Back

Enable users to interpret the artificial intelligence system's output and use.


CONTROL ID
15002
CONTROL TYPE
Business Processes
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an artificial intelligence system., CC ID: 14943

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • High-risk AI systems shall be designed and developed in such a way to ensure that their operation is sufficiently transparent to enable users to interpret the system's output and use it appropriately. An appropriate type and degree of transparency shall be ensured, with a view to achieving complianc… (Article 13 1., Proposal for a Regulation of The European Parliament and of The Council Laying Down Harmonized Rules On Artificial Intelligence (Artificial Intelligence Act) and Ameding Certain Union Legislative Acts)
  • The governing body should monitor the types of decision and output generated by automated systems and direct management to ensure that such systems are configured to operate within acceptable bounds by implementing appropriate controls. Such controls should provide the governing body with appropriat… (§ 6.3 ¶ 4, ISO/IEC 38507:2022, Information technology — Governance of IT — Governance implications of the use of artificial intelligence by organizations)
  • the cultural implications of the use of AI within the organization, such as the increased sophistication of an AI system that can lead staff to assume that it is error-free. The organization should establish appropriate processes to validate the output of an AI system; (§ 6.6.1 ¶ 4 Bullet 2, ISO/IEC 38507:2022, Information technology — Governance of IT — Governance implications of the use of artificial intelligence by organizations)
  • The AI model is explained, validated, and documented, and AI system output is interpreted within its context – as identified in the MAP function – to inform responsible use and governance. (MEASURE 2.9, Artificial Intelligence Risk Management Framework, NIST AI 100-1)