ISO/IEC 38507 Overview
ISO/IEC 38507 is an international standard that provides guidance on the governance of IT for organizations using AI. It evaluates the governance framework including key elements for decision-making, data use, cultural values, compliance and risk.
Key Provisions
Key provisions and requirements of ISO/IEC 38507.
Clause 4
Governance implications of organizational use of AI
Defines how to maintain and extend existing governance and accountability when introducing AI.
Key Requirements
- Establishing frameworks for maintaining governance during AI adoption
- Setting up procedures to ensure organizational accountability
- Creating governance policies and strategic plans
Clause 5
Overview of AI and AI systems
Understanding AI technology characteristics and identifying organizational impacts and constraints.
Key Requirements
- Analyzing differences between existing IT systems and AI
- Defining responsibility boundaries within the AI ecosystem
- Identifying benefits and organizational constraints of AI use
Clause 6
Policies to address use of AI
Establishing specific management policies for decision-making, data and risk management.
Key Requirements
- Developing governance policies for AI oversight and decision-making
- Building management systems for data use and security
- Establishing policies for cultural/value compliance and legal risk management