D 08v15 - ISO 42001 artificial intelligence management system documents version 2023 - Set of documents
This set of 158 documents is a key resource for structuring an Artificial Intelligence Management System (AIMS) compliant with ISO 42001:2023. The documents are ready to use and editable. Some advantages include: compliance (documents aligned with ISO 42001 requirements); time savings (no need to write documents from scratch); flexibility (editable files for optimal adaptation to your organization); comprehensiveness (covers all key aspects of the AIMS: risk management, ethics, security, continuous improvement, etc.) and practical tools (includes Excel templates for data tracking and management).
|
60 €
Ex. VAT
|
|
|
|
|
See the set of documents D 29v23 ISO 42001 Readiness See the set of documents D 49v23 ISO 42001 Internal audit See the set of documents D 89v23 ISO 42001 package |
You have an unlimited access for one year to the whole set of documents. This includes access to all the modifications (improvements) which could be made during that period.
Description
Main Content
- 158 ready-to-use documents for structuring an Artificial Intelligence Management System (AIMS) compliant with ISO 42001:2023
- the documents are editable (Word/Excel) and cover all key aspects:
- risk management, ethics, security, continual improvement
- practical tools: Excel templates for tracking and managing data
Benefits:
- compliance with ISO 42001 requirements
- time savings (no need to write from scratch)
- flexibility (adaptable to each organization)
- comprehensiveness (all necessary processes, procedures, policies, and records)
Document details
- 437 pages in total, organized into:
- manual, processes, procedures, policies, and instructions (e.g., regulatory monitoring, risk management, training, internal audit, etc.)
- records (e.g., risk registers, audit plans, incident reports, etc.)
- Excel tools (e.g., risk management forms, incident logs, supplier agreements)
- each document is linked to the relevant clauses Annexes of ISO 42001 for precise compliance.
Target audience:
- any participant in an organization wishing to implement or improve their artificial intelligence management system according to ISO 42001:2023.
See the document sets related to the artificial intelligence management system:
- T 29v23 version 2023 ISO 42001 readiness
- T 49v23 version 2023 ISO 42001 internal audit
- T 89v23 version 2023 ISO 42001 package
See also the "Oxebridge Totally Free ISO 9001:2015 QMS Documentation Template Kit"
| D 08v23 Processes, procedures, policies and records ISO 42001 version 2023 | |||
| Codification | Title | Clause, sub-clause and Annex A ISO 42001 | Pages |
| PQBD08v23AIM | AI manual (first pages in pdf) | § 4.4 ; § 5.2 | 17 |
| Processes (* mandatory) | |||
| PQBD02S1 | Maintain regulatory watch (pdf) | 4.2 | 2 |
| PQBD02M4 | Establish process ownership | 4.4 | 2 |
| PQBD02M9 | Plan the AIMS | 4.4 | 2 |
| PQBD02M1 | Develop strategy | 5.1 | 2 |
| PQBD02M5 | Establish policy | 5.2 | 2 |
| PQBD02M22 | Assess risks* | 6.1.2 | 2 |
| PQBD02M23 | Treat risks* | 6.1.3 | 2 |
| PQBD02R71 | Assess the impact* | 6.1.4; A.5.2 | 2 |
| PQBD02M10 | Deploy objectives | 6.2 | 2 |
| PQBD02R34 | Manage changes | 6.3 | 2 |
| PQBD02S3 | Acquire and maintain infrastructure | 7.1 | 2 |
| PQBD02R4 | Maintain equipment | 7.1 | 2 |
| PQBD02S4 | Manage inspection means | 7.1 | 2 |
| PQBD02S14 | Apply discipline | 7.2 | 2 |
| PQBD02S15 | Manage the employment contract | 7.2 | 2 |
| PQBD02S6 | Provide training | 7.2 | 2 |
| PQBD02M12 | Communicate | 7.4 | 2 |
| PQBD02S9 | Provide information | 7.5.1 | 2 |
| PQBD02S10 | Control documentation |
7.5.3 |
2 |
| PQBD02R54 | Manage operational requirements | 8.1 | 2 |
| PQBD02R23 | Purchase | 8.1 | 2 |
| PQBD02R49 | Manage security continuity | 8.1 | 2 |
