This article summarizes information from a webinar on the integration of AI management, information security and privacy on February 25, 2025. The webinar focused on AI systems and AI management systems (AIMS) according to ISO/IEC 42001, objectives and measures in relation to AI systems, the relationships between ISO/IEC 42001, ISO/IEC 27001 and ISO/IEC 27701, and specific security threats and failures in AI systems.
AI systems and AI management systems (AIMS) according to ISO/IEC 42001
An artificial intelligence (AI) system is an engineering system that generates outputs such as content, predictions, recommendations, or decisions for a given set of human-defined goals. It can use various AI-related techniques and approaches to develop a model for representing data, knowledge, and processes.
An AI management system (AIMS) is a set of interrelated or interacting elements of an organisation designed to establish policies and objectives and processes to achieve those objectives in relation to the responsible development, delivery or use of AI systems.
ISO/IEC 42001 specifies the requirements for the establishment, implementation, operation and continuous improvement of AIMS. It is intended for organisations that develop, provide or use products or services based on AI systems.
Objectives and measures in relation to AI systems
Organizations have various AI-related goals such as accountability, AI expertise, data availability and quality, environmental impact, fairness, sustainability, privacy, robustness, security, transparency, and explainability.
Sources of risk in AI include environmental complexity, sources of risk related to machine learning, system lifecycle issues, level of automation, system hardware issues, lack of transparency and explainability.
ISO/IEC 42001 contains 38 reference measures to help organisations achieve their goals and mitigate AI risks.
Relationships between ISO/IEC 42001, ISO/IEC 27001 and ISO/IEC 27701
ISO/IEC 42001 focuses on AI management, but also emphasizes the importance of integration with general or industry management system standards such as ISO/IEC 27001 for information security and ISO/IEC 27701 for privacy.
The integration of AIMS with ISMS according to ISO/IEC 27001 allows organizations to systematically address the framework of classical information and system security issues, but also new, AI-specific security issues. The integration of AIMS with PIMS according to ISO/IEC 27701 enables organizations to effectively address privacy obligations.
Specific security threats and failures in AI systems
ISO/IEC DIS 27090 provides guidelines for dealing with security threats and failures specific to AI systems. It aims to provide organisations with information about threats, descriptions of ways to detect and mitigate them.
Threats to AI systems include data poisoning attack, evasive attack, member disclosure, model exfiltration, model inversion, direct model poisoning, direct model theft, direct data leakage, model input leakage, sensitive model output, injection on input, and output containing injection attacks.
Conclusion
AI systems are increasingly being used in a variety of industries, and organisations need to address the associated risks and challenges. ISO/IEC 42001 and other relevant standards provide a framework for organisations to effectively manage AI, comply with the EU AI Act and achieve AI objectives.