Skip to main content
NOPE
In Effect Standard AI Safety

ISO 23894

ISO/IEC 23894:2023 — AI Risk Management Guidance

AI risk management guidance complementing ISO 31000. Lifecycle risk management; audit/procurement language.

Jurisdiction

International

Enacted

Pending

Effective

Feb 6, 2023

Enforcement

TBD

ISO

Why It Matters

Recognized risk-management backbone. Complements ISO 42001 management systems focus.

At a Glance

Requires

Risk Assessment

Who Must Comply

  • Organizations implementing AI risk management

Obligations fall on:

Safety Provisions

  • AI risk identification, analysis, evaluation, treatment
  • Lifecycle framing (design → deployment → monitoring)
  • Documentation for audits/procurement

View on map

International

Focus Areas

Algorithmic accountability
Active safeguards required

Cite This

APA

International. (2023). ISO/IEC 23894:2023 — AI Risk Management Guidance.

Related Regulations

In Effect INTL

ISO 42001

First certifiable international standard for AI management systems. Uses Plan-Do-Check-Act methodology. Third-party certification available; major AI systems have achieved certification.

In Effect INTL

UNESCO AI Ethics

Global normative framework adopted by all 193 UN Member States. Policy Area 8 (Health and Social Wellbeing) directly addresses mental health AI.

In Effect INT

OECD AI Due Diligence

Non-binding OECD guidance applying the OECD's six-step responsible business conduct (RBC) due-diligence process to enterprises across the AI value chain, providing practical recommendations for identifying, preventing, mitigating, and accounting for adverse human-rights and societal impacts of AI systems.

In Effect INT

UN/ITU AI & Child Rights Statement

Non-binding multilateral statement signed by thirteen UN and international organisations setting out principles for protecting children's rights in the design, deployment, and governance of AI systems, including provisions on harmful content, age assurance, transparency, and child-rights impact assessments.

Enacted US-MD

MD HB 895

First US state law to outright ban surveillance-based personalized pricing in food retail and third-party delivery, prohibiting use of protected class data and dynamic pricing tied to consumer personal data with limited exceptions for cost-based pricing, loyalty programs, and explicit consent.

In Effect BN

Brunei PDPO

Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.

All regulations Check if this applies to you

Last updated February 17, 2026. Verify against primary sources before relying on this information.