Navigate the complex world of AI compliance with ease. This glossary breaks down essential terms and concepts to help AI professionals and enterprise buyers alike gain clarity on regulations, standards, and practices that shape today’s AI landscape. Stay informed and stay compliant.
A machine-based system capable of making predictions, recommendations, or decisions influencing environments. AI systems operate autonomously or semi-autonomously, using inference or pattern recognition to achieve specific goals within defined parameters.
The responsibility of providers and deployers to ensure AI systems are developed, deployed, and monitored in compliance with regulations and ethical standards, ensuring that AI’s use does not infringe on fundamental rights and operates as intended.
The degree to which an AI system’s outcomes align with the intended purpose, minimizing errors and biases. For high-risk systems, accuracy must be continuously monitored to maintain system integrity and prevent risks to users and affected persons.
The capacity of an AI system to function with minimal human intervention, making decisions based on programmed objectives and evolving inputs. This autonomy allows AI to operate independently, adapting to changing environments and inputs.
A structured evaluation aimed at identifying, analyzing, and mitigating biases within AI systems. Bias audits ensure that AI models operate fairly, produce non-discriminatory outcomes, and comply with ethical and regulatory standards to protect affected groups.
Processes to identify and reduce biases in AI, which may arise from systemic, computational, or human sources, potentially leading to unfair outcomes. Bias mitigation ensures AI systems