ISO/IEC 42001:2023

In December 2023, the International Organization for Standardization introduced ISO/IEC 42001 to address artificial intelligence management systems (AIMS). It provides detailed insight into the development, implementation, management, and optimization of company processes involving AI. At the same time, it aligns with EU legislation on artificial intelligence (the EU AI Act) and provides guidance on achieving compliance with these requirements.

The ISO 42001 standard specifies requirements for the creation, implementation, maintenance, and continuous improvement of AIMS.

What does the ISO/IEC 42001:2023 standard contains of?

• Basic requirements and guidelines – requirements and guidelines for establishing, implementing, maintaining and continuously improving AIMS
• Integration – possibility of integration with other standards, e.g. ISO 27001 and ISO 9001
• Structure and Controls - specifies control points that help meet the objectives related to the use of AI and address concerns identified during the risk assessment process, provides implementation guidance for these control points, outlines potential organizational targets and sources of risk, and addresses the use of an AI management system across disciplines or sectors
• Objectives and risks – potential objectives and sources of risk including fairness, security, privacy, robustness, transparency and explainability, accountability, availability, sustainability, availability and quality of training data including AI expertise
• Emphasis on responsible and ethical use of AI applications - including issues such as fairness, non-discrimination and respect for privacy when deploying these systems.