AS ISO/IEC 23894:2023

$175.82

Information technology — Artificial intelligence — Guidance on risk management

AS ISO/IEC 23894:2023 identically adopts ISO/IEC 23894:2023, which provides guidance on how organizations that develop, produce, deploy or use products, systems and services that utilize artificial intelligence (AI) can manage risk specifically related to AI.

Table of contents
Header
About this publication
Preface
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Principles of AI risk management
5 Framework
5.1 General
5.2 Leadership and commitment
5.3 Integration
5.4 Design
5.4.1 Understanding the organization and its context
5.4.2 Articulating risk management commitment
5.4.3 Assigning organizational roles, authorities, responsibilities and accountabilities
5.4.4 Allocating resources
5.4.5 Establishing communication and consultation
5.5 Implementation
5.6 Evaluation
5.7 Improvement
5.7.1 Adapting
5.7.2 Continually improving
6 Risk management process
6.1 General
6.2 Communication and consultation
6.3 Scope, context and criteria
6.3.1 General
6.3.2 Defining the scope
6.3.3 External and internal context
6.3.4 Defining risk criteria
6.4 Risk assessment
6.4.1 General
6.4.2 Risk identification
6.4.2.1 General
6.4.2.2 Identification of assets and their value
6.4.2.3 Identification of risk sources
6.4.2.4 Identification of potential events and outcomes
6.4.2.5 Identification of controls
6.4.2.6 Identification of consequences
6.4.3 Risk analysis
6.4.3.1 General
6.4.3.2 Assessment of consequences
6.4.3.3 Assessment of likelihood
6.4.4 Risk evaluation
6.5 Risk treatment
6.5.1 General
6.5.2 Selection of risk treatment options
6.5.3 Preparing and implementing risk treatment plans
6.6 Monitoring and review
6.7 Recording and reporting
Annex A
A.1 General
A.2 Accountability
A.3 AI expertise
A.4 Availability and quality of training and test data
A.5 Environmental impact
A.6 Fairness
A.7 Maintainability
A.8 Privacy
A.9 Robustness
A.10 Safety
A.11 Security
A.12 Transparency and explainability
Annex B
B.1 General
B.2 Complexity of environment
B.3 Lack of transparency and explainability
B.4 Level of automation
B.5 Risk sources related to machine learning
B.6 System hardware issues
B.7 System life cycle issues
B.8 Technology readiness
Annex C
Bibliography

Cited references in this standard
Content history
DR AS ISO/IEC 23894:2023

Please select a variation to view its description.

Published

25/08/2023

Pages

30

Please select a variation to view its pdf.

AS ISO/IEC 23894:2023
$175.82