Ozona Consulting · ISO 20000, ISO 270001, ISO 22301 consultancy

AI Governance & Compliance Workshops

AI GOVERNANCE AND COMPLIANCE WORKSHOPS

The AI Governance and Compliance Workshops are based on the main international and regulatory frameworks on AI, in particular the ISO/IEC 42001 standard for Artificial Intelligence management systems, ISO/IEC 22989 as a reference for concepts and terminology, and the European Artificial Intelligence Regulation (EU AI Act).

These training programs are designed to help organizations structure the use of AI from a governance, risk and compliance perspective, and constitute a natural complement to Ozona’s services in assessment, risk analysis and the definition of AI management systems. Although a prior general understanding of the use of AI in the organization is recommended, the workshops can be taken without specific technical prerequisites.

KEY FEATURES OF THE AI GOVERNANCE AND COMPLIANCE WORKSHOPS

THEORY AND PRACTICE

The theoretical content is complemented with many practical exercises.

REGULATORY AND GOVERNANCE FOCUS

They address AI governance, risk management and regulatory compliance

APPLICABLE TO ANY SECTOR

The content and exercises are not specific to a single field of application.

NO ADVANCED TECHNICAL KNOWLEDGE REQUIRED

The content does not require prior knowledge of programming, data models or AI techniques.

MULTI-LEVEL TRAINING

The training is organized into two complementary workshops.

NO MANDATORY PREREQUISITES

Although the workshops are related to each other, they can be taken independently

TARGET AUDIENCE OF THE VISUALIZATION TECHNIQUES WORKSHOPS

Below is the list of profiles for whom the workshops are intended:

  • Governance, risk and compliance officers
  • Information security, business continuity and resilience officers
  • IT, architecture and service management officers
  • Innovation, data and digital transformation officers
  • Operational and technical profiles involved in the use or oversight of AI systems
  • Internal auditors and control profiles

The content is not aimed at a specific industry sector.

ORGANIZATION AND LEVELS OF THE WORKSHOPS ON AI GOVERNANCE AND COMPLIANCE

Ozona’s training on AI governance and compliance is organized into two workshops:

FUNDAMENTALS OF ARTIFICIAL INTELLIGENCE GOVERNANCE

8 hours. 795€ + VAT/attendee

REGULATORY COMPLIANCE IN ARTIFICIAL INTELLIGENCE · EU AI ACT

8 hours. 795€ + VAT/attendee

Current prices and promotions

795€/participant – 1 registration
745€/participant – 2 registrations from the same organization in the same course
695€/participant – 3 registrations (or more) from the same organization in the same course

The price includes the workshop, manual and diploma.
Taxes not included.

FUNDAMENTALS OF ARTIFICIAL INTELLIGENCE GOVERNANCE

AI GOVERNANCE BASED ON ISO/IEC 42001 AND ISO/IEC 22989
Principles of Artificial Intelligence governance in organizations
AI concepts and terminology according to ISO/IEC 22989
Structure and components of an AI management system (ISO/IEC 42001)
Roles, responsibilities and AI governance policies
Risk management associated with the lifecycle of AI systems
Integration of AI governance with information security, continuity and other management systems

REGULATORY COMPLIANCE IN ARTIFICIAL INTELLIGENCE · EU AI ACT

PRACTICAL APPLICATION OF THE EUROPEAN AI REGULATION
Structure and scope of the European Artificial Intelligence Regulation
Risk-based approach and classification of AI systems
Prohibited practices and high-risk systems
Transparency obligations and information requirements
Legal roles: provider and deployer
Application timeline and sanctions regime
Criteria for performing assessments and gap analyses

WORKSHOP SYLLABUS

FUNDAMENTALS OF ARTIFICIAL INTELLIGENCE GOVERNANCE

AI governance based on ISO/IEC 42001 and ISO/IEC 22989

 

Introduction to Artificial Intelligence governance

    • AI as an organizational capability
    • Risks associated with the use of AI
    • AI governance vs. technical development of AI
    • Relationship among AI, data, processes and decisions

 

Artificial Intelligence concepts and terminology (ISO/IEC 22989)

    • Definition of an AI system
    • Types of AI systems
    • Lifecycle of AI systems
    • Actors involved in the use of AI
    • Differences among models, systems and applications

 

AI governance framework

    • Principles of AI governance in organizations
    • Corporate governance and AI governance
    • Roles and responsibilities
    • Organizational policies and principles
    • Integration with existing governance models

 

Introduction to ISO/IEC 42001

    • Purpose and scope of the standard
    • High-level structure (HLS)
    • Relationship with other ISO standards
    • Risk-based approach
    • PDCA cycle applied to AI

 

Artificial Intelligence management system

    • Context of the organization and scope of the system
    • Leadership and management commitment
    • Planning of the AI management system
    • Support, competencies and awareness
    • Operation and control of the use of AI

 

Risk management in AI systems

    • Identification of risks associated with AI
    • Technical, operational, legal and reputational risks
    • Risks arising from data and models
    • Risk assessment and prioritization
    • Risk treatment measures

 

Governance of the AI lifecycle

    • Design and acquisition of AI systems
    • Use and operational oversight
    • Change management and evolution of models
    • Retirement and decommissioning of AI systems

 

Integration with other management systems

    • Relationship with information security ISO 27001
    • Relationship with business continuity ISO 22301
    • Relationship with service management ISO 20000
    • Leveraging existing structures

ARTIFICIAL INTELLIGENCE · EU AI ACT

Practical application of the European AI Regulation

 

Introduction to the European Artificial Intelligence Regulation

    • Objectives of the EU AI Act
    • Scope of application
    • Relationship with other regulatory frameworks
    • General principles of the Regulation

 

Risk-based approach

    • Risk categories in the EU AI Act
    • Regulatory rationale of the risk-based approach
    • Practical implications for organizations

 

Prohibited practices

    • Concept of unacceptable risk
    • Prohibited systems
    • Examples of prohibited practices
    • Consequences of non-compliance

 

High-risk AI systems

    • Definition and high-risk criteria
    • Areas of application
    • Relationship with fundamental rights
    • Organizational impact of high-risk systems

 

Obligations applicable to high-risk systems

    • Risk management system
    • Data governance and quality
    • Technical documentation
    • Records and traceability
    • Transparency and instructions for use
    • Human oversight
    • Accuracy, robustness and cybersecurity
    • Quality management system
    • Post-market monitoring

 

Limited-risk systems and transparency obligations

    • Interaction with individuals
    • Chatbots and virtual assistants
    • Generative AI and synthetic content
    • Information to the user

 

Minimal-risk systems

    • Exclusion criteria
    • Justification of the classification
    • Defensible documentation

 

Legal roles under the EU AI Act

    • Provider
    • Deployer
    • Criteria for the assignment of roles
    • Legal and operational implications

 

Application timeline and sanctions regime

    • Application milestones of the Regulation
    • Transition period
    • Sanctions regime
    • Economic and reputational impact

 

Compliance assessment and Gap Analysis

    • Identification of the regulatory perimeter
    • Classification of systems
    • Gap analysis
    • Prioritization of actions
    • Adaptation plan

REGISTRATION REQUEST FOR THE AI GOVERNANCE AND COMPLIANCE WORKSHOPS

    Interés en una sesión in-company