AI Policy & Framework AI Policy & Framework| ISO 42001 Artificial Intelligence Management System (AIMS) Artificial Intelligence Management System (AIMS) ISO 42001 AIMS ISO 42001 Artificial Intelligence Management System (AIMS)

AI Policy & Framework| ISO 42001 (AIMS) - O

by Poorva Dange

Every organization requires a structured AI risk management system to avoid harmful consequences caused by AI Policy.  AI systems should be evaluated for negative results which may arise unexpectedly because they perpetuate biases and violate privacy practices and generate decisions posing threats to human rights and safety. 

Principles for AI Policy and Framework

1. Transparency and Explainability: 

  • Explainability functions as a subsidiary principle to Transparency and applies mainly to AI systems integrated into decision systems. A total of 5 elements serve as essential components for achieving this principle which includes:
  • AI systems used during decision making will be explained to users.

  • The system operator needs to describe the precise function that AI serves in its operations. 

  • The training data descriptions include historical and social biases analysis (if present) together with quality verification data procedures.

  • The system needs documentation on avenues users can utilize to engage their business and IT teams when filing complaints regarding AI system outputs.

  • Users in the financial sector struggle to understand credit score reasoning when the AI system provides limited information about its decision logic. The systems' unexplained operations damage user trust and negatively affect the reputation of the company. 

2. Repeatability / Reproducibility

  • The repetition of results from AI systems does not completely align with model explanation but maintaining a consistent repeatability performance helps users trust the system. 
  • The organization must ensure the protection of safety and inclusive growth together with societal and environmental well-being.

  • All AI systems at organization should undergo design deployment and utilization methods that promote AI systems.

  • The organization works to reach maximum societal benefits and enhance human welfare. 

  • The organization must support human values consisting of at least these elements alongside additional ones: improving health and healthcare; improving living situations; improving working conditions.

  • A decision-making system that examines social media and e-commerce data for trustworthiness assessment conflicts with human rights and democratic values so any such systems must not be developed or deployed at the organization. The newly implemented EU AI Act and other global regulations prohibit the use of these types of AI systems.

3. Security, Privacy and Robustness

AI developers should gain individual consent for every case where personal data needs disclosure or utilization in the framework of AI system construction or deployment. Data protection and privacy will require continuous guarantees from the systems until the conclusion of the AI system's life cycle. All information obtained from users should stay protected from unlawful or discriminatory use against them. Eventually developers must include safety first principles alongside privacy first principles in their systems design implementations while referring to global privacy and information security guidelines.

4. Fairness 

AI researchers should design its development without creating any form of discrimination toward their target user base. Every AI solution must avoid standardized approaches because they must handle every imaginable element from user demographic variables (including age, gender, faith and racial background) in an equitable way. All stakeholders can participate equally in assessment processes through the implemented system.

AI Policy & Framework| ISO 42001 Artificial Intelligence Management System (AIMS)

5. Data Governance

Data governance stands as an essential principle which enhances the other principles from the viewpoints of data quality and data compliance. organization implements the Data Governance Framework as its path to achieve this principle.

6. Accountability and Human Agency & Oversight (Controllability)

  • The developers at organization and business owners of AI models as well as all AI actors ensure performance accountability for AI solutions in organization. The roles within the organization must uphold the correct operation of AI systems which remains compliant with AI principles outlined in this policy. The organization requires accountability since it creates tools to diminish AI system risks and create usable risk governance methods.

  • The achievement of the accountability principle in AI system design requires analyzing system purpose alongside technology capability and quality reliability and sensitive data to evaluate how AI systems affect users and society.

  • A system deployed without adequate validation along with human supervision can yield risk-filled decisions using untrustworthy bits of irrelevant information leading to dangerous consequences.

AI systems requiring safeguard mechanisms to maintain human control play a critical role when they assist with high-risk decisions such as military operations and autonomous vehicle management and credit scoring processes at banks and other scenarios involving human safety and democratic values and human rights. These controllability measures will include:

  • Systems following a Human-in-the-Loop (HITL) procedure need manual approval to conduct high risk AI operations.
  • High risk AI decisions will be monitored with Human-on-the-Loop procedures to enable human supervisors who can interrupt AI operations.

Understanding The Needs and Expectations of Interested Parties

1. The process requires organizations to comprehend requirements from all parties who have interest in specific tasks or programs.

2. The AI Ethics and Governance Committee defines effective operationalization for AI governance practices by assessing the needs and specifications of involved stakeholders.

3. The AI management system requires involvement of parties that pertain to its operational sphere.

4. The relevant requirements of these interested parties when customers present consistent complaints the AI Ethics and Governance Committee will assess these complaints to initiate prompt actions.

Risk Management

The organization will evaluate the risks and possibilities linked to the AI system during planning for the AI management system while developing strategies to address these matters.
 The AI management system warrants assurance from all stakeholders about reaching its planned outcomes.

  • Prevent or reduce undesired effects

  • Achieve continual improvement.
    Organization will create and sustain AI risk criteria which help us:
  • Distinguishing acceptable from non-acceptable risks

  • Performing AI risk assessments

  • Conducting AI risk treatment
     The AI risk treatment will get assessed for its effectiveness.
  • Assessing AI risk impacts.

    The organization will establish risks and opportunities through these considerations:
  • The domain and application context of an AI system. 

Conclusion

Responsible AI governance depends on a complete AI Policy & Framework as its fundamental element. Digital organizations can deliver AI systems which match organizational values and regulatory standards through clear objective definition and ethical standards implementation and operational guidelines development. The framework enables organizations to build responsible AI use cultures in addition to the requirements articulated by ISO 42001.

More from: AI Policy & Framework AI Policy & Framework| ISO 42001 Artificial Intelligence Management System (AIMS) Artificial Intelligence Management System (AIMS) ISO 42001 AIMS ISO 42001 Artificial Intelligence Management System (AIMS)
Back to ISO 42001 Artificial Intelligence Management System (AIMS)