State of South Carolina · Department of Transportation

SCDOT Enterprise Technology & AI Strategic Roadmap

Demonstration — Illustrative data — Prepared by Concourse Tech

Feature 03 · Responsible AI Operations

NIST AI RMF Governance Dashboard

SCDOT-specific control checklists across the four NIST AI Risk Management Framework functions — Govern, Map, Measure, Manage — with maturity ratings and a risk-tiered classification model that scales control intensity to consequence.

Controls Tracked

21

Across 4 RMF functions

Implemented

4

Fully operational today

Partial

10

In progress with owners

Avg. Maturity

2.2

Target 3.7 by month 18

Maturity by Function

CMMI-style 1–5 scale · current vs. 18-month target

Culture, policy, and accountability structures for trustworthy AI across SCDOT.

GV-1Agency AI policy adopted and approved by the Commission

Adopted Q1; annual review cycle set.

Implemented

GV-2AI Review Board chartered with engineering, legal, IT, and district representation

Seated; meets monthly.

Implemented

GV-3Risk-tiering rubric (Tier 1–3) applied to every use case at intake

Rubric live; backlog of 4 legacy tools untiered.

Partial

GV-4AI clauses in procurement templates (data rights, model transparency, exit)

Drafted with Procurement Office; pending state review.

Partial

GV-5Roles & accountability (RACI) for AI system owners, stewards, and reviewers

Defined for pilots; not yet agency-wide.

Partial

GV-6Workforce AI literacy training tied to tool access

Launches with WF-1 academy.

Planned

Risk Classification & Tiered Control Intensity

Tier 1 — High

Full AI Review Board approval, documented impact assessment, mandatory human-in-the-loop, quarterly model monitoring review, red-team before production.

Classified systems (4)

  • UC-01Predictive Bridge & Pavement Maintenance HITL
  • UC-02Traffic Signal Timing Optimization HITL
  • UC-03Crash-Data Safety Analytics HITL
  • UC-10Asset Image Recognition from Inspection Photos HITL

Tier 2 — Moderate

AI Review Board notification, streamlined impact assessment, human review of consequential outputs, semi-annual monitoring review.

Classified systems (5)

  • UC-04Automated FHWA Compliance Reporting HITL
  • UC-05511 & TMC Incident Summarization HITL
  • UC-06Encroachment Permit Triage HITL
  • UC-08Workforce Knowledge Assistant
  • UC-09Construction Schedule Risk Analysis HITL

Tier 3 — Low

Registered in AI inventory, standard acceptable-use policy, annual attestation, spot-check audits.

Classified systems (3)

  • UC-07Document Accessibility Automation
  • UC-11Grant Application Drafting Support
  • UC-12Executive Briefing Automation
Tiering follows the NIST AI RMF and reflects consequence of error, autonomy level, and exposure to the traveling public. Every Tier 1 system carries a mandatory human-in-the-loop checkpoint — engineers and operators retain final decision authority.