, and ethically. As in any technology use framework, each control requires attention and continuous monitoring to adapt to the evolving AI and sustainability landscapes.
Operational Controls
Operational controls refer to day-to-day system management and decision oversight. For example, EnerSys, an industrial battery manufacturing and energy storage company, uses AI to improve efficiency and accuracy in data collection and reporting while keeping implementation parameters within a solid operational control framework.9 The company employs ESG Flo, an AI-powered platform, to efficiently extract and process utility bill information from 180 global sites. It also uses ChatGPT Enterprise to analyze large sustainability-related data sets. This AI-driven approach has resulted in a 50% reduction in time spent on customer inquiries, enhanced data accuracy for Scope 1 and 2 emissions reporting, and streamlined compliance management across various ESG frameworks.
To address potential AI trust and accuracy concerns, EnerSys has implemented a collaborative, cross-functional approach involving IT, legal, internal audit, and compliance teams to establish adequate controls and manage risk. A key operational control involves coding its ChatGPT Enterprise implementation to flag and reject requests involving proprietary or material information, thus preserving data integrity.
Technical Safeguards
Technical safeguards include innovations such as the DeepMind machine learning (ML) system for Google's data center cooling capability.10 It consists of a mesh of deep neural networks trained on historical sensor data, combined with built-in predictive safeguards that simulate recommended actions before implementation. Two additional neural networks specifically forecast temperature and pressure conditions over the next hour, serving as algorithmic guardrails that prevent potentially harmful operating scenarios.
This type of architectural redundancy responds to the risk of one individual model failing; at the same time, it allows cross-validation to unfold in the same way as peer review mechanisms. A specific example of this technical safeguard is the continuous comparison between the predicted outputs and the ones observed within Google data centers. When considered in its entirety, this is a comprehensive feedback mechanism. It enables progressive algorithmic refinement, prevents performance degradation, and maintains integrity and reliability over extended life cycles, even when environmental conditions change.
These technical safeguards preserve the performance and longevity of the sustainability solution, which results in a 40% reduction in cooling energy for Google's data centers and maintains a delicate balance between innovation and protection.11 By preventing system failure, these safeguards are also an effective stopgap against increased energy consumption or equipment damage that would lead to more environmental pollution.
Governance Structures
An instructive example of an enterprise that uses sustainability-centric AI and a strong governance framework is ALPHA-EL Inc., owned by Canadian Northern First Nations.12 Its business model focuses on creating AI and ML products that feature real-time monitoring of wildlife, particularly species native to the Canadian North, and the detection of wildfires. Most interesting is its integration of the traditional knowledge of Indigenous groups and the technological innovations of AI.
Governance frameworks are shifting to integrate a variety of perspectives, with the ultimate goal of minimizing AI’s environmental impacts.13 That said, effective governance requires specific implementation structures. Initiatives such as PolArctic's Nunavut project can provide valuable guidance.14 Its robust AI governance practices include protocols for formally requesting the community’s permission for data usage, equal value given to Indigenous knowledge and scientific data in AI model development, transparent and accessible processes to integrate knowledge, and information delivery systems that maintain community access and control. These governance oversight mechanisms allow Indigenous communities to retain authority over how their unique knowledge is digitized, applied, and shared within AI systems for environmental monitoring.
When Indigenous knowledge systems can be aligned with the development of provincial and federal policies, this enables a systemic approach to environmental governance that will support generations to come. By centering Indigenous perspectives in AI governance, ALPHA-EL exemplifies how ethical frameworks can be embedded directly into AI sustainability applications, even in unique and sensitive environments.
Case Studies in AI Sustainability Risk Management
Risk management requires strategies that tackle concrete challenges, such as integrating AI with existing systems and improving data quality. Enterprises can adapt established frameworks such as ISACA's COBIT® and Risk IT Framework to address these emerging challenges, taking advantage of a familiar structure to govern the use of AI implementation for sustainability efforts.15 The following case studies highlight some other strategies.
