How can organizations approach AI-related risks?
Standard ISO-IEC 23894 provides guidance on how organizations that develop, produce, deploy or use products, systems and services that utilize artificial intelligence (AI) can manage risk specifically related to AI. The standard also aims to assist organizations to integrate a risk management framework into their AI-related activities and functions. It moreover details processes for the effective implementation and integration of AI risk management.
The application of this standard’s guidance can be customized to any organization and its context.
Risk management is essential for creating and preserving value within organizations. Standards like ISO 31000:2018 (Risk management — Guidelines) offer universally recognized frameworks and strategies that have been successfully implemented across industries to guide risk management practices.
ISO/IEC 23894 leverages the principles, frameworks, and processes established in ISO 31000:2018, applying them to the context of AI. Instead of creating entirely new methods, the standard adopts these proven risk management concepts to address AI-specific risks.
This approach provides a cohesive international perspective on risk management for AI, ensuring compatibility with existing practices and highlighting best practices tailored to AI challenges.
The complexity in which AI operate introduce new risks for organizations which can positively or negatively impact strategic objectives and alter existing risk profiles. This complexity requires specific attention. ISO/IEC 23894 provides comprehensive guidance on risk management processes throughout the AI system lifecycle (see ISO/IEC 22989). It outlines vertical and horizontal pathways for implementing principles, processes, and frameworks that can be tailored to fit the needs of any organization.
.jpg?width=300&name=shutterstock_2476349523%20(1).jpg)
