https://taxonomy.eticas.ai/risk/governance-compliance
Risks from gaps in organisational processes for ongoing oversight, compliance, and lifecycle management of AI systems — including regulatory compliance, change management, data governance, monitoring and evaluation, remediation of failures, and incident response.
| Framework | Concept |
|---|---|
| ISO/IEC 42001:2023 — AI Management System | A.9 Use of AI systems + clause 10 (improvement / nonconformity) |
| EU AI Act (Regulation 2024/1689) | Article 17 — Quality management system + Article 9 — Risk management |
| AIUC-1 — AI Underwriting Company Standard | Document regulatory compliance + E.12 Quality management system |
| Framework | Concept |
|---|---|
| NIST AI Risk Management Framework (AI 100-1) | GOVERN 1 — Policies, processes, procedures |
| NIST AI 600-1 — Generative AI Risk Profile | Value Chain and Component Integration |
| Framework | Concept |
|---|---|
| W3C Data Privacy Vocabulary — AI Extension | Risk Management |