As artificial intelligence continues to become increasingly integrated into regular business operations, the need for its responsible development and use also continues to grow. From bias and fairness to data privacy and security concerns, the risks associated with AI are driving governments around the world to introduce new and evolving legislation aimed at ensuring its ethical and safe deployment.

As AI continues to transform industries worldwide and organizations continue to innovate their use of AI in regular practice, they are also faced with growing pressure to demonstrate that their AI systems are secure, trustworthy, and responsible. With regulatory scrutiny and public concern over widespread use of AI on the rise, aligning with established frameworks and standards has become essential for maintaining credibility and mitigating risk.

As the adoption of artificial intelligence (AI) continues to grow and evolve across industries, so do concerns about security, trust, and responsible use and management. In response, as a joint effort between the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the ISO/IEC 42001:2023 framework was officially published in December 2023.

Since its publication in December 2023, business leaders are still wrapping their heads around the ISO 42001 standard. The framework is designed to help any organization who provides, develops, or uses artificial intelligence (AI) products and services to do so in a trustworthy and responsible manner, guided by the requirements and safeguards that the standard defines—including clearly defining your AI role.

When seeking ISO 42001:2023 certification, you need to ensure that your artificial intelligence management system (AIMS) aligns with the standard’s framework clauses (4-10), each of which focuses on a specific facet—context, leadership, planning, support, operation, performance evaluation, and improvement.

ISO/IEC 42001:2023 has rapidly become the global standard for Artificial Intelligence (AI) governance. While it is a close cousin of ISO/IEC 27001:2022, ISO 42001—rather than focusing primarily on cyber and information security—takes a more holistic approach to risk management for AI systems.

Within a few months of their latest update to their Data Protection Requirements (DPR) to address a coding incident (version 9.1), Microsoft released a draft or “pre-read” for their version 10 requirements that will be utilized for its Supplier Security and Privacy Assurance (SSPA) process as of the 2025 fiscal year. Arguably the largest update to the DPR since September 2018, v10’s new mandates address artificial intelligence (AI) and include important references to ISO 42001 that suppliers may want to take advantage of during their next compliance cycle.

Stepping foot into Davos for the very first time was akin to entering a realm of unparalleled wonder. While getting the invitation itself had been surreal, actually walking in as a delegate of the Cyber Future Foundation felt like a dream materializing into reality.