ISO 42001 - Terms & Definitions

Question 1

organization

Answer 1

person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives

Question 2

interested party

Answer 2

person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity

Question 3

top management

Answer 3

person or group of people who directs and controls an organization at the highest level

Question 4

management system

Answer 4

set of interrelated or interacting elements of an organization to establish policies and objectives, as well as processes to achieve those objectives

Question 5

policy

Answer 5

intentions and direction of an organization as formally expressed by its top management

Question 6

objective

Answer 6

result to be achieved

Question 7

risk

Answer 7

effect of uncertainty

Question 8

process

Answer 8

set of interrelated or interacting activities that uses or transforms inputs to deliver a result

Question 9

competence

Answer 9

ability to apply knowledge and skills to achieve intended results

Question 10

documented information

Answer 10

information required to be controlled and maintained by an organization and the medium on which it is contained

Question 11

performance

Answer 11

measurable result

Question 12

continual improvement

Answer 12

recurring activity to enhance performance

Question 13

effectiveness

Answer 13

extent to which planned activities are realized and planned results are achieved

Question 14

requirement

Answer 14

need or expectation that is stated, generally implied or obligatory

Question 15

conformity

Answer 15

fulfilment of a requirement

Question 16

nonconformity

Answer 16

non-fulfilment of a requirement

Question 17

audit

Answer 17

systematic and independent process for obtaining evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

Question 18

corrective action

Answer 18

action to eliminate the cause(s) of a nonconformity and to prevent recurrence

Question 19

measurement

Answer 19

process to determine a value

Question 20

monitoring

Answer 20

determining the status of a system, a process or an activity

Question 21

control

Answer 21

<risk> measure that maintains and/or modifiesrisk
</risk>

Question 22

governing body

Answer 22

person or group of people who are accountable for the performance and conformance of the organization

Question 23

information security

Answer 23

preservation of confidentiality, integrity and availability of information

Question 24

AI system impact assessment

Answer 24

formal, documented process by which the impacts on individuals, groups of individuals, or both, and societies are identified, evaluated and addressed by an organization developing, providing or using products or services utilizing artificial intelligence

Question 25

data quality

Answer 25

characteristic of data that the data meet the organization’s data requirements for a specific context

Question 26

statement of applicability

Answer 26

documentation of all necessary controls and justification for inclusion or exclusion of controls