Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development
The Path to Managing AI Ethically - and Achieving ISO 42001
Schellman CEO Avani Desai on Bridging Gaps in Compliance With the ISO StandardSee Also: OnDemand | Fireside Chat: Staying Secure and Compliant Alongside AI Innovation
In late 2023, the debut of ISO/IEC 42001 marked a major advance in AI standards, offering a systematic framework for AI management. Avani Desai, CEO of Schellman, sees it as a "paradigm shift" that emphasizes managing AI-specific risks that are distinctly different from traditional concerns.
Desai underscored the necessity for teams such as cybersecurity, legal and HR to understand the nuanced aspects of ISO/IEC 42001.
She said, "42001 emphasizes considerations that I think are beyond traditional MSS framework - issues like cultural norms, ethical implications inherent to AI systems, responsibility of AI management." These areas, which previously were not central to control frameworks, signal a significant shift in approach, so Desai said organizations should expect a learning curve.
She recommended allocating plenty of time to prepare for certification. "Organizations are going to want to be first to market on these certifications, and you have to give yourself a little bit of runway," she said.
In this video interview with Information Security Media Group, Desai discussed:
- An overview of ISO/IEC 42001 and how its certification signals trust among stakeholders in ethical AI management;
- Hurdles organizations may face in attaining ISO/IEC 42001 compliance, particularly in terms of data protection and risk mitigation;
- The evolving regulatory framework surrounding AI governance and security compliance.
Desai has domestic and international experience in information security, operations, P&L, oversight and marketing involving both startup and growth organizations. She has been featured in Forbes, CIO.com and The Wall Street Journal and is a sought-after speaker on a variety of emerging topics, including security, privacy, information security, future technology trends and the rising number of young women involved in technology.