What is ISO42001?

ISO/IEC 42001 is the world's first AI standard. It can be utilized as a tool to build trust through certification or as a general framework for the governance of AI.

The standard is a significant advancement in AI and its application, providing a detailed governance framework for the reliable and responsible use of AI. ISO/IEC 42001 is suitable for organizations of all sizes and sectors.

The standard is part of a broader package of standards aimed at guiding best practices for the reliable development, implementation, and improvement of AI. An overview of the standard can be seen below. 

 

AI Regulation - Why Choose ISO42001

The increasing use of AI has raised many concerns about its impact on fundamental rights and freedoms. In response to this, the European Union (EU) has taken a significant step to regulate AI.

The EU’s AI Regulation is the world's first concrete initiative to regulate AI. Its aim is to make Europe a global hub for trustworthy AI by setting rules for the development, marketing, and use of AI within the EU. The regulation seeks to ensure that AI systems in the EU are safe and respect fundamental rights and values. Additionally, its goals include promoting investment and innovation in AI, enhancing governance and enforcement, and encouraging a unified EU market for AI.

The regulation has established clear definitions for the various actors involved in AI: providers, implementers, importers, distributors, and manufacturers of products. This means that all parties involved in the development, use, import, distribution, or manufacturing of AI models will be held accountable. 

Despite the absence of legislation regarding AI usage, you can proactively embrace responsibility in the use of AI as a business, both for your organization and your customers.

 

ISO42001 OVERVIEW

Scopet refererer til virksomhedens omfang af aktiviteter og elementer, som er inkluderet.

Normative references henviser til dokumenter der er officielt nævnt og er en integreret del af en standardarden.

Terms and conditions refererer til de juridiske og forretningsmæssige vilkår, der styrer brugen af en standarden. 

4.1 Understanding the organization and its context

4.2 Understanding the needs and expectations of interested parties

4.3 Determining the scope of the AI management system

4.4 AI management system

5.1 Leadership and commitment

5.2 AI policy

5.3 Roles, responsibilities and authorities

6.1 Actions to address risks and opportunities

6.2 AI objectives and planning to achieve them

6.3 Planning of changes

7.1 Ressources 

7.2 Competence

7.3 Awareness

7.4 Communication

7.5 Documented information

8.1 Operational planning and control

8.2 AI risk assessment

8.3 AI risk treatment

8.4 AI system impact assessment

9.1 Monitoring, measurement, analysis and evaluation

9.2 Internal audit

9.3 Management review

10.1 Continual improvement

10.2 Nonconformity and corrective action

Benefits of implementing ISO 42001

  • Protection of company data

  • Ethical and responsible use of AI
  • Framework for managing risks and opportunities
  • Credibility towards your customers and partners

  • Enhanced understanding of AI usage

  • Ahead of upcoming legislation

Who should be ISO42001 certified

The ISO 42001 standard is recommended by ISO to apply to businesses of all sizes.

All companies increasingly using AI to perform their work, such as software companies, consulting, and support activities, should adopt the ISO 42001 standard.