Understanding ISO 22989’s Role in Artificial Intelligence Governance

There is a lot of talk about the latest development in AI governance, ISO 42001.  However there is another relevant standard playing a crucial role in shaping the landscape of AI development and implementation: ISO 22989

In this blog, we’ll delve into what ISO 22989 is, its importance, and how it can be effectively utilised.

What is ISO 22989?

ISO 22989, titled “Artificial Intelligence Concepts and Terminology,” is a standard developed by the International Organisation for Standardisation (ISO). It aims to provide a common framework for understanding and communicating key concepts and terminology related to AI. By establishing a unified language, ISO 22989 facilitates clearer communication and collaboration among AI professionals, stakeholders, and organisations across the globe.

Key Components of ISO 22989

Standardised Terminology: One of the primary objectives of ISO 22989 is to create a standardised vocabulary for AI. This includes definitions for various AI-related terms such as machine learning, neural networks, deep learning, and more. Having a common set of terms helps eliminate confusion and ensures that everyone involved in AI projects is on the same page.

Conceptual Framework: ISO 22989 outlines a conceptual framework for AI, which includes the main components, processes, and relationships within AI systems. This framework provides a structured way to understand how different aspects of AI interact and how they can be effectively managed.

Ethical and Societal Considerations: The standard also emphasises the importance of ethical considerations in AI development and deployment. It highlights the need for transparency, accountability, and fairness in AI systems to ensure they are used responsibly and do not cause harm to individuals or society.

AI Life Cycle Model: The standard also provides an AI Life cycle model which can be used to comply with legislation and other standards such as ISO 42001.

ISO 22989 Relationship to ISO 42001

ISO 22989 is referenced many times within the ISO 42001 standard, most obviously in clause 3, Terms and Definitions, where anything other than the 26 terms explicitly defined should be referenced in the ISO 22989 standard. 

There is a further nod under the term “Interested Party” where it’s cited “An overview of interested parties in AI is provided in ISO/IEC 22989:2022, 5.19.”

A further reference is made in clause 4.1, where there is a requirement to determine the organisation’s role relevant to the AI system in scope.  A detailed description of roles is provided in ISO 22989.

Additional references can be found in the Annexes of ISO 42001, including “various system resource considerations” and the life cycle stages which are both described in ISO 22989.

Conclusion

While organisations do not need to have access to ISO 22989 in order to govern their AI system, or successfully achieve ISO 42001, there are many benefits to having reference text available. 

However, using an ISO Consultant such as Assent Risk Management gives you access to a much wider range of knowledge and experience which draws on many different international standards across multiple domains.  

Our consultants can help you implement this, and other standards, choose the right training for your staff, utilise software tools and select a certification body for your AI Management System. Contact us to get started!.

Robert Clements
Robert Clements
Articles: 300