European Space Agency
The European Space Agency (ESA) is working
to integrate AI across multiple aspects of space
missions through its AI Lab, which aims to enhance
capabilities such as astronaut training and
autonomous systems on rovers.16 As part of its Earth
observation efforts, the agency uses AI to analyze
satellite data, identify environmental changes, and
support decision making that responds to events
such as climate change and natural disasters.
The ESA's risk management framework, as outlined in the European Cooperation for Space Standardization (ECSS) standard ECSS-M-00-03 (subsequently replaced by ECSS-M-ST-80C), provides a structured approach to identifying, assessing, and mitigating risk across the agency’s space missions and programs.17 This comprehensive strategy enables ESA to proactively monitor environmental conditions, respond to potential threats, and contribute useful data to support sustainability efforts at the global level. The current standard does not explicitly address AI, but AI and ML approaches have been applied in conjunction with ECSS standards. For example, a 2023 report describes applications of ML and AI in alignment with ECSS-M-ST-80C.18
Agricultural Sustainability
AI is making pivotal changes to agricultural sustainability, especially in the area of water management. For example, farms using the AgMonitor project saw irrigation precision improve from 70% to more than 90%.19 AI has also been used to decrease production costs and energy consumption, and in some cases it minimizes the need for chemical treatments, as it allows earlier pest and disease detection.20 Farms using these systems may face operational issues when the technology breaks down or malfunctions because of sensor problems or unreliable network signals in the fields. They face the risk of becoming too dependent on machines that can fail at the worst possible time. These farms need to be prepared to respond with backup scenarios or contingency management; otherwise, crop damage may result.
This progress supports adaptation and helps farmers manage droughts and difficult-to-predict weather patterns. As a result, effective cultivation can be achieved in initially hostile conditions. The economic benefits are significant, with major growers saving US$100,000 in a single summer through AI-optimized irrigation timing and systems that offer payback periods in less than three years.21 As access to water is threatened in critical agricultural regions, properly governed AI solutions with regular system validation, algorithmic transparency, and appropriate human oversight are becoming not only relevant but essential for creating resilient, sustainable agricultural systems that can effectively mitigate potential harms while maximizing environmental and economic benefits.
A comprehensive risk management approach for agricultural AI must address multiple dimensions beyond operational concerns. Cybersecurity is critical, as smart farming systems are potential targets for hackers who could disrupt operations, with catastrophic consequences, necessitating white hat security testing during development and strong ongoing monitoring systems.22 Algorithmic bias is another significant risk, as AI that is trained predominantly on data from large-scale operations or specific geographic regions may deliver inappropriate recommendations for smaller farms or different regions.23 Regulatory compliance frameworks must clarify liability when AI systems recommend actions that violate government regulations, such as improper pesticide applications; currently, farmers bear the greatest legal exposure. Equally important are environmental impact assessments. AI systems may be designed for a sole purpose, such as yield optimization. As a result, these systems may overlook longer-term consequences, including soil erosion and ecosystem damage stemming from the overuse of fertilizers and pesticides. Finally, data governance frameworks must address farmers' legitimate concerns about data ownership, security, and the fair sharing of benefits between agricultural operations and technology providers.24
World Wildlife Fund
The World Wildlife Fund (WWF) has undertaken initiatives in Southeast Asia that demonstrate the promising application of AI in conservation efforts. WWF has partnered with AI Singapore to develop an ML system that can detect potential illegal wildlife trade online with a high degree of accuracy.25 WWF collaborates with technology providers to leverage AI and ML for conservation efforts, including the use of big data to develop targeted social media campaigns aimed at combating wildlife trafficking.26
While these efforts show potential, the governance framework for AI in the region is still evolving. The Association of Southeast Asian Nations (ASEAN) has published a Guide on AI Governance and Ethics, but creating a unified approach across member states remains challenging due to varying levels of AI readiness.27 WWF, in collaboration with the International Fund for Animal Welfare (IFAW) and other partners, continues to work on improving systems to better serve conservation goals while managing associated risk, as evidenced by events such as the June 2024 AI Workshop to Combat Wildlife Crime, held in Hong Kong.28
Strategic Implementation of AI Operational Risk Controls Operational risk management focuses
Operational risk management focuses on day-to- day system operation and decision-making processes. Effective operational controls require clear procedures for AI system monitoring and intervention. Enterprises must establish specific thresholds for human review and detailed protocols for decision escalation, with rigorous testing and continuous calibration of these thresholds. In addition, AI operators need specialized training in model behavior, potential biases, and system limitations beyond standard IT operational training, as these are specific risk factors in AI systems that may increase over time.