| PQBD02R62 | Manage configuration | 8.1 | 2 |
| PQBD02R24 | Control outsourced processes | 8.1 | 2 |
| PQBD02R66 | Test | 8.1 | 2 |
| PQBD02R39 | Inspect | 9.1 | 2 |
| PQBD02M17 | Audit | 9.2 | 2 |
| PQBD02M18 | Carry out management reviews | 9.3 | 2 |
| PQBD02M19 | Improve | 10.1 | 2 |
| PQBD02M40 | Control nonconformities | 10.2 | 2 |
| PQBD02M41 | Implement corrective actions | 10.2 | 2 |
| PQBD02R72 | Report concerns* | A.3.3 | 2 |
| PQBD02R50 | Implement security | A.3.3 | 2 |
| PQBD02R61 | Manage vulnerabilities | A.4.4 | 2 |
| PQBD02R18 | Design and develop* | A.6.1.3 | 2 |
| PQBD02R73 | Develop and enhance the AI system* | A.7.2 | 2 |
| PQBD02R74 | Record the provenance of the data* | A.7.5 | 2 |
| PQBD02R60 | Manage incidents | A.8.4 | 2 |
| PQBD02R75 | Use the AI system resonsibly* | A.9.2 | 2 |
| PQBD02R76 | Ensure supplier responsible practices* | A.10.3 | 2 |
| PQBD02R57 | Manage supplier security | A.10.3 | 2 |
| Procedures | |||
| PQBD08v23pr01 | Regulatory watch (pdf) | 4.2 | 3 |
| PQBD08v23pr02 | Scope | 4.3 | 3 |
| PQBD08v23pr03 | Process control | 4.4 | 4 |
| PQBD08v23pr04 | Responsibility and authority | 5.3 | 3 |
| PQBD08v23pr05 | Risk management | 6.1 | 7 |
| PQBD08v23pr06 | Changes | 6.3 | 5 |
| PQBD08v23pr07 | Training | 7.2 | 5 |
| PQBD08v23pr08 | Communication | 7.4 | 3 |
| PQBD08v23pr09 | Documentation | 7.5 | 5 |
| PQBD08v23pr10 | Operational control | 8.1 | 4 |
| PQBD08v23pr11 | Inspection | 9.1 | 6 |
| PQBD08v23pr12 | Data analysis | 9.1 | 5 |
| PQBD08v23pr13 | Internal audit | 9.2 | 6 |
| PQBD08v23pr14 | Management review | 9.3 | 5 |
| PQBD08v23pr15 | Continual improvement | 10.1 | 5 |
| PQBD08v23pr16 | Nonconformities | 10.2 | 4 |
| PQBD08v23pr17 | Corrective actions | 10.2 | 4 |
| PQBD08v23pr18 | Privacy protection | A.5.4 | 4 |
| PQBD08v23pr19 | Intellectual property | A.5.4 | 3 |
| PQBD08v23pr20 | Backup | A.7.5; A.6.8 | 3 |
| PQBD08v23pr21 | Incidents | A.8.4 | 7 |
| PQBD08v23pr22 | Information communication | A.8.5 | 4 |
| PQBD08v23pr23 | Supplier relationships | A.10.3 | 4 |
| Policies (* mandatory) | |||
| PQBD08v23po01 | Compliance with rules and standards (pdf) | 4.1 | 3 |
| PQBD08v23po02 | AI policy* | 5.2 | 4 |
| PQBD08v23po03 | Awareness and training | 7.3; 7.2 | 4 |
| PQBD08v23po04 | Proper use of information | A.7; A.8.5 | 5 |
| PQBD08v23po05 | Supplier relationships | A.10.3 | 5 |
| PQBD08v23po06 | Intellectual property | A.5.4 | 3 |
| PQBD08v23po07 | Privacy protection | A.5.4 | 4 |
| PQBD08v23po08 | Log recording | A.6.2.8 | 6 |
| Records (* mandatory) | |||
| PQBD08v23re01 | External and internal issues (pdf) | 4.1 | 2 |
| PQBD08v23re02 | List of stakeholders | 4.2 | 3 |
| PQBD08v23re03 | List of requirements | 4.2 | 1 |
| PQBD08v23re04 | Scope* | 4.3 | 1 |
| PQBD08v23re05 | Process review report | 4.4 | 2 |
| PQBD08v23re06 | Process sheet | 4.4 | 2 |
| PQBD08v23re07 | Work instruction | 4.4 | 1 |
| PQBD08v23re08 | List of processes | 4.4 | 2 |
| PQBD08v23re09 | Job descriptions | 5.3 | 1 |
| PQBD08v23re10 | Job description : AI manager | 5.3 | 2 |
| PQBD08v23re11 | AI risk template*, Excel | 6.1 | 10 |
| PQBD08v23re12 | Risk treatment plan | 6.1.1 | 3 |
| PQBD08v23re13 | Risk acceptance criteria* | 6.1.1 | 1 |
| PQBD08v23re14 | Risk assessment criteria* | 6.1.2 | 1 |
| PQBD08v23re15 | Statement of applicability*, Excel | 6.1.3 | 3 |
| PQBD08v23re16 | Result of the AI system impact assessment* | 6.1.4 | 2 |
| PQBD08v23re17 | AI objectives* | 6.2 | 3 |
| PQBD08v23re18 | Objective achievement plan | 6.2 | 1 |
| PQBD08v23re19 | Change management plan | 6.3; 8.1 | 1 |
| PQBD08v23re20 | Available resources | 7.1 | 1 |
| PQBD08v23re21 | Confidentiality agreement | 7.1 | 1 |
| PQBD08v23re22 | onboarding guide | 7.2 | 3 |
| PQBD08v23re23 | Staff competence* | 7.2 | 1 |
