UPDATE — JULY 2025: California’s GenAI guidelines, released under Governor Gavin Newsom’s Executive Order N-12-23, remain in effect and continue to guide state agencies in the responsible procurement and use of generative AI. These guidelines are currently undergoing refinements based on feedback from stakeholders and results from pilot programs throughout 2025.
ORIGINAL NEWS STORY:
California Releases GenAI Guidelines to Govern Procurement and Deployment
In alignment with Executive Order N-12-23, officials unveiled the GenAI Guidelines for Public Sector Procurement Uses and Training. These policies provide structured direction for procuring, utilizing, and training on generative AI within state government. Their central focus is ensuring that any AI integration is responsible, ethical, transparent, and trustworthy. State agencies are expected to evaluate how generative AI can support their specific missions while managing potential risks and operational challenges.
What the Guidelines Cover
The guidelines define generative AI as pretrained models capable of producing synthetic content—such as images, text, and code—based on user input. They distinguish between:
-
Incidental purchases (where generative AI is a feature of a broader tool)
-
Intentional purchases (where generative AI is the main product being procured)
Use case examples include content creation, chatbot deployment, and data analysis.
Training and Oversight Requirements
Each state agency must designate an executive lead, typically the CIO, to oversee generative AI monitoring and evaluation. Training is mandatory for executives, procurement teams, and staff across departments.
Key topics include:
-
Identifying business needs
-
Assessing risks
-
Preparing and testing data and models
-
Evaluating generative AI tools over time
California also provides a training roadmap tailored to different roles. Procurement officials receive structured onboarding, and staff are encouraged to join a statewide AI community of practice.
Risk Management and Procurement Procedures
The guidelines emphasize risk management aligned with the NIST AI Risk Management Framework. CIOs are responsible for ensuring proper assessments before any generative AI deployment.
Procurement requirements include:
-
Generative AI disclosure language in all solicitations
-
Completion of a disclosure fact sheet by all bidders
-
Mandatory CIO evaluations
-
Post-contract reporting for all generative AI-related projects
-
Oversight by dedicated generative AI experts
Conclusion
California’s guidelines offer a clear roadmap for responsible AI adoption. They encourage agencies to start with risk assessments and soft launch initiatives before fully implementing generative AI tools. To support this effort, the state has provided toolkits, process maps, and sample contract language.
Need Help?
Also, with every day comes a new AI regulation or bill, and you might have questions and concerns about how it will impact you. Therefore, don’t hesitate to reach out to BABL AI. Hence, their Audit Experts are ready to provide valuable assistance.
