USA: ITI releases recommendations on Artificial Intelligence Risk Management Framework to NIST
The Information Technology Industry Council ('ITI') announced, on 26 January 2022, that it had released a series of recommendations addressed to the National Institute of Standards and Technology ('NIST') regarding its concept paper for the Artificial Intelligence Risk Management Framework ('AI RMF').
In particular, ITI offered a series of recommendations in order to improve the framework and encourage NIST to:
- seek to maintain coherence with prior works, such as the Framework for Improving Critical Infrastructure Cybersecurity ('the Cybersecurity Framework') and Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management ('the Privacy Framework');
- align the AI RMF with standards that are currently under development in international standards bodies (i.e., ISO/IEC JTC 1);
- clarify how risks differ for human facing and non-human facing AI systems, and set forth appropriate risk evaluation criteria;
- seek to maintain and foster consistency internationally to the extent possible; and
- add a function that accounts for contingencies similar to the 'respond' function in the Cybersecurity Framework.