Blog

Since the release of ISO 42001 in late December 2023, it’s been a year of discovery and education regarding this new flagship artificial intelligence (AI) standard in terms of determining its applicability, use case(s), and benefits to organizations. For those who have since determined ISO 42001 is the right framework for them, the next step has been to prepare for certification, and that involves more than a few steps.

For anyone immersed in digital technology, you know that artificial intelligence (AI) is all the rage right now, and for good reason, the use cases for this technology are growing all the time. But as AI continues to enmesh with daily life as well as business, security concerns have grown in parallel, as have questions regarding the implications on organizations and their ongoing compliance efforts. At the top of mind for many has been how AI factors into SOC 2 examinations.

Since being published in December 2023, a lot of people are still wrapping their heads around the ISO 42001 standard. While designed to help all organizations who provide, develop, or use artificial intelligence (AI) products and services do so in a trustworthy and responsible manner with the requirements and safeguards that the standard defines—including defining your AI role.

While the rapid pace at which artificial intelligence (AI) technology has been both developing and impacting several areas of our daily lives continues, so do the concerns about the tech’s safety, privacy, and bias. As there’s no stopping the ongoing integration of AI, organizations are now wondering what they can do to ease those concerns, and the answer is simple—start with protecting your data.

Trying to keep up with the rapidly emerging and evolving governance of AI? Struggling to figure out how to address customer misgivings about your AI systems?

NOTE: This blog was originally published on 3/24/2024 and has been updated as of 8/1/2024 now that the EU AI Act has been published in the Official Journal of the European Union and “enter[s] into force” 20 days thereafter, or on August 1, 2024.

Now that ISO 42001 has been published, organizations are looking more closely at possible adherence to this new standard for artificial intelligence (AI). But those familiar with established ISO standards will know that this new framework for regulating AI will be similarly rigorous and any opportunity to streamline certification—like a gap assessment—will be enormously advantageous.

Having now grown into one of the world’s leading international security standards, ISO 27001 lays out the required criteria for taking a holistic approach to information security through the implementation and ongoing maintenance of an information security management system (ISMS).