Back

Develop artificial intelligence systems involving the training of models with data sets that meet the quality criteria.


CONTROL ID
14996
CONTROL TYPE
Systems Design, Build, and Implementation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an artificial intelligence system., CC ID: 14943

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • High-risk AI systems which make use of techniques involving the training of models with data shall be developed on the basis of training, validation and testing data sets that meet the quality criteria referred to in paragraphs 2 to 5. (Article 10 1., Proposal for a Regulation of The European Parliament and of The Council Laying Down Harmonized Rules On Artificial Intelligence (Artificial Intelligence Act) and Ameding Certain Union Legislative Acts)
  • As consumers of data, additional quality and completeness constraints on data and information can be imposed by AI systems. (§ 5.4.1 Table 3 Column 2 Row 8 Bullet 2, ISO/IEC 23894:2023, Information technology — Artificial intelligence — Guidance on risk management)
  • Governance oversight, based on policies set by an organization, should identify the individual and the collective accountability in a chain of responsibility. Good governance oversight should be based on the general understanding of the usage (and context of use) of a system. See "External and inter… (§ 6.2 ¶ 2, ISO/IEC 38507:2022, Information technology — Governance of IT — Governance implications of the use of artificial intelligence by organizations)
  • One major difference between AI systems (particularly those involving ML) and other IT systems is that they rely on data inference to produce a result with a level of confidence. A second major difference is the existence and use of training data which, depending on its quality, can improve or degra… (§ 6.4 ¶ 3, ISO/IEC 38507:2022, Information technology — Governance of IT — Governance implications of the use of artificial intelligence by organizations)
  • The AI model is explained, validated, and documented, and AI system output is interpreted within its context – as identified in the MAP function – to inform responsible use and governance. (MEASURE 2.9, Artificial Intelligence Risk Management Framework, NIST AI 100-1)