ISO/IEC 22989 Artificial Intelligence — Concepts and Terminology

ISO/IEC 22989:2022 is a foundational standard developed by the Joint Technical Committee ISO/IEC JTC 1/SC 42, providing a globally harmonized vocabulary for Artificial Intelligence. Its core purpose is to establish authoritative definitions for key concepts like 'AI system,' 'machine learning,' 'bias,' and 'trustworthiness.' In enterprise risk management, it serves as the linguistic bedrock for other AI standards, such as ISO/IEC 23894 (Risk Management) and ISO/IEC 42001 (AI Management System). By standardizing terminology, it enables clear and unambiguous communication about AI-specific risks and controls among diverse stakeholders (legal, tech, audit), which is essential for effective governance and for demonstrating compliance with emerging regulations like the EU AI Act.

Practical application involves three key steps. First, 'Internalization and Training': conduct workshops for all relevant teams to ensure a shared understanding of the standard's definitions. Second, 'Policy and Documentation Alignment': update internal risk management policies, AI development guidelines, and third-party contracts to reflect the standard's terminology. For instance, define 'robustness' in a service-level agreement using the ISO definition. Third, 'Stakeholder Communication': use the standardized vocabulary when engaging with regulators, auditors, and clients to demonstrate adherence to global best practices. Measurable outcomes include a potential 15% increase in the pass rate of compliance audits due to reduced ambiguity and a 20% reduction in time spent clarifying risk terminologies during assessments.

Taiwanese enterprises often face three main challenges. 1) Low Perceived Urgency: Many view a terminology standard as academic rather than a critical business tool for mitigating risk and enabling global trade. 2) Integration Effort: Aligning existing, homegrown terminology with the ISO standard requires significant resources for updating documents and retraining staff. 3) Talent Gap: There is a shortage of professionals skilled in AI, risk management, and international standards. To overcome this, leadership must champion the standard's strategic value. A phased approach is recommended, starting with a mapping of internal terms to ISO terms and prioritizing external-facing documents. Engaging external experts can bridge the talent gap and accelerate implementation while upskilling internal teams.

Winners Consulting specializes in ISO/IEC 22989 for Taiwan enterprises, delivering compliant management systems within 90 days. Free consultation: https://winners.com.tw/contact