ISO/IEC 42001:2023
In 2023, the International Organization for Standardization introduced ISO/IEC 42001:2023 for artificial intelligence management needs (AIMS). It provides detailed insight into the development, implementation, management and optimization of company processes with the use of AI. At the same time, it is prepared to comply with EU legislation on artificial intelligence (EU AI Act) and provides guidance on how to achieve compliance with these requirements.
The ISO/IEC 42001 standard specifies requirements for the creation, implementation, maintenance and continuous improvement of AIMS systems. Its goal is the maximum benefit and responsible use of AI in the organization.
What does the ISO/IEC 42001:2023 standard contains of?
- Basic requirements and guidelines – requirements and guidelines for establishing, implementing, maintaining and continuously improving AIMS
- Integration – possibility of integration with other standards, e.g. ISO 27001 and ISO 9001
- Structure and Controls - specifies control points that help meet the objectives related to the use of AI and address concerns identified during the risk assessment process, provides implementation guidance for these control points, outlines potential organizational targets and sources of risk, and addresses the use of an AI management system across disciplines or sectors
- Objectives and risks – potential objectives and sources of risk including fairness, security, privacy, robustness, transparency and explainability, accountability, availability, sustainability, availability and quality of training data including AI expertise
- Emphasis on responsible and ethical use of AI applications - including issues such as fairness, non-discrimination and respect for privacy when deploying these systems.
Who is the standard intended for?
To organizations of any size, which
- use AI
- develop or provide AI
- Produce AI
Benefits of ISO/IEC 42001:2023
- Identification of opportunities and risks
- Safe implementation of AI with an emphasis on its responsible use and compliance with legal and regulatory standards
- Implementation of relevant protective and security measures
- Improving the traceability, transparency and quality of data and the AI system
- Increasing efficiency and saving costs
- Increasing trust in the application's AI
- Maintaining the requirements of the legislation