The International Organization for Standardization (ISO) published a new international standard (ISO/IEC 42001:2023) which it dubs the world’s first AI management system (AIMS) standard. It provides a voluntary framework for providers and users of AI solutions to help manage risk and demonstrate responsible use of AI.
What is ISO/IEC 42001?
ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizing AI-based products or services, ensuring responsible development and use of AI systems.
Why is ISO/IEC 42001 important?
ISO/IEC 42001 is the world’s first AI management system standard, providing valuable guidance for this rapidly changing field of technology. It addresses the unique challenges AI poses, such as ethical considerations, transparency, and continuous learning. For organizations, it sets out a structured way to manage risks and opportunities associated with AI, balancing innovation with governance.
What you need to know: ISO/IEC 42001 is a voluntary standard you can utilize as a trust-building tool in the form of a certification or general framework for governing AI.
ISO/IEC 42001 is a significant step forward in AI standards, offering a detailed governance framework for trustworthy and responsible AI use.
As a flexible standard, organizations can choose to certify their AIMs under the standard. It also supports auditing, laying the foundation for external certification and auditing of AI systems, in line with the risk assessment framework in the upcoming ISO/IEC 42006 standard. ISO/IEC 42001 is scalable, making it suitable for organizations of all sizes and sectors.
ISO 42001 is part of a broader suite of standards aiming to govern best practices for trustworthy AI development, deployment, and improvement, including:
- ISO/IEC 22989 (AI Concepts and Terminology)
- ISO/IEC 23894 (AI Risk Management)
- ISO/IEC 38507:2022 (Governance Implications of AI)
- ISO/IEC 42006 (Requirements for bodies providing audit and certification of
Benefits
- Framework for managing risk and opportunities
- Demonstrate responsible use of AI
- Traceability, transparency and reliability
- Cost savings and efficiency gains