[HN Gopher] I implemented an ISO 42001-certified AI Governance p...
___________________________________________________________________
I implemented an ISO 42001-certified AI Governance program in 6
months
Author : azhenley
Score : 25 points
Date : 2025-11-15 17:04 UTC (5 hours ago)
(HTM) web link (beabytes.com)
(TXT) w3m dump (beabytes.com)
| aleks5678 wrote:
| Who audits compliance?
| simonjgreen wrote:
| An internal audit is how you go from gap assessment to ready
| for external audit.
|
| External auditors should be selected by looking for ones who
| themselves are audited by your regional government auditing
| body. Eg if you wanted to be audited and certified for
| ISO27001, and you happened to be in UK, you may choose BSI as
| your external auditor, who themselves are audited by UKAS.
|
| It's a web of trust model.
|
| The purpose of these certificates are to shortcut compliance
| checks by your customers (or in some cases suppliers).
| aanet wrote:
| Thanks a ton for posting this ! I have been looking for just such
| material on implementing AI Governance (at a non profit, if that
| matters). The whole literature and research listed there is super
| helpful to me.
|
| Thanks Beatrice
| Alex2037 wrote:
| >Or can we follow the decades of experiences built when
| developing new technologies like planes, trains, and automobiles?
| Indeed, we can.
|
| do we regulate any software the way we regulate planes?
|
| operating systems? compilers? web browsers?
| text/image/video/audio/3D editors? video games?
| markerz wrote:
| Health care software with HIPPA compliance? Or SOC2? It's not
| the same but it's a high degree of regulation.
| reed1234 wrote:
| I feel like for software it depends on the use case, not the
| technology. There a plenty of laws about software use cases
| such as data storage and privacy compliance etc.
| OtherShrezzing wrote:
| Well for starters, the software that runs on planes.
___________________________________________________________________
(page generated 2025-11-15 23:02 UTC)