Time-Saving Resource Delivers Already-Written Policies to More Seriously Manage Artificial Intelligence Risks

News provided by

InfoSecurity Infrastructure, Inc.

Oct 31, 2024, 08:41 ET

LAKEBAY, Wash., Oct. 31, 2024 /PRNewswire/ -- InfoSecurity Infrastructure, Inc. just released a new handbook which enables all types of organizations to quickly reduce the risks associated the use of artificial intelligence. Entitled "Internal Policies for Artificial Intelligence Risk Management," this book provides a compilation of practical governance and risk management policies. Included are over 175+ already-written internal policies, each with accompanying justifications, and over 2000 linked references. Also provided is already-written and ready-to-deploy material like an "Artificial Intelligence Acceptable Use Policy" and an "AI Life Cycle Process Policy." The background research and writing work has already been done, so purchaser organizations need to only select, customize, and recompile the material, to generate their own in-house policy statements. Original purchasers receive a perpetual organization-wide license to republish derivatives of these policies within their organization.

Continue Reading
Practical Compendium of Artificial Intelligence Risk Management Policies Just Released
Practical Compendium of Artificial Intelligence Risk Management Policies Just Released
Ready-To-Go Policy Collection Comes in eBook and Print Book Formats
Ready-To-Go Policy Collection Comes in eBook and Print Book Formats

While much of the risk management discussion about AI has focused on governmental laws and regulations, this book focuses upon a very important but neglected area -- internal policies at user organizations. The policy material provided is businesslike and implementable now, as opposed to far too much of the AI conversation to date, which has been hypothetical and futuristic. The book takes best practices in the information technology area, and then applies those to the unique risks of artificial intelligence, such as hallucinations (errors that appear to be credible), emergent properties (things that AI systems teach themselves), and inherited discrimination (perpetuating bias in a training dataset into an AI system's output).

Just one of many indications that this book is needed is the tendency of many managers to consider AI as a replacement for people, but AI systems do not possess important human characteristics like common sense, empathy, morality, or contextual awareness. Instead of approaching AI as a replacement for people, this book provides explicit risk management approaches that allow humans to successfully work along-side AI systems. The book brings a new perspective to AI which embraces the needs of multiple stakeholders such as customers, employees, and business partners. A particular focus of the book is on justifiably obtaining user trust. When this trust is obtained there will be a new willingness to participate in AI projects, buy AI-enhanced products and services, and rely on AI-generated information.

Extensively covered is the "AI life cycle process," which ensures that AI systems are not only properly evaluated in terms of risk, but also that they have adequate controls and guardrails, are compliant with laws and regulations, are sufficiently tested, and will be adequately audited after deployment. This approach, which also relies on demonstrated good practices found in other high-risk fields like aviation and nuclear power, fosters alignment up-and-down an organization and with third-party stakeholders too. This in turn allows well-governed win-win solutions to be achieved, including the blocking of "shadow AI" (where departments go their own way in terms of AI systems). The handbook provides extensive coverage of ethics, human-computer interface design, training and awareness, incentive systems, governance, organizational culture, and risk management. All policies have explicit action-forcing-mechanisms that not only can be independently audited, but also that can help ensure that the policies are consistently observed.

The book is written by Charles Cresson Wood, Esq., JD, MBA, MSE, CISA, CISSP, CISM, CGEIT, CIPP/US, an attorney and management consultant with 45+ years of experience in information technology risk management. His book entitled "Information Security Policies Made Easy" has been purchased by over 70% of the Fortune 500 companies. Mr. Wood has published six other books in this field, and over 375 related articles. He has worked with over 125 clients in the information technology risk management area, so he brings a seasoned viewpoint to the management of AI risks. The research and writing effort for this book was entirely self-funded, and this approach allowed the author to readily adopt the perspectives of user organizations without conflicts. The book was written entirely by a human being, because it would be like using the "fox to guard the hen house," to employ AI systems to write policies that are intended to control and minimize the risks associated with AI systems.

For more information, see www.internalpolicies.com or call Charles Wood at 707-937-5572, [email protected].

SOURCE InfoSecurity Infrastructure, Inc.

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

icon3
440k+
Newsrooms &
Influencers
icon1
9k+
Digital Media
Outlets
icon2
270k+
Journalists
Opted In
GET STARTED