Enterprises must develop adaptive control frameworks that evolve with technological advances while maintaining robust risk management capabilities. This includes preparing for new regulatory requirements and evolving environmental standards.Although implementations vary, effective operational controls typically combine AI-driven analysis with human expertise. The mix depends on the enterprise’s risk tolerance, which acts as a guardrail. For example, cloud data centers now leverage AI-driven monitoring and have established automated backup modes. When monitoring systems identify potential environmental threats, multiple verification steps should be in place to ensure accurate assessment before taking action. This approach balances the efficiency of automated systems with the necessity of oversight by human experts, resulting in more reliable, accountable, and trusted decision making in complex environmental scenarios.
Successful implementation requires a carefully planned approach that addresses risk at each stage of the AI system’s life cycle—from design and development to deployment and ongoing operation. Enterprises should either adapt existing risk frameworks or develop new assessments that identify AI-specific failure points and control requirements, consider both technical and operational risk, and examine how different system components interact and where vulnerabilities might emerge.
The implementation process should follow a staged approach with clear milestones and success criteria. Each stage must include specific risk management protocols and control mechanisms. Regular reviews ensure that controls remain effective as the system expands and evolves. Enterprises must remain flexible, adapting controls as AI-specific challenges emerge, such as model drift, unexpected algorithm behavior, or changes in data quality affecting system performance. Implementation should include AI-specific considerations such as algorithmic bias assessment, model performance monitoring protocols, and appropriate governance structures for AI oversight, which differ from traditional IT implementation approaches.
Tomorrow's Challenges
The risk landscape continues to evolve as technology advances and environmental challenges grow. Enterprises must prepare for new risk and, at the same time, maintain effective controls for current operations. This includes developing capabilities that account for advances in quantum computing, edge computing integration, and advanced analytics.
Greater system complexity and integration requirements are likely to create future risk. Enterprises must develop adaptive control frameworks that evolve with technological advances while maintaining robust risk management capabilities. This includes preparing for new regulatory requirements and evolving environmental standards.
The successful implementation of AI in the realm of environmental sustainability depends on comprehensive risk management and robust control frameworks. Enterprises must address various risk dimensions and maintain operational effectiveness. The use cases presented show that properly managed AI systems can deliver material environmental benefits, including better resource efficiency, more accurate environmental monitoring, and enhanced predictive capabilities for climate modeling. But success requires careful attention to risk management and control effectiveness.
Enterprises should maintain clear accountability while adapting to rapidly evolving challenges. Strategic investments in thoughtful governance frameworks, protective technical measures, practical risk reviews, and vigilant monitoring will unlock the benefits offered by these analytical systems while preserving operational standards and effectiveness. Realizing these benefits demands a constant focus on adaptability as well as ethical considerations. By applying the three-dimensional framework of operational controls, technical safeguards, and governance structures, enterprises can effectively respond to the inherent risk of AI while maximizing the potential for environmental good. Enterprises that successfully navigate these challenges will find that AI is an ethical and durable transformative force for environmental sustainability.
