0
20.1.3
Yokohama Patch 3, Xanadu Patch 9
AI Risk and Compliance involves a strategic framework designed to identify, assess, and mitigate the inherent risks associated with the development and deployment of AI technologies. As organizations increasingly rely on AI systems, it becomes essential to navigate the complexities of compliance with global regulations such as the GDPR and the EU’s AI Act. This framework includes a comprehensive risk assessment process to evaluate potential challenges such as, algorithmic bias, data privacy, and transparency. It ensures that AI systems are developed and used in an ethical and responsible manner. Engaging diverse stakeholders, including ethicists and legal experts, enhances the organization's ability to address the social and ethical implications of AI technologies while fostering a culture of accountability.
- AI System Intake Form to request AI use case, AI model, and Datasets.
- AI Risk and Compliance workspace to manage and monitor the risk and compliance posture of AI systems.
- Perform impact assessments ((using SmartAssessments) to identify how AI systems, models, and datasets affect fundamental rights.
- New Roles & Access Controls to handle AI Risk and Compliance.
- Identify the AI systems from the CMDB by enhancing or leveraging the Entity filter capability.
- Advance Risk Assessment (ARA) integration to identify individual and specific risks associated with AI assets, such as AI systems, models, and datasets. Perform risk assessments on each identified risk separately.
- Auto-creation or resolving entity
- Based on the existence of the CMDB AI System record, an Entity can be auto-created or resolved to an existing record.
- 360-Relationship View:
- Explore the relationships between critical AI assets that impact your business, including controls, risks, and issues.
- New
- Manage AI systems, models, and datasets across their entire life-cycle with consistent governance for better visibility, control, and compliance.
- Perform impact assessments for AI systems, models, and datasets to identify high-risk AI assets.
- Perform risk assessments on individual risks associated with an AI asset based on additional information and testing.
- Manage and oversee AI-related cases and incidents through a structured case management process.
- Build a compliance-ready AI asset inventory aligned with regulatory requirements using the AI framework content pack.
Permissions and roles:
- Role required to install the app: System Admin (admin)