Why It Matters
Recognized risk-management backbone. Complements ISO 42001 management systems focus.
At a Glance
Requires
Who Must Comply
- Organizations implementing AI risk management
Obligations fall on:
Safety Provisions
- AI risk identification, analysis, evaluation, treatment
- Lifecycle framing (design → deployment → monitoring)
- Documentation for audits/procurement
Primary Source
ISO
https://www.iso.org/standard/77304.html
View on map
International
Focus Areas
Compliance Help
Requires AI risk management process, documented controls, monitoring evidence, continuous improvement.
See how NOPE helpsCite This
APA
International. (2023). ISO/IEC 23894:2023 — AI Risk Management Guidance.
Related Regulations
ISO 42001
First certifiable international standard for AI management systems. Uses Plan-Do-Check-Act methodology. Third-party certification available; major AI systems have achieved certification.
UNESCO AI Ethics
Global normative framework adopted by all 193 UN Member States. Policy Area 8 (Health and Social Wellbeing) directly addresses mental health AI.
AU AI Strategy
Continent-wide AI strategy endorsed by African Union Executive Council covering 55 member states. Phased implementation 2025-2030. Phase I (2025-2026) focuses on creating governance frameworks, developing national AI strategies, resource mobilization, and capacity building. Aims to harmonize AI development across Africa while respecting member state sovereignty.
Brunei PDPO
Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.
India DPDP Act
STRICTEST children's provisions in APAC. Children = under 18; verifiable parental consent MANDATORY; PROHIBITION on tracking, behavioral monitoring, targeted advertising to children.
CARICOM CCSCAP 2025
CARICOM's 2025 regional cyber security framework establishing digital safety culture and coordinated incident response across 18 member states.
Last updated February 17, 2026. Verify against primary sources before relying on this information.