spektr’s ISO 42001 Certification: Responsible AI Management

Just a couple of weeks ago, we proudly announced spektr’s new ISO 42001 certification for responsible AI management, awarded by Mastermind – the world’s first certification body accredited to issue ISO 42001 certifications!

Given this achievement, we wanted to take a moment to dive into what this certification means for spektr’s operations, as well as our clients. To highlight the significance of this milestone, we spoke with one of the driving forces behind spektr’s certification: Grace Sun, our Head of Business Analysis, who played an instrumental role in achieving this success.

Meeting the Highest Ethical and Operational Standards

AI adoption is exponentially increasing, with 72% of organizations reporting regular use of AI in 2024 alone, according to a McKinsey survey. However, whilst AI can, and does, bring tremendous value, it does not come without risks. That’s where standards like ISO 42001 become pivotal for showcasing strong AI governance; it was created to provide a standardized foundation for organizations handling AI-related risks and controlling opportunities associated with these quickly developing technologies. This is what Grace had to say about achieving this latest ISO certification:

Achieving ISO 42001 certification underscores spektr's dedication to responsible AI management. This certification ensures that our AI-driven solutions are developed, deployed, and monitored with the highest standards of accuracy and quality. This certification serves as a cornerstone of our commitment to transparency, quality, and ethical AI practices that align with our clients' and regulatory expectations.

So, what does ISO 42001 certification actually entail? Here are the key facets – which, in total, include 38 controls covering the AI system life cycle management, data management, and responsible use of AI systems:

• Accountability: To build trust, organizations must hold themselves accountable by clearly explaining the rationale behind AI-driven decisions.
• Transparency: Decisions made through AI systems should be fully transparent, avoiding any bias or negative societal or environmental impacts.
• Explainability: Important factors influencing AI system outcomes should be communicated in an understandable way to all stakeholders.
• Fairness: Automated decision-making through AI must be assessed to ensure it doesn’t create unfair outcomes for individuals or groups.
• Data Privacy: Strong data management and security measures are essential to protect user privacy in an AI environment.
• Reliability: AI systems must demonstrate consistent safety and reliability in all areas of application.

For us, this means that our spektrAI setup (which we launched just a couple months ago) is now fully conforming to this benchmark International Standard – which should ultimately be a non-negotiable for any compliance tool within the marketplace.

What This Means for Our Clients

ISO 42001 certification is less about spektr, and more about instilling confidence in our clients as the primary audience of this third-party report. Being able to continuously prove that spektrAI can be leveraged to its fullest potential, whilst still complying with stringent security requirements, is the best outcome of this certification. As Grace rightly mentions:

For our clients, ISO 42001 is more than a certification; it’s a promise. It assures that every AI-driven solution on our risk platform is crafted with precision, monitored with diligence, and improved continuously. This commitment empowers our clients to trust in the reliability and integrity of our products as they make critical decisions.

David Forman, Chief Executive Officer at Mastermind, the accredited certification body partner selected by spektr, emphasized the achievement:

Since our accreditation in July, we have had the privilege of working with some of the first organizations to adopt ISO 42001. Although this International Standard has been published for less than a year, we are already seeing a clear trend: organizations like spektr are elevating their existing management systems, originally built for ISO 27001, to also meet ISO 42001 requirements.

The team at spektr embedded secure engineering and responsible AI principles into their products from the beginning, which made expanding their governance activities a natural progression.

Going Forward

Adding ISO 42001 to our parallel ISO 27001 certification is not the end goal for spektr! We plan to continuously improve our product, ensuring that we are consistently able to meet the highest of expectations maintained by our clients– something they deserve when using our solution. As Grace remarks:

Looking ahead, ISO 42001 certification is only the beginning of our journey towards responsible AI. With this management system in place, spektr is well-positioned to navigate the dynamic AI landscape confidently and responsibly. Our clients can expect ongoing advancements in risk management, driven by AI solutions that are not only innovative but also governed by stringent ethical and quality standards.

A huge thank you to Grace Sun and Mastermind for collaborating in order to make this achievement a reality!

If you read this and thought, ‘Hey, I’d like to learn more about a platform that offers all of this’, feel free to book a personalized demo with one of our in-house pros! We’d love to get you up to speed with spektr’s industry-leading solution.