IBM announced the launch of IBM Cloud Sovereignty Risk Profile, a tool designed to help enterprises document control and demonstrate compliance with digital sovereignty requirements. The announcement follows a global study by the IBM Institute for Business Value and Dubai Future Foundation showing that 93% of executives say sovereignty must be factored into business strategy.

The study revealed that less than one-third of organizations know where and what AI runs, and only 18% maintain an updated AI inventory. The new tool integrates with IBM's Security and Compliance Center Workload Protection platform to provide continuous monitoring across cloud workloads.

IBM Cloud Sovereignty Risk Profile aims to help enterprises assess control requirements including data residency, encryption, resilience, concentration risk and operational independence. The tool provides audit-ready evidence for regulatory compliance as AI workloads scale.

The launch is part of IBM's broader digital sovereignty portfolio, which includes IBM Sovereign Core, a software platform for building AI-ready sovereign environments. IBM's approach centers on four pillars: provability, prevention, privacy and portability.

The company's Keep Your Own Key technology, delivered through IBM Key Protect for IBM Cloud, allows clients to maintain control over encryption keys backed by FIPS 140-3 Level 4 certified hardware. IBM Cloud offers deployment models including dedicated Multizone Regions and single-tenant cloud environments.

The platform uses open technologies including Red Hat OpenShift, Kubernetes and open APIs to enable workload portability across environments. IBM Cloud is built to help clients move workloads across clouds and on-premises environments without vendor lock-in.