Endnotes
1 World Meteorological Organization, “WMO Confirms 2024 as Warmest Year on Record at About 1.55°C Above Pre-Industrial Level,” 10 January 2025
2 European Commission, “Aggravating Resource Scarcity” 26 January 2023, European Union
3 UK Centre for Ecology and Hydrology, “Unpicking the Impacts of Multiple Stressors on Freshwater Ecosystems,” United Kingdom, 15 June 2020; World Health Organization, “Biodiversity”
4 Murari, H.; “AI for Climate Change: Innovative Models for Predicting Environmental Impact,” Dataversity, 15 October 2024
5 Biswas, P.; Rashid, A.; et al.; “AI-Driven Approaches for Optimizing Power Consumption: A Comprehensive Survey,” Discover Artificial Intelligence, vol. 4, 2024
6 Clark, J.; Fishwick, J.; et al.; “Revolutionizing Biodiversity Monitoring: The Power of AI and New Technologies,” Plymouth Marine Laboratory, 21 October 2024
7 Johar, P.; “AI Will Protect Global Supply Chains From the Next Major Shock,” World Economic Forum, 5 January 2025
8 Center for Sustainability and Excellence, “The Future of ESG: Real-Time Sustainability Reporting with AI,” 4 February 2025
9 Runyon, N.; “ESG Case Study: How EnerSys Uses GenAI to Drive Efficiency, Ensure Accuracy, and Safeguard Sustainability and ESG Data,” Thomson Reuters Institute, 7 August 2024
10 Evans, R.; Gao, J.; “DeepMind AI Reduces Google Data Centre Cooling Bill by 40%,” Google DeepMind, 20 July 2016
11 Evans; Gao; “DeepMind AI Reduces”
12 ALPHA-EL Inc., “About”
13 Valdez, N.; Tveit, A.; et al.; “AI and the Planet: Balancing Innovation With Environmental Responsibility,” Community Foundations of Canada, 3 December 2024
14 World Wildlife Fund, “Blending Indigenous Knowledge and Artificial Intelligence to Enable Adaptation,” 2023
15 ISACA®, COBIT®, ISACA, Risk IT Framework, 2nd Edition, 2020
16 European Space Agency, “Artificial Intelligence in Space”
17 European Cooperation for Space Standardization, ECSS-M-ST-80C―Risk management, 31 July 2008, The Netherlands
18 European Space Agency, “Executive Summary Report” 21 July 2023
19 Future Farming, “AI-Driven Tool Optimises Water Management and Energy Efficiency for Farmers,” 18 December 2024
20 Abramov, M.; “Precision Irrigation: How AI Can Optimize Water Usage in Agriculture,” Keymakr, 21 August 2024
21 Future Farming, “AI-Driven Tool”
22 University of Cambridge, “Risks of Using AI to Grow Our Food Are Substantial and Must Not Be Ignored, Warn Researchers,” United Kingdom, 23 February 2022
23 Pohl, S.; Glassman, J.; “AI Can Transform Precision Ag, But What Are the Legal Risks?,” Precision Farming Dealer, 16 July 2024
24 Gardezi, M.; Joshi, B.; et al.; “Artificial Intelligence in Farming: Challenges and Opportunities for Building Trust,” Agronomy Journal, 2023
25 World Wildlife Fund, “Groundbreaking Machine Learning―Enabled Tool to Identify Illegal Wildlife Trade Online Developed,” 8 September 2023
26 Yan, W.; “A Global Coalition Forms to Stop Online Wildlife Crime,” WWF Magazine, Fall 2018
27 Association of Southeast Asian Nations (ASEAN), ASEAN Guide on AI Governance and Ethics
28 World Wildlife Fund, “Nature Meets Innovation at Artificial Intelligence (AI) Workshop to Combat Wildlife Crime,” 1 July 2024
Adam Ennamli, CSP, ITIL
Is the chief risk, compliance, and security officer at the General Bank of Canada, where he leads enterprise-wide risk programs. Drawing on 15 years of leadership experience across global financial and technology institutions including Morgan Stanley, Thomson Reuters, and the National Bank of Canada, he specializes in transforming risk management and compliance frameworks. Ennamli has pioneered innovative approaches to cybersecurity, sustainability, and regulatory compliance that directly impact strategic growth.