In response to the rise of AI and the challenges it
creates, the ISO and IEC had created the ISO/IEC 42001 standard and issued at
the end of 2023. This global standard specifies the requirements for
establishing, implementing, maintaining and continually improving an AI management
system. SGS held a webinar named “Build trust in your AI applications with
ISO/IEC 42001” on 11 Jan 2024 at 3:00pm (EST) equal to HKT at 4:00am on 12 Jan
2024 so that I wake up very early to attend this webinar and summarized as
follows.
In the beginning, Mr. Willy Fabritius (Global Head of
Strategy & Business Development Information Security, SGS) give opening speech
and introduced SGS background. He said ISO is from Greek word “isos” meaning “equal”.
And then he introduced the speaker Ms. Kim Lucy (Director of GRC Standards at
Microsoft).
Ms. Kim Lucy firstly said AI serviced humans that demand
for oversight and control. Thus, development of AI specific international
standards help to fulfill the demands for safe, responsible and trustworthy AI.
Three key principles for AI management system standards are “Flexible”, “Durable”
and “Transversal & Scalable”. The foundational AI ecosystem was described.
After that the ISO/IEC 42001 development history were
stated since 2020. It is matching the EU AI Act. Because customer demanded for assurance and
trust of AI system and some key central concepts of AI governance, risk and compliance
(AI GRC) ecosystem are aligned with ISO/IEC 23894 (Risk Management) and ISO/IEC
38507 (Governance).
And then Ms. Kim Lucy briefed the ISO/IEC 42001
structure including management clauses which are mainly requirements, Annex A
and B are guidance as well as, Annex C for AI related organizational objective
and risk resources as supplemental information.
Finally, she gave a summary of ISO/IEC 42001:2023 to
give an overview of the AIMS standard.
She also compared the different between ISO/IEC 42005 -AI
system impact assessment (expected to be published 2025) and ISO/IEC 23894:2023
– AI guidance on risk management.
Lastly, she mentioned the other supporting standards
such as ISO 23053, 5259, 22989 are within the foundational ecosystem.
At the end, they introduced different related ISO
standards, as well as, different legislation and regulations in different countries
to be developed.
Reference
SGS ISO/IEC 42001 website - https://www.sgs.com/en/services/iso-iec-42001-certification-artificial-intelligence-ai-management-system
沒有留言:
發佈留言