ISO42001-8.2-03
Risk Management
8.2 — AI risk assessment (operational)
Conduct risk assessments for each AI system within scope
Description
The organization must perform AI risk assessments for every individual AI system that falls within the scope of the management system.
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
ISO42001-8.2-01
Risk Management
Perform AI risk assessments at planned intervals
ISO42001-8.2-02
Risk Management
Perform AI risk assessments when significant changes occur
ISO42001-8.2-04
Risk Management
Consider system-specific characteristics in risk assessments
ISO42001-8.2-05
Documentation
Retain documented information of risk assessment results
ISO42001-8.2-06
Documentation
Ensure traceability between risks and AI systems
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started