ISO/IEC 23894
Information technology - Artificial Intelligence - Guidance on risk management
Overview
Provides guidance for managing risks specific to AI systems including algorithmic bias, transparency, accountability, and safety. Critical for DSA platforms using AI-based recommender systems or content moderation (Articles 27, 35) to assess and mitigate AI-specific risks.
Applicability
AI system risk management for recommender systems and automated decision-making
Relevance to Digital Services Act (DSA)
Essential for DSA platforms using AI recommender systems (Article 27) and algorithmic risk assessments (Article 35)
Key Coverage Areas
Standard Sections & Chapters
AI risk management framework
AI risk assessment
AI risk treatment
Monitoring and review of AI risks
AI risk categories
AI risk treatment options
Related Digital Services Act (DSA) Articles
Article 26: Advertising on online platforms
View Article →AI risk assessment methodology
Implementation Guidance:
Conduct AI-specific risk assessments for recommender systems
Article 27: Recommender system transparency
View Article →AI risk management and monitoring
Implementation Guidance:
Implement ongoing AI risk management for recommendation algorithms
Mapped Obligations:
- Explain main parameters of recommender systems in terms and conditions using plain, intelligible language
Article 34: Risk assessment
View Article →AI-specific risk assessment if applicable
Implementation Guidance:
Include AI/algorithmic risks in systemic risk assessment
Mapped Obligations:
- Consider how recommender systems and algorithms influence risks
Article 35: Mitigation of risks
View Article →AI risk treatment measures
Implementation Guidance:
Apply AI-specific risk treatments for algorithmic systems
Mapped Obligations:
- Test and adapt algorithmic systems including recommender systems
Quick Information
- Organization
- ISO/IEC
- Category
- AI Risk Management
- Certification
- Not available