AI Regulation

Governance

The system of policies, rules, and processes by which activities are directed, controlled, and managed.

Right to be Forgotten

A legal concept giving individuals the right to request deletion of their personal data from organisations' records.

Data Sovereignty

The concept that data is subject to the laws and governance structures of the country where it is collected or processed.

Internal Audit

An independent assurance function that evaluates the effectiveness of an organisation's internal controls and governance.

COBIT

Control Objectives for Information and Related Technologies — a framework for IT governance and management.

Business Ethics

The application of ethical principles and moral standards to business activities, decisions, and relationships.

Anti-Money Laundering

Laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income.

Whistleblower Protection

Legal provisions protecting individuals who report illegal or unethical practices within organisations.

Information Classification

The process of categorising data based on its sensitivity level and the impact of unauthorised disclosure.

Acceptable Use Policy

A document defining the permitted use of an organisation's IT resources and networks.

Algorithmic Accountability

The principle that organisations should be answerable for the outcomes and impacts of their algorithmic systems.

Model Risk Management

The governance framework for identifying, measuring, and mitigating risks arising from AI and analytical models.

A systematic evaluation of the potential social, economic, and civil rights impacts of an automated decision-making system before and after deployment.

The process of verifying the identity, suitability, and risks of customers in financial transactions.

The process of checking individuals and entities against government-issued lists of sanctioned parties.

The proper handling of personal data including collection, storage, processing, and sharing in compliance with regulations.

Evaluating the potential risks of engaging with a vendor including security, financial, and operational concerns.

An independent assessment of an AI system's compliance with regulatory requirements, ethical standards, and organisational policies, examining data, models, outputs, and governance.

A systematic evaluation of the potential effects and risks of an AI system before and during its deployment.

An approach to systems engineering that takes privacy into account throughout the entire engineering process.

Artificial Intelligence

The simulation of human intelligence processes by computer systems, including learning, reasoning, and self-correction.