iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC FDIS 42005

(Main)

Information technology — Artificial intelligence — AI system impact assessment

Information technology — Artificial intelligence — AI system impact assessment

This document provides guidance for organizations performing AI system impact assessments for individuals and societies that can be affected by an AI system and its intended and foreseeable applications. It includes considerations for how and when to perform such assessments and at what stages of the AI system lifecycle, as well as guidance for AI system impact assessment documentation. Additionally, this guidance includes how this AI system impact assessment process can be integrated into an organization’s AI risk management and AI management system. This document is intended for use by organizations developing, providing, or using AI systems. This document is applicable to any organization, regardless of size, type and nature.

Technologies de l'information — Intelligence artificielle — Évaluation de l'impact des systèmes d'IA

General Information

Status
Not Published
ICS
35.020 - Information technology (IT) in general
Technical Committee
ISO/IEC JTC 1/SC 42 - Artificial intelligence
Drafting Committee
ISO/IEC JTC 1/SC 42 - Artificial intelligence
Current Stage
5020 - FDIS ballot initiated: 2 months. Proof sent to secretariat
Start Date
19-Feb-2025
Due Date
19-Feb-2025
Completion Date
19-Feb-2025
Ref Project

Buy Standard

ISO/IEC FDIS 42005 - Information technology — Artificial intelligence — AI system impact assessment Released:5. 02. 2025ISO/IEC FDIS 42005 - Information technology — Artificial intelligence — AI system impact assessment Released:5. 02. 2025
PreviousNext
Draft
ISO/IEC FDIS 42005 - Information technology — Artificial intelligence — AI system impact assessment Released:5. 02. 2025
English language
39 pages
sale 15% off
Preview
sale 15% off
Preview
REDLINE ISO/IEC FDIS 42005 - Information technology — Artificial intelligence — AI system impact assessment Released:5. 02. 2025REDLINE ISO/IEC FDIS 42005 - Information technology — Artificial intelligence — AI system impact assessment Released:5. 02. 2025
PreviousNext
Draft
REDLINE ISO/IEC FDIS 42005 - Information technology — Artificial intelligence — AI system impact assessment Released:5. 02. 2025
English language
39 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


FINAL DRAFT
International
Standard
ISO/IEC FDIS
ISO/IEC JTC 1/SC 42
Information technology — Artificial
Secretariat: ANSI
intelligence — AI system impact
Voting begins on:
assessment
2025-02-19
Voting terminates on:
2025-04-16
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
Reference number
FINAL DRAFT
International
Standard
ISO/IEC FDIS
ISO/IEC JTC 1/SC 42
Information technology — Artificial
Secretariat: ANSI
intelligence — AI system impact
Voting begins on:
assessment
Voting terminates on:
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT,
WITH THEIR COMMENTS, NOTIFICATION OF ANY
RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE
AND TO PROVIDE SUPPOR TING DOCUMENTATION.
© ISO/IEC 2025
IN ADDITION TO THEIR EVALUATION AS
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
LOGICAL, COMMERCIAL AND USER PURPOSES, DRAFT
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
INTERNATIONAL STANDARDS MAY ON OCCASION HAVE
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
or ISO’s member body in the country of the requester.
TO BECOME STAN DARDS TO WHICH REFERENCE MAY BE
MADE IN NATIONAL REGULATIONS.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
© ISO/IEC 2025 – All rights reserved
ii
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Developing and implementing an AI system impact assessment process . 3
5.1 General .3
5.2 Documenting the process .3
5.3 Integration with other organizational management processes .4
5.4 Timing of AI system impact assessment .4
5.5 Scope of the AI system impact assessment .5
5.6 Allocating responsibilities .5
5.7 Establishing thresholds for sensitive uses, restricted uses and impact scales .6
5.8 Performing the AI system impact assessment .7
5.9 Analysing the results of the AI system impact assessment .7
5.10 Recording and reporting .7
5.11 Approval process .8
5.12 Monitoring and review .9
6 Documenting the AI system impact assessment . 9
6.1 General .9
6.2 Scope of the AI system impact assessment .9
6.3 AI system information .10
6.3.1 AI system description .10
6.3.2 AI system functionalities and capabilities .10
6.3.3 AI system purpose .10
6.3.4 Intended uses .10
6.3.5 Unintended uses .11
6.4 Data information and quality .11
6.4.1 General .11
6.4.2 Data information .11
6.4.3 Data quality documentation . 12
6.5 Algorithm and model information . 12
6.5.1 General . 12
6.5.2 Information on algorithms used by the organization . 12
6.5.3 Information on algorithm development . 13
6.5.4 Information on models used in an AI system . 13
6.5.5 Information on model development .14
6.6 Deployment environment .14
6.6.1 Geographical area and languages .14
6.6.2 Deployment environment complexity and constraints .14
6.7 Relevant interested parties . 15
6.7.1 General . 15
6.7.2 Directly affected interested parties . 15
6.7.3 Other relevant interested parties . 15
6.8 Actual and reasonably foreseeable impacts .16
6.8.1 General .16
6.8.2 Benefits and harms .16
6.8.3 AI system failures and reasonably foreseeable misuse .19
6.9 Measures to address harms and benefits . 20
Annex A (informative) Guidance for use with ISO/IEC 42001 .21
Annex B (informative) Guidance for use with ISO/IEC 23894 .23

© ISO/IEC 2025 – All rights reserved
iii
Annex C (informative) Harms and benefits taxonomy .25
Annex D (informative) Aligning AI system impact assessment with other assessments .27
Annex E (informative) Example of an AI system impact assessment template .31
Bibliography .38

© ISO/IEC 2025 – All rights reserved
iv
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the v
...


