By:
On:
In: Artificial Intelligence, Cybersecurity, IT Security
With: 0 Comments

Discover how ISO/IEC 23894:2023 extends traditional risk frameworks (ISO 31000) to tackle algorithmic bias, model drift, and opaque “black box” decisions. Learn how to turn AI risk management into a competitive advantage for 2026. Beyond Intuition: Why ISO/IEC 23894:2023 is the Strategic Engine for AI Risk Management For over a decade, enterprise risk management (ERM) has relied on deterministic systems. We managed known variables, established clear cause-and-effect relationships, and built robust barriers around predictable IT infrastructures. Artificial Intelligence changes the rules of the game completely. AI models are not static; they learn, adapt, and occasionally degrade. Traditional IT risk frameworks are fundamentally unequipped to handleRead More →

By:
On:
In: Artificial Intelligence, IT Governance, Technology
With: 0 Comments

In the current post I want to do a fast analysis of ISO/IEC 22989:2022 – “Artificial intelligence concepts and terminology”. In the global race for Artificial Intelligence dominance, most organizations are sprinting toward implementation while tripping over a fundamental hurdle: the lack of a shared language. We see it in every boardroom and technical meeting: “Trustworthiness” is treated as a subjective feeling, “Transparency” remains a vague promise, and the very definition of an “AI System” varies depending on who you ask. This “Babel Syndrome” isn’t just a communication issue but a significant risk to compliance, security, and strategic alignment. To lead in the AI era,Read More →

By:
On:
In: Artificial Intelligence
With: 0 Comments

In the current landscape of rapid digital transformation, Artificial Intelligence (AI) is no longer a “future” project, but it is an operational reality. Many organizations are falling into the “Ethics Gap”: the space between having high-level AI principles and implementing actual, measurable Accountability. As a Cybersecurity professional strategic leader, I see this gap as a significant business risk. To navigate it, we must look at two pillars of excellence in Artificial intelligence scope: ISO/IEC 38507 and ISO/IEC 42001. 🚀 The Importance of Data Governance in AI Governance: 🧭 ISO/IEC 38507: The Governance Compass Governance is about leadership. ISO/IEC 38507 is designed for the boardroom. ItRead More →

By:
On:
In: Artificial Intelligence, IT Governance
With: 0 Comments

The “Move Fast and Break Things” era of Artificial Intelligence is officially over. As we navigate 2026, the conversation has shifted from what AI can do to how we can trust what it does. For organizations integrated into global supply chains or operating within the reach of the EU AI Act, AI governance is no longer a “legal checklist”, it is a competitive moat. This is where ISO/IEC 42001:2023 comes in. What is ISO/IEC 42001? Unlike technical standards that focus on model performance, ISO 42001 is the world’s first certifiable Artificial Intelligence Management System (AIMS). It provides a structured framework to manage the risks andRead More →

By:
On:
In: IT Security
With: 0 Comments

We can define 3 different areas of standards and regulations related to industrial cybersecurity. It is possible that we have to apply several simultaneously depending on the geography where we want to adapt to the standard and the customer. International standards of industrial cybersecurity:a. ISA/IEC 62443b. NIST SP 800-82 Rev.2 Regional industry regulation, critical infrastructure and services regulations and sector-specific regulations: (some examples)a. NERC CIP (Electrical Regulation for the United States)b. ANSSI (Electrical Regulation for France)c. ENS (Regulation of critical infrastructure in Spain)d. NCSC CAF Guidance (UK Critical Infrastructure Regulation)e. BSI (German Critical Infrastructure Regulation)f. Law 362/2019 (Regulation of critical infrastructure in Romania aligned withRead More →

By:
On:
In: IT Security
With: 0 Comments

ISO 22316:2017, was published in March 2017. Created by Technical Committee ‘ISO/TC 292 Security and resilience’.URL of ISO 22316:2017: https://www.iso.org/standard/50053.html This standard focused on improving culture within organizations in relation to building resilience. ISO 22316:2017 is the result of a long development process and represents the global consensus on the concept of organizational resilience. This regulation defines Organizational Resilience as: ‘the capacity of an organization to absorb and adapt in a changing environment’. ISO 22316:2017 has 6 main sections of requirements related to the orientation with which they should be implemented by an organization. Structure of this normative is: Introduction 1. Scope2. Normative references 3.Read More →