As reported in N2K last week, the ICO has invited comment from organisations on the development of its auditing framework for AI. The ICO says that the framework will support the work of its investigation and assurance teams when assessing the compliance of data controllers using AI and help guide organisations on the management of data protection risks arising from AI applications.
In a blog post, the ICO has now briefly outlined the framework’s two key components, which are: (i) governance and accountability; and (ii) AI-specific risk areas.
The ICO explains that the governance and accountability component will discuss the measures an organisation must have in place to be compliant with data protection requirements.
The second component of the framework will focus on the potential data protection risks that may arise in a number of AI specific areas and what the adequate risk management practices would be to manage them. To read the blog post in full, click here.