ISO/IEC FDIS 42005:2024(en)
ISO/IEC JTC 1/SC 42/WG 1
Secretariat: ANSI
Date: 2025-01-26
Information technology — Artificial intelligence — AI system impact
assessment
DISFDIS stage
Warning for WDs and CDs
This document is not an ISO International Standard. It is distributed for review and comment. It is subject to change
without notice and may not be referred to as an International Standard.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which
they are aware and to provide supporting documentation.
To help you, this guide on writing standards was produced by the ISO/TMB and is available at
https://www.iso.org/iso/how-to-write-standards.pdf
A model manuscript of a draft International Standard (known as “The Rice Model”) is available at
https://www.iso.org/iso/model_document-rice_model.pdf

ISO/IEC 42001:####(X FDIS 42005:2025(en)
© ISO/IEC 20242025
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication
may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying,
or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO
at the address below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: + 41 22 749 01 11
Fax: +41 22 749 09 47
EmailE-mail: copyright@iso.org
Website: www.iso.orgwww.iso.org
Published in Switzerland
ii © ISO/IEC 202X 2025 – All rights reserved
ii
ISO/IEC FDIS 42005:20242025(en)
Contents
Foreword . vi
Introduction . vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
5 Developing and implementing an AI system impact assessment process . 3
5.1 General . 3
5.2 Documenting the process . 4
5.3 Integration with other organizational management processes . 4
5.4 Timing of AI system impact assessment . 4
5.5 Scope of the AI system impact assessment . 6
5.6 Allocating responsibilities . 6
5.7 Establishing thresholds for sensitive uses, restricted uses and impact scales . 7
5.8 Performing the AI system impact assessment . 7
5.9 Analysing the results of the AI system impact assessment . 8
5.10 Recording and reporting . 8
5.11 Approval process . 9
5.12 Monitoring and review . 9
6 Documenting the AI system impact assessment . 10
6.1 General . 10
6.2 Scope of the AI system impact assessment . 10
6.3 AI system information . 10
6.4 Data information and quality . 12
6.5 Algorithm and model information . 13
6.6 Deployment environment . 15
6.7 Relevant interested parties . 16
6.8 Actual and reasonably foreseeable impacts . 17
6.9 Measures to address harms and benefits . 22
Annex A (informative) Guidance for use with ISO/IEC 42001 . 23
Annex B (informative) Guidance for use with ISO/IEC 23894 . 26
Annex C (informative) Harms and benefits taxonomy . 28
Annex D (informative) Aligning AI system impact assessment with other assessments . 30
Annex E (informative) Example of an AI system impact assessment template . 35
Bibliography . 44

Foreword . vi
Introduction . vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 2
© ISO/IEC 2024 2025 – All rights reserved
iii
ISO/IEC 42001:####(X FDIS 42005:2025(en)
5 Developing and implementing an AI system impact assessment process . 3
5.1 General . 3
5.2 Documenting the process . 3
5.3 Integration with other organizational management processes . 3
5.4 Timing of AI system impact assessment . 4
5.5 Scope of the AI system impact assessment . 4
5.6 Allocating responsibilities . 5
5.7 Establishing thresholds for sensitive uses, restricted uses and impact scales . 5
5.8 Performing the AI system impact assessment . 6
5.9 Analysing the results of the AI system impact assessment . 6
5.10 Recording and reporting . 7
5.11 Approval process . 7
5.12 Monitoring and review . 8
6 Documenting the AI system impact assessment . 8
6.1 General . 8
6.2 Scope of the AI system impact assessment . 8
6.3 AI system information . 8
6.3.1 AI system description . 8
6.3.2 AI system functionalities and capabilities . 9
6.3.3 AI system purpose . 9
6.3.4 Intended uses . 9
6.3.5 Unintended uses . 9
6.4 Data information and quality . 10
6.4.1 General . 10
6.4.2 Data information . 10
6.4.3 Data quality documentation . 11
6.5 Algorithm and model information . 11
6.5.1 General . 11
6.5.2 Information on algorithms used by the organization . 11
6.5.3 Information on algorithm development . 11
6.5.4 Information on models used in an AI system . 12
6.5.5 Information on model development . 12
6.6 Deployment environment . 12
6.6.1 Geographical area and languages . 12
6.6.2 Deployment environment complexity and constraints . 13
6.7 Relevant interested parties . 13
6.7.1 General . 13
6.7.2 Directly affected interested parties . 13
6.7.3 Other relevant interested parties . 14
6.8 Actual and potential impacts . 14
6.8.1 General . 14
6.8.2 Benefits and harms . 14
6.8.3 AI system failures and reasonably foreseeable misuse . 17
6.9 Measures to address harms and benefits . 18
Annex A (informative) Guidance for use with ISO/IEC 42001 . 19
Annex B (informative) Guidance for use with ISO/IEC 23894 . 22
B.1 General .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 5259-5:2025(Main)
Artificial intelligence — Data quality for analytics and machine learning (ML) — Part 5: Data quality governance framework

