Risk ManagementInternational
ISO/IEC 23894:2023
Information technology - Artificial intelligence - Guidance on risk management. Provides guidance on how organizations that develop, produce, deploy, or use products, systems and services that utilize AI can manage risk specifically related to AI.
Domains
Framework (Clause 5)
Process (Clause 6)
Scope, Terms and References (Clauses 1-3)
Principles (Clause 4)
AI-Specific Risk Sources (Annex A)
Compare ISO/IEC 23894:2023
ISO/IEC 23894:2023 by Industry
ISO/IEC 23894:2023 by Role
Frequently Asked Questions
What is ISO/IEC 23894:2023?
Information technology - Artificial intelligence - Guidance on risk management. Provides guidance on how organizations that develop, produce, deploy, or use products, systems and services that utilize AI can manage risk specifically related to AI.
How many controls does ISO/IEC 23894:2023 have?
ISO/IEC 23894:2023 contains 33 controls organized across 5 domains.
Where does ISO/IEC 23894:2023 apply?
ISO/IEC 23894:2023 is applicable in International. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does ISO/IEC 23894:2023 map to?
ISO/IEC 23894:2023 has control-to-control mappings with 546 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with ISO/IEC 23894:2023 compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for ISO/IEC 23894:2023?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.