The book guides the reader through the auditing and compliance process of the newly released ISO Artificial Intelligence standard. It provides tools and best practices on how to put together an AI management system that is certifiable and sheds light on ethical and legal challenges business leaders struggle with to make their AI system comply with existing laws and regulations, and the ethical framework of the organization.
The book is unique because it provides implementation guidance on the new certification and conformity assessment process required by the new ISO Standard on Artificial Intelligence (ISO 42001:2023 Artificial Intelligence Management System) published by ISO in August 2023. This is the first book that addresses this issue.
As a member of the US/ISO team who participated in the drafting of this standard during the last 3 years, the author has direct knowledge and insights that are critical to the implementation of the standard. He explains the context of how to interpret ISO clauses, gives examples and guidelines, and provides best practices that help compliance managers and senior leadership understand how to put together the AI compliance system to certify their AI system. The reader will find in the book a complete guide to the certification process of AI systems and the conformity assessment required by the standard. It also provides guidance on how to read the new EU AI Act and some of the U.S. legislations, such as NYC Local Law 144, enacted in July 2023.
This is the first book that helps the reader create an internal auditing program that enhances the company’s AI compliance framework. Generative AI has taken the world by storm, and currently, there is no international standard that provides guidance on how to put together a management system that helps business leaders address issues of AI governance, AI structure, AI risk, AI audit, and AI impact analysis. ISO/IEC 42001:2023 is the first international mandatory and certifiable standard that provides a comprehensive and well-integrated framework for the issue of AI governance. This book provides a step-by-step process on how to implement the standard so the AI system can pass the ISO accreditation process.
Author(s): Sid Ahmed Benraouane
Edition: 1
Publisher: Productivity Press
Year: 2024
Language: English
Pages: 190
Cover
Half Title
Title Page
Copyright Page
Table of Contents
Foreword
Preface
Generative AI: The Promise, Risks, Challenges, and Opportunities
Understanding Generative AI
The Promise and Perils of Generative AI
Responsible Development and Deployment
The Generative AI Era
Conclusion
About the Author and the Contributors
Introduction and Book Organization
Part 1: Artificial Intelligence and Generative AI: Forces behind the Digital Transformation
Chapter 1: Artificial Intelligence: A Transformational Technology
Introduction
Definition of AI
Different Types of AI
Artificial Narrow Intelligence (ANI)
Artificial General Intelligence (AGI)
Artificial Super Intelligence (ASI)
Chapter 2: Generative AI: A “Spark from AGI”
Introduction
What Is Generative AI
Generative AI Added Value and Economic Sectors Impacted
Generative AI Harm, Risk, and Cost
Emerging (and Unknown) Abilities
Harmful Content
Privacy and Data Protection
Cybersecurity Threat
Hallucinations
Chapter 3: Economic Impact of Artificial Intelligence
Introduction
Economic Sectors That Will Be Impacted by AI
The Manufacturing Sector
The Finance Sector
The Transportation Industry
National Security and Law Enforcement Sector
The Healthcare Sector
The Cybersecurity Sector
Strategy Implications: The Current State of AI Adoption
AI in Automation: RPA
AI in Prediction: Gaining Cognitive Insight
AI and Cognitive Engagement: Enhancing Customer Relationship Management
AI and Robotics
Industrial Robotics and AI
Medical Robots
Military Robots and AI
Impact of Automation on Society: How Will Society React to AI and Automation?
Scenario One: Society Will Accept AI
Scenario Two: Society Will Reject AI
Scenario Three: Society Will Accept Automation
The Jobs AI Will Create
Trainer
Explainer
Sustainer
Countries’ AI National Strategy
Chapter 4: Digital Transformation: How to Prepare Your Organization for Change
Introduction
Digital Transformation Framework
Leadership Commitment: Building Digital Leadership
Reskilling and Upskilling
Teach Critical Thinking Skills
Teach Innovation
Build a Customer-Centricity Capability
Build an Enterprise Agility
Self-Directed Team to Manage Collaboration
Agile Process: Review Your Decision-Making Process
Part 2: Artificial Intelligence Management System: How to Put in Place an AI Governance System
Introduction
Chapter 5: Clause 4: Context of the Organization
Introduction: Why Context Analysis Is Crucial to AI Management System?
What to Include in the Context Analysis
Competitive Landscape and Stakeholders’ Analysis
Legal Context Analysis: Laws and Regulations
The General Data Protection Regulation
The EU AI Act
Unacceptable Risk
High Risk
Limited Risk
Low Risk
The US AI Regulatory Landscape
The Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence
Ethical AI: Responsible and Trustworthy AI
Do No Harm Principle
The Principle of Fairness and Non-Discrimination
Human Oversight and Respect of Human Autonomy Principle
The Principle of Explainability
The Principle of Robustness
ISO Certification Process: How to Conduct an Analysis of the Context
Step 1: Mobilize the Team and Clarify the Mission
Step 2: Set the Roadmap
Step 3: Conduct Discovery Sessions
Step 4: Start with the External Environment
Step 5: Conduct an Internal Analysis
Chapter 6: Clause 5: Leadership
Introduction
Set the Vision
Set the Vision, Define the Priorities, and the Strategic Direction
Lead with Responsible AI Principles (RAI)
Set the Tone and Use Proactive Communication
AI Policy: Characteristics and Components
What Should Be in the AI Policy?
