The State University of New York required its 64 campuses to establish or update artificial intelligence guidelines by the end of the year, covering bias evaluation, student data privacy, and responsible AI use. SUNY’s binding AI governance policy passed in May leaves campus IT leaders responsible for vendor evaluation, governance workflows, and scalable compliance. The mandate effectively shifts AI oversight from informal usage norms to formal operational controls—particularly around how campuses assess model risks and how they protect institutional data in AI deployments. The policy is already influencing how CIOs and IT leaders plan for governance workflows beyond a single campus. For university CIOs, procurement teams, and compliance offices, the immediate challenge is turning policy into repeatable practices: risk scoring, documentation, and contracts that align with student privacy and institutional accountability requirements.