On December 18, 2023, the International Organization for Standardization (#ISO) adopted ISO 42001-2023, which sets a voluntary #standard for organizations to implement an #artificial #intelligence (#AI) management system. ISO 42001 may become an enforceable standard for AI #governance. Organizations deploying high-risk systems must demonstrate compliance with the EU AI Act. EU policymakers have indicated that compliance with ISO 42001 may be incorporated into the conformity assessment requirements. #NIST could align some of its future AI-standards setting work with ISO 42001. Given that US regulators are likely to rely on NIST’s AI standards for establishing AI regulatory regimes, this has the potential to translate aspects of ISO 42001 into enforceable obligations in the US. More details, here: https://lnkd.in/dVpU_4Sh
Yes, regulatory compliance can be daunting; as someone deeply involved in health and finance sectors, I wonder how this standard could influence the balance between innovation and regulation. Despite Daniel's valid cautionary tale on the real-life impact of such standards, do you think there's potential for ISO 42001 to enhance responsible AI deployment, or might it follow the same path?
Data Protection & Governance dude | Founding member of Data Protection City | unCommon Sense "creative" | Proud dad of 2 daughters
8moUnpopular opinion: Tudor, please let me disagree with the stated intentions of this standard. As with almost any ISo standard, in the last decades, it is just another bullshit document, with ZERO influence in real life. In my defense, I would quote ISO9001 (for which I'm a qualified auditor) and see the huge difference between its requirements and the real status of those holding that certification. BTW, short time after GDPR, an ISO standard was released for that. I would challenge you to tell me its number without searching it on Google (or ChatGPT) 😁