Topic-specific policies
ISO/IEC 27091


Search this site
 

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >

 

New project Jan ISO/IEC AWI 27091 — Cybersecurity and Privacy — Artificial intelligence — Privacy protection [DRAFT]

 

Abstract

TBA
 

Introduction

TBA

 

Scope of the standard

“[ISO/IEC 27091 will] provide guidance for organizations to address privacy risks in artificial intelligence (AI) systems and machine learning (ML) models. The guidance[will] help organizations identify privacy risks throughout the AI system lifecycle, and establish mechanisms to evaluate the consequences of and treat such risks.”
[Source: SC 27 project proposal]

 

Content of the standard

TBA

 

Status

The project started in 2023.

It is at Preliminary Work Item stage.

 

Personal notes

The project proposal indicates that the standard will identify [generic] privacy risks applicable to AI/ML, and describe the corresponding privacy controls - in other words, the standard will promote a risk-led approach, which sounds good to me.

In line with ISO/IEC 27005, I hope it also mentions the possibility of accepting, sharing or avoiding the privacy risks, aside from mitigating them with privacy controls.

 

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2023 IsecT Ltd.