< Previous standard ^ Up a level ^ Next standard >
ISO/IEC AWI 27091 — Cybersecurity and Privacy — Artificial intelligence — Privacy protection [DRAFT]
Abstract
TBA
Introduction
TBA
Scope of the standard
“[ISO/IEC 27091 will] provide guidance for organizations to address privacy risks in artificial intelligence (AI) systems and machine learning (ML) models. The guidance[will] help organizations identify privacy risks throughout the AI system lifecycle, and establish mechanisms to evaluate the consequences of and treat such risks.” [Source: SC 27 project proposal]
Content of the standard
TBA
Status
The project started in 2023.
It is at Preliminary Work Item stage.
Personal notes
The project proposal indicates that the standard will identify [generic] privacy risks applicable to AI/ML, and describe the corresponding privacy controls - in other words, the standard will promote a risk-led approach, which sounds good to me.
In line with ISO/IEC 27005, I hope it also mentions the possibility of accepting, sharing or avoiding the privacy risks, aside from mitigating them with privacy controls.
< Previous standard ^ Up a level ^ Next standard >
|