This document provides a data quality governance framework for analytics and machine learning (ML) to enable governing bodies of organizations to direct and oversee the implementation and operation of data quality measures, management, and related processes with adequate controls throughout the data life cycle (DLC) model according to ISO/IEC 5259-1. This document can be applied to any analytics and ML. This document does not define specific management requirements or process requirements according to ISO/IEC 5259-3 and ISO/IEC 5259-4 respectively.

  • Standard
    15 pages
    English language
    sale 15% off
ISO
ISO/IEC 5259-2:2024(Main)
Artificial intelligence — Data quality for analytics and machine learning (ML) — Part 2: Data quality measures

This document specifies a data quality model, data quality measures and guidance on reporting data quality in the context of analytics and machine learning (ML). This document is applicable to all types of organizations who want to achieve their data quality objectives.

  • Standard
    38 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 12791:2024(Main)
Information technology — Artificial intelligence — Treatment of unwanted bias in classification and regression machine learning tasks

This document describes how to address unwanted bias in AI systems that use machine learning to conduct classification and regression tasks. This document provides mitigation techniques that can be applied throughout the AI system life cycle in order to treat unwanted bias. This document is applicable to all types and sizes of organization.

  • Technical specification
    24 pages
    English language
    sale 15% off
ISO
ISO/IEC 5259-4:2024(Main)
Artificial intelligence — Data quality for analytics and machine learning (ML) — Part 4: Data quality process framework

This document establishes general common organizational approaches, regardless of the type, size or nature of the applying organization, to ensure data quality for training and evaluation in analytics and machine learning (ML). It includes guidance on the data quality process for: — supervised ML with regard to the labelling of data used for training ML systems, including common organizational approaches for training data labelling; — unsupervised ML; — semi-supervised ML; — reinforcement learning; — analytics. This document is applicable to training and evaluation data that come from different sources, including data acquisition and data composition, data preparation, data labelling, evaluation and data use. This document does not define specific services, platforms or tools.

  • Standard
    28 pages
    English language
    sale 15% off
ISO
ISO/IEC 5259-1:2024(Main)
Artificial intelligence — Data quality for analytics and machine learning (ML) — Part 1: Overview, terminology, and examples

This document provides the means for understanding and associating the individual documents of the ISO/IEC 5259 series and is the foundation for conceptual understanding of data quality for analytics and machine learning. It also discusses associated technologies and examples (e.g. use cases and usage scenarios).

  • Standard
    19 pages
    English language
    sale 15% off
ISO
ISO/IEC 5259-3:2024(Main)
Artificial intelligence — Data quality for analytics and machine learning (ML) — Part 3: Data quality management requirements and guidelines

This document specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving the quality of data used in the areas of analytics and machine learning. This document does not define a detailed process, methods or metrics. Rather it defines the requirements and guidance for a quality management process along with a reference process and methods that can be tailored to meet the requirements in this document. The requirements and recommendations set out in this document are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

  • Standard
    28 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 17903:2024(Main)
Information technology — Artificial intelligence — Overview of machine learning computing devices

This document surveys machine learning (ML) computing devices, including the following: — ML computing device terminology and characteristics; — existing approaches to the setting and use of characteristics for optimizing ML computing device performance. The information provided in this document is relevant for organizations of all types and sizes.

  • Technical report
    25 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 8200:2024(Main)
Information technology — Artificial intelligence — Controllability of automated artificial intelligence systems

This document specifies a basic framework with principles, characteristics and approaches for the realization and enhancement for automated artificial intelligence (AI) systems’ controllability. The following areas are covered: — state observability and state transition; — control transfer process and cost; — reaction to uncertainty during control transfer; — verification and validation approaches. This document is applicable to all types of organizations (e.g. commercial enterprises, government agencies, not-for-profit organizations) developing and using AI systems during their whole life cycle.

  • Technical specification
    34 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 24030:2024(Main)
Information technology — Artificial intelligence (AI) — Use cases

This document provides a collection of representative use cases of AI applications in a variety of domains.

  • Technical report
    169 pages
    English language
    sale 15% off
ISO
ISO/IEC 5392:2024(Main)
Information technology — Artificial intelligence — Reference architecture of knowledge engineering

This document defines a reference architecture of knowledge engineering (KE) in artificial intelligence (AI). The reference architecture describes KE roles, activities, constructional layers, components and their relationships amongst themselves and other systems from systemic user and functional views. This document also provides a common KE vocabulary by defining KE terms.

  • Standard
    42 pages
    English language
    sale 15% off