New standard provides framework for AI governance across industries

New Standard Provides Framework for AI Governance Across Industries

In light of the rapid advancements in artificial intelligence (AI), there is an increasing focus on establishing robust systems for the governance of these transformative technologies. Enter the ISO/IEC 42001 Standard, introduced last year as a comprehensive guideline for the management of AI systems. This standard aims to provide a framework for businesses and organizations of all sizes involved with AI technologies, offering a strategic approach to address the potential risks and opportunities associated with AI.

ISO/IEC 42001 has positioned itself distinctively from other standards by providing a systematic approach to managing AI development, deployment, and usage within organisations. While previous standards like ISO/IEC 22989 and ISO/IEC 23053 have focused on AI terminology and frameworks, 42001 centres around integrating management systems specifically for AI.

The new standard is applicable to a diverse range of sectors, including public agencies, commercial entities, non-profit organisations, and industries worldwide. It prescribes a methodical implementation strategy employing the Plan-Do-Check-Act cycle. This approach aims to help organisations develop policies and objectives in a responsible manner, encompassing AI management system planning, execution, and continuous improvement.

Major accounting firm Schellman has been instrumental in interpreting the standard, providing organisations with guidance on how to align their operations with ISO/IEC 42001. Schellman recommends that businesses first delineate the scope of their AI Management System (AIMS) and address issues that impact its purpose and strategic direction. This includes understanding the requirements of stakeholders such as customers, suppliers, employees, and regulatory bodies. A critical aspect of this process is the clarification of strategic business objectives and customer expectations in relation to AI.

A significant emphasis is placed on demonstrating top management commitment to AI governance. This involves defining policies and creating roles with clear responsibilities and authorities to ensure management engagement. Organisations are encouraged to articulate their AI objectives while assessing associated risks, impacts, and opportunities. To this end, an AI impact assessment is advised, scrutinising potential consequences on individuals and society, which goes beyond the provisions of other ISO standards.

Additionally, the standard necessitates that organisations ensure proper allocation of resources and competency for those working within the AIMS framework. Maintenance of documented information and effective communication strategies is crucial for supporting the AIMS, requiring adequate personnel along with essential data and technological assets.

As part of ISO/IEC 42001’s comprehensive methodology, organisations are required to monitor and evaluate AIMS performance, conduct internal audits, and perform regular management reviews. These measures ensure that any nonconformities are addressed timely, facilitating continuous improvement of the AI management systems.

By adopting these rigorous guidelines, organisations can more effectively manage AI operations, ensuring they are not just compliant but also optimally functioning in line with strategic aspirations. The introduction of ISO/IEC 42001 marks a pivotal step in standardising AI governance practices, providing a solid foundation as businesses navigate the complexities of integrating AI technologies into their operatives.

Source: Noah Wire Services