“It’s AI compliance… but we can still make it fun.” ‍

- Rob Carson, CEO @ Semper Sec

‍

In the rapidly evolving landscape of Artificial Intelligence and its adoption, regulations are emerging to ensure responsible and ethical deployment. ISO/IEC 42001, the world's first AI management system standard, is a new landmark in AI governance. 

‍

What is ISO/IEC 42001? 

Overview

ISO/IEC 42001 is an international standard for certifying, establishing, implementing, and continually improving Artificial Intelligence Management Systems (AIMS). 

Purpose and Significance

ISO/IECO 42001 is the first AI management standard of its kind, designed to establish responsible use of AI. The standard guides the rapidly changing field of AI technology.

Key Features

1. Addresses Unique AI challenges: ethical considerations, transparency, and continuous learning.
2. Sets out a structured way to manage AI risks and opportunities.
3. Balances innovation with governance.

Who does it apply to, and how? 

“Some controls will be more applicable than others, but essentially, if you are selling a software product that is using AI or providing an AI product or service, it is likely going to apply to you.” 

‍- Rob Carson, CEO @ Semper Sec 

Primary Audience

AI Platform Providers: Offer platforms for AI development and deployment.

AI Product or Service Providers: Supply AI-based products and services to end-users.

AI Consumers: Companies that use AI internally for various applications

AI Producers:

• AI Developers: Create AI algorithms and applications.
• AI Designers: Design AI systems and user interfaces.
• AI Operators: Manage the operation of AI systems.
• AI Testers and Evaluators: Ensure the functionality and performance of AI systems.
• AI Deployers: Implement AI systems in real-world environments.
• AI Human Factor Professionals: Focus on user interaction with AI.
• Domain Experts: Provide expertise in specific fields to enhance AI applications.
• AI Impact Assessors: Evaluate the impact of AI systems on society and business.
• Procurers: Source and acquire AI technologies and services.
• AI Governance and Oversight Professionals: Ensure compliance with AI policies and regulations.

Secondary Audience

AI Partners:

• AI System Integrators: Integrate AI systems with existing technologies.
• Data Providers: Supply data necessary for AI training and functioning.

AI Subjects:

• Data Subjects: Individuals whose data is used by AI systems.
• Other Subjects: Other entities affected by AI systems.

Relevant Authorities:

• Policymakers: Develop regulations and policies for AI.
• Regulators: Ensure adherence to AI standards and regulations.

‍

AI in Security Questionnaires

“A lot of the questions revolve around how AI models interact with customer data. How does my data get into the model, what is your agreement with the model provider, and really, are you treating the data you use to train a model differently than how you treat any other customer data?” 

- Cody Wright, HyperComply CTO

‍

AI Trends in Questionnaires

1. Customers are concerned about the rapid proliferation of Gen AI systems without commensurate security measures.

• What happens to my data once it’s in the system, and who else can see it? 
• How/why is the vendor treating inputs and outputs of models differently than normal customer data?
• Questions relating to the “OWASP Top 10 for Large Language Models” - is the vendor taking the appropriate measures to secure their LLMs, especially where models are exposed to the public? There are so many pitfalls when working with this data, especially when you start getting into action-based models where the LLM is initiating actions that will get executed autonomously.

‍

“OWASP Top 10 for Large Language Models” is a guide to the top 10 things you should think about when building these systems. Any developer that is touching anything to do with AI should read this. We get a ton of questions relating to it.”

- Cody Wright, HyperComply CTO

2. Customers are asking precursor questions to the ISO 42001 style assessments.

• Are employees trained properly on how to use these systems / how to interpret their outputs?
• What policies are in place covering AI-related systems, both in the product and for employees?

‍

“Making sure that there aren’t any shortcuts being taken to expedite AI deployment is important” 

- Cody Wright, HyperComply CTO

‍

Best Practices for Answering Questions Regarding AI

Preparation

Whether you are trying to get certified or are just trying to answer the questions, start with creating your internal AI manual. First, identify who are the stakeholders, internal and external, that can be impacted by the use of AI. Once you identify this, your internal manual should outline your AI governance policy, raci matrix, impact assessment, and system design document. If you put these processes and rules in place early, it is easier to be compliant.