| PQBD08v23re24 | Competence development plan | 7.2 | 1 |
| PQBD08v23re25 | Certificate of attendance | 7.2 | 1 |
| PQBD08v23re26 | Training plan | 7.2 | 1 |
| PQBD08v23re27 | Annual review | 7.2 | 1 |
| PQBD08v23re28 | Awareness increase plan | 7.3 | 2 |
| PQBD08v23re29 | Communication improvement plan | 7.4 | 2 |
| PQBD08v23re30 | List of documents* | 7.5.3; A.4.2 | 5 |
| PQBD08v23re31 | Documents of external origin* | 7.5.3 | 1 |
| PQBD08v23re32 | Procedure | 7.5.3 | 1 |
| PQBD08v23re33 | Instruction | 7.5.3 | 1 |
| PQBD08v23re34 | Coding documents | 7.5.3 | 1 |
| PQBD08v23re35 | Process tracking |
8.1 |
4 |
| PQBD08v23re36 | Configuration log | 8.1; A.6.2.3 | 3 |
| PQBD08v23re37 | Risk assessment results* | 8.2 | 1 |
| PQBD08v23re38 | Risk treatment results* | 8.3 | 1 |
| PQBD08v23re39 | AI system impact assessment results* | 8.4; A.5.3 | 3 |
| PQBD08v23re40 | Monitoring and measurement results* | 9.1 | 2 |
| PQBD08v23re41 | Analysis report | 9.1 | 4 |
| PQBD08v23re42 | Audit program* | 9.2 | 1 |
| PQBD08v23re43 | Audit report* | 9.2 | 2 |
| PQBD08v23re44 | List of internal auditors | 9.2 | 1 |
| PQBD08v23re45 | Internal audit plan | 9.2 | 3 |
| PQBD08v23re46 | AIMS internal audit questionnaire, 347 questions | 9.2 | 20 |
| PQBD08v23re47 | Management review decisions* | 9.3 | 3 |
| PQBD08v23re48 | AIMS improvement plan | 10.1 | 1 |
| PQBD08v23re49 | Nature of nonconformities* | 10.2 | 1 |
| PQBD08v23re50 | Corrective action results* | 10.2 | 1 |
| PQBD08v23re51 | Notification to authorities | A.3.3 | 1 |
| PQBD08v23re52 | Data resources* | A.4.3 | 2 |
| PQBD08v23re53 | Tooling resources* | A.4.4 | 2 |
| PQBD08v23re54 | Malware protection | A.4.4 | 1 |
| PQBD08v23re55 | Test plan | A.4.4 | 2 |
| PQBD08v23re56 | System and computing resources* | A.4.5 | 2 |
| PQBD08v23re57 | Personnel resources* | A.4.6 | 2 |
| PQBD08v23re58 | Security rules commitment | A.5.4 | 1 |
| PQBD08v23re59 | License register | A.5.4 | 1 |
| PQBD08v23re60 | Intellectual property | A.5.4 | 1 |
| PQBD08v23re61 | Potential impacts of the AI system on individuals* | A.5.4 | 2 |
| PQBD08v23re62 | Potential impacts of the AI system on society* | A.5.5 | 2 |
| PQBD08v23re63 | Objectives to guide responsible development of the AI system* | A.6.1.2 | 2 |
| PQBD08v23re64 | Specific processes for the responsible development of the AI system* | A.6.1.3 | 2 |
| PQBD08v23re65 | Requirements for new AI system or material enhancements* | A.6.2.2 | 3 |
| PQBD08v23re66 | Design and development of the AI system* | A.6.2.3 | 2 |
| PQBD08v23re67 | Measures and criteria for verifying and validating the AI system* | A.6.2.4 | 2 |
| PQBD08v23re68 | Deplyment plan* |
A.6.2.5 |
1 |
| PQBD08v23re69 | Necessary elements for the ongoing operation of the AI system* | A.6.2.6 | 1 |
| PQBD08v23re70 | Technical documentation for each stakeholder* | A.6.2.7 | 2 |
| PQBD08v23re71 | Event logs* | A.6.2.8 | 2 |
| PQBD08v23re72 | Backup plan | A.6.2.8 | 1 |
| PQBD08v23re73 | Data acquisition and selection* | A.7.3 | 1 |
| PQBD08v23re74 | Data quality requirements* | A.7.4 | 2 |
| PQBD08v23re75 | Data provenance* | A.7.5 | 1 |
| PQBD08v23re76 | Information deletion | A.7.5 | 1 |
| PQBD08v23re77 | Data preparation selection criteria* | A.7.6 | 1 |
| PQBD08v23re78 | Data preparation methods* | A.7.6 | 1 |
| PQBD08v23re79 | Incident communication plan* | A.8.4 | 1 |
| PQBD08v23re80 | Incident register*, Excel | A.8.4 | 4 |
| PQBD08v23re81 | Information reporting obligations* | A.8.5 | 2 |
| PQBD08v23re82 | Objectives for the responsible use of the AI system* | A.9.3 | 2 |
| PQBD08v23re83 | Information security with suppliers | A.10.3 | 1 |
| PQBD08v23re84 | Supplier contract, Excel | A.10.3 | 2 |
| PQBD10v22List | List of AI processes, procedures, policies and records ISO 42001 version 2023 | 4 | |
| Total | 412 | ||