A Statement on the Scope of the Policy, Its Purpose, and What the Policy Intends to Achieve
Guidelines on the Use of AI in the Organization
Show How AI Management System Integrates with Other Management Systems
Define the Roles and Responsibilities
Data and Privacy
AI Compliance
AI Talent Management
Monitoring and Improvement
Review and Alignments
How Do You Create an AI Policy?
Form the Team
Engage with Stakeholders
Conduct Discovery Sessions and Workshop Meetings with Different Stakeholders
Review the Laws, Regulations, and Ethical Framework
AI Strategy
Step 1: Develop AI Use Case
Enhancing Customer Satisfaction
Agile and Data-Driven Decision-Making Process
Creating Efficiencies
Improving Productivity
Step 2: Assess the Competitive Landscape
Step 3: Reorganize Internally
Build and Update the Current Technology Infrastructure to Empower the AI Management System
Design a Data Strategy
Talent Strategy
AI Oversight: The Role of Board of Directors
Chapter 7: Clause 6: Planning
Introduction
AI Risk Management, Risk Treatment, and Impact Assessment
The Concept of Risk
The Concept of Risk Assessment (Clause 6.1.2)
The Concept of Risk Treatment (Clause 6.1.3)
The Concept of Impact Assessment (Clause 6.1.4)
A Typology of Risks
Performance Risk
Security Risk
Enterprise Risk
Reputational Risk
Legal and Regulatory Risk
AI Scalability Risk
The Black Box Risk
AI Risk Management Planning: Principles, Framework, and Process
AI Risk Framework: A Requirement to Certification
AI Risk Management Foundations
AI Risk Should Be Integrated into the Enterprise Risk Management System
Embrace a Wholistic Perspective
Customize Your Approach
Be Inclusive of Your Stakeholders’ View
Adopt an Agile Mindset
Spell Out Your Assumptions
Pay Attention to the Cognitive Bias
Learn and Improve
The Planning of Data Management Risk: An Imperative to AI Management System
ISO Standard Data Quality Requirements
Data Collection Phase
Data Preparation Phase
Problem Framing Phase
The Planning of Change: AI Management System Change Strategy
Create a Sense of Urgency
Build the Guiding Team
Get the Right Vision
Communicate for Buy-In
Empower Teams
Perseverance
Chapter 8: Clause 7: Support
Introduction
Tangible Resources: The AI Infrastructure
Computing Performance
Storage Capacity
Networking Infrastructure
Security
Intangible Resources: AI Competence Model
What Is a Competence Model?
AI-Focused Competence Model
Competence Domain 1: Digital Planning and Design
Model Competence Domain 2: Data Use and Governance
Model Competence Domain 3: Digital Management and Execution
Model Competence’s Attitudes
Creativity
Adaptability
Experimentation
Curiosity
Trust
Awareness (Section 7.3)
All Employees Need to Be Aware of the AI Policy
Governance and Leadership
AI Scope and Objectives
Use of Responsible AI
AI Risks
Data Usage
How Employees Contribute to a Better Improved AI Management System
Communication between Different AI Teams
The Use of Data
The Need to Reskills and Upskill
Noncompliance Issues of the AI Management System
Communication (Clause 7.4)
Encourage Face-to-Face Communication
The Medium Is the Message
Create Policy Champions
Documented Information
Documented Information Required: What Needs to Be Documented
Chapter 9: Clause 8: Operation
Introduction
AI Project Life Cycle
Design Phase: Process Grouping 1
Identify the Problem
Select the Idea
Understand the Context of the Organization
Conduct a Literature Review
Frame the Question
ISO/IEC 42001 Requirements for Process Grouping 1 (Design)
Responsible AI
Trustworthy AI
Design Phase: Process Grouping 2
Data Collection
Data Wrangling
ISO/IEC 42001 Requirements for Process Grouping 2 (Design)
Data Quality
Data Resources
Development Phase: Process Grouping 3
Build the Model
Evaluate the Model
ISO/IEC 42001 Requirements for Process Grouping 3
Deployment Phase: Process Grouping 4
Monitor Model Behavior
Monitor KPIs
ISO/IEC 42001 Requirements for Process Grouping 4
Chapter 10: Clause 9: Performance Evaluation
Introduction
AI Management System Evaluation and Assessment Requirements
AI Management System Assessment and Audit
The Scope of the Performance Evaluation
Assessment Criteria, Metrics, KPIs
Large Language Models Audit
Set Up an Internal Audit Program
Management Review
Chapter 11: Clause 10: Improvement
Introduction
Corrective Actions and Preventive Actions Framework
Corrective Actions
Preventive Actions
Continual Improvement: The PDCA Approach
Conclusion
Appendix: 50 Most Important Terms in AI and ISO Standards
Bibliography
Index
