A.2.2 AI Policy
Documenting an AI policy

A.2.3 Alignment with Other Organisational Policies
Identifying where other policies might impact or relate to its AI objectives

A.2.4 Review of the AI Policy
Defining when AI policies should be reviewed

A.3.2 AI Roles and Responsibilities
Defining AI roles and responsibilities based on what’s relevant to your organisation

A.3.3 Reporting of Concerns
Setting up a process to report concerns about its role in the AI system throughout its life cycle

A.4.2 Resource Documentation
Documenting important resources at each AI system life cycle stage

A.4.3 Data Resources
Documenting information on data resources used for the system

A.4.4 Tooling Resources
Documenting information on tooling resources used for the system

A.4.5 System and Computing Resources
Documenting information on system and computing resources used for the system

A.4.6 Human Resources
Documenting information about HR and their skills used for all the activities within the system

A.5.2 AI System Impact Assessment Process
Creating a process to evaluate the potential impacts of the AI system on individuals, groups, and societies throughout its life cycle

A.5.3 Documentation of AI System Impact Assessments
Documenting the impact assessment results and defining their retention period

A.5.4 Assessing AI System Impact on Individuals or Groups of Individuals
Documenting the potential impacts on societies (it can be individuals or groups of individuals) of AI systems

A.5.5 Assessing Societal Impacts of AI Systems
Documenting societal impacts (both beneficial and detrimental) of AI systems

A.6.1.2 Objectives for Responsible Development of AI System
Documenting objectives for responsible AI development, including requirements and guidelines as necessary to ensure that measures are integrated into the various stages of the development life cycle

A.6.1.3 Processes for Responsible AI System Design and Development
Documenting design and development processes that demonstrate responsible design of AI systems

A.6.2.2 AI System Requirements and Specification
Documenting requirements for new AI systems or major updates to existing systems

A.6.2.3 Documentation of AI System Design and Development
Documenting its AI system design and development process according to your objectives, documentation, and specification criteria

A.6.2.4 AI System Verification and Validation
Documenting how to verify and validate the AI system and specify when to use these measures

A.6.2.5 AI System Deployment
Creating a deployment plan and meeting these requirements before deployment

A.6.2.6 AI System Operation and Monitoring
Documenting the essential processes for the system including at least system and performance monitoring, repairs, updates, and support

A.6.2.7 AI System Technical Documentation
Deciding what technical documentation is needed for each group of interested parties, like users, partners, and supervisory authorities, and provide it to them in the right format

A.6.2.8 AI System Recording of Event Logs
Deciding when to enable event log record-keeping during the AI system’s life cycle, including when the AI system is in use

A.7.2 Data for Development and Enhancement of AI System
Documenting and implementing data management processes for developing AI systems

A.7.3 Acquisition of Data
Documenting how data for AI systems is acquired and selected

A.7.4 Quality of Data for AI Systems
Documenting data quality standards and making sure the data used for AI systems meets those standards

A.7.5 Data Provenance
Documenting a process for tracking the origin of data used in its AI systems throughout their life cycles

A.7.6 Data Preparation
Documenting its criteria for choosing and preparing data

A.8.2 System Documentation and Information for Users
Identifying and giving users the needed information about the AI system

A.8.3 External Reporting
Allowing interested parties to report any negative effects of the AI system

A.8.4 Communication of Incidents
Creating a plan on how to communicate incidents to AI system users

A.8.5 Information for Interested Parties
Documenting what information about the AI system needs to be reported to interested parties

A.9.2 Processes for Responsible Use of AI Systems
Documenting processes for using AI systems responsibly

A.9.3 Objectives for Responsible Use of AI System
Documenting objectives which serve as a framework on the responsible use of AI systems

A.9.4 Intended Use of the AI System
Making sure that your AI system is used as intended and follows your documentation

A.10.2 Allocating Responsibilities
Ensuring responsibilities for your AI systems are shared among your company, your partners, suppliers, customers, and third parties

A.10.3 Suppliers
Creating a process to make sure that the services, products, or materials from suppliers match its responsible AI development and use approach

A.10.4 Customers
Demonstrating that your AI systems meet customer expectations and needs