Topic-specific policies
ISO/IEC 27091


Search this site
 

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >

 

New project Jan ISO/IEC 27091 — Cybersecurity and Privacy — Artificial intelligence Privacy protection [DRAFT]

 

Abstract

TBA
 
 

Introduction

TBA

 

Scope of the standard

“[ISO/IEC 27091 will] provide guidance for organizations to address privacy risks in artificial intelligence (AI) systems and machine learning (ML) models. The guidance[will] help organizations identify privacy risks throughout the AI system lifecycle, and establish mechanisms to evaluate the consequences of and treat such risks.”
[Source: SC 27 project proposal]

 

Content of the standard

TBA

 

Status

The project started in 2023.

It is at PWI stage.

 

Personal notes

The new project proposal indicates that the standard will identify [generic] privacy risks applicable to AI/ML, and describe the corresponding privacy controls - in other words, the standard will promote a risk-led approach, which sounds good to me. I hope it also notes the possibility of accepting, sharing or avoiding the privacy risks, aside from mitigating them with privacy controls.

 

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2023 IsecT Ltd.