ISO/IEC TR 27563
ISO/IEC TR 27563:2023 — Security and privacy in artificial intelligence use cases — Best practices
(first edition)
Abstract
ISO/IEC TR 27563 "outlines best practices on assessing security and privacy in artificial intelligence use cases, covering in particular those published in ISO/IEC TR 24030.
The following aspects are addressed:
an overall assessment of security and privacy on the AI system of interest;
security and privacy concerns;
security and privacy risks;
security and privacy controls;
security and privacy assurance; and
security and privacy plans.
Security and privacy are treated separately as the analysis of security and the analysis of privacy can differ.”
[Source: ISO/IEC TR 27563:2023]
Introduction
This Technical Report analyses and elaborates on the information security and privacy aspects of the 132 use cases for Artificial Intelligence/Machine Learning systems published in ISO/IEC TR 24030:2021 “Information technology - Artificial Intelligence (AI) - use cases”, and provides four additional use cases developed specifically for this TR.
Scope
The standard offers information security and privacy best practice guidance following analysis of ISO/IEC 24030’s use cases.
Structure
Main sections:
5: Analysis of security and privacy
6: Templates for analysis
7: Supporting information
Annex A: Additional use cases
The information security and privacy implications for related groups of AI/ML use cases have been systematically analysed. The results are summarised in bar charts, followed by tables elaborating on the analyses in a standard format.
Status
The current first edition was published in 2023.
Commentary
Cue tumbleweed ...