‍

“ISO/IEC 42001 does not stack. ISO 27001 is info security that has a bit of privacy, 27701 can stack on top of that and be part of that scope, whereas ISO/IEC 42001 is a separate cert. So if you’re a SOC2 company you can, and should, go do this independently of an ISO 27001 cert. If you have ISO 27001 you won’t be able to integrate everything into what you already have, but you will feel comfortable going into 42001 because they have mirror documents and similar processes for certification.”

- Rob Carson, CEO @ Semper Sec 

‍

Responses

1. Operate on a need-to-know basis. For example, do you disclose your whole system design document? Before you answer that, remember - you don’t get to ask these customers how they are protecting your answers to these questions.
2. Think through what you already do and how it applies. If it is an AI question related to DR, you can think about how you already answer questions related to DR. 

‍

“Once you go through with one of these ISO/IEC 42001 audits, you will have much better answers for any AI-related questions”

- Cody Wright, HyperComply CTO

‍

FAQ

What does this audit timeline look like? Is it shorter than ISO 27001, etc? 

Short answer - it depends. If you are, for example, already ISO 27001 certified, it can be quick - around a week, but it depends on how you’re using AI. If you are developing AI and creating an AI platform, your audit will be way longer and far more detailed than someone who is using an external algorithm as part of your services. 

‍

If you want to get ahead, there are companies out there that do pre-certifications. The AI audit guidance hasn’t been published, so you can get a preemptive certification so you are ready for when it comes out officially. 

Benefits of getting this certification?

1. Without a certification, it is harder to enforce good behavior internally.
2. In the next 6 months, we will start to see mandates for this by buyers, affecting deals closing. 
3. You can answer security questionnaires faster and more consistently.

What is a certified assessors?

There are many, but aside from just considering who you want to perform your ISO/IEC 42001 audit, consider the types of firms that do other kinds of certifications as well. Future-proof yourself so you don’t have to do extra work. 

Main challenges when implementing ISO/IEC 42001?

If you haven’t already been doing these things, you will have a lot of cleanup to do (training, etc.) People have gotten quite good at getting these certs early in a company’s life, but since AI is so new, almost nobody has done this right from the start. Lots of companies will be re-moulding the org under these new rules. 

Secondly, this is an ever-changing and evolving landscape. So keeping up with changes and educating your team accordingly. 

Are there ethical frameworks that were used when creating ISO/IEC 42001 standard?

Unknown what specific frameworks were used, but ethics was taken heavily into consideration. Generation and interpretation are the areas when it comes to AI, as soon as you’re making decisions based on these models that can affect human beings, is when ethics comes into play. 

What are the top things to consider when responding to AI-related security questionnaires?

The customer is concerned about the ownership of their data. Are you training on their data? If so, what happens if they terminate the contract?

They want to make sure that their private data can’t leak into other accounts. Gen AI/LLM workflows are new and developers are less familiar with how to secure the systems. It's easy to create a lot of problems.

How are permissions for actions a model may take handled? Passed on to existing services for execution via Service Account?

Action models need to be carefully constrained as they open up a large amount of surface area. If for instance, you were thinking about opening up your AWS account to a user-controlled AI Agent (I wouldn’t!), you would need to make sure the role for that account is very tightly controlled. In general, best practice is to minimize the number of actions available and make sure that there are guard rails around the actions to ensure the account boundaries are maintained.

Is there a danger for staff to upload company data to ie. Chat GPT?

Generally, companies/employees should not be uploading private data to public LLMs. Any system that’s used needs to be well understood in terms of data ownership. Decision-making based on LLMs is a nasty subject and prone to significant error and bias.

When will AI RM will be required?

We are probably a year out from seeing this certification become mandatory, but you’re going to need to attest to it in some shape or form very soon. Within the next 6 months, you will start to see questions relating to it come up in things like security addendums in contracts.

How much does it cost to implement ISO/IEC 42001?

Company dependent - reach out to Semper Sec for a quote! 

More Questions about ISO 42001 and how it will apply to your organization?

Reach out to Semper Sec for a free strategy session. 

Want to spend less time on security questionnaires? Book a demo with HyperComply to learn how we help companies automate the process.

View the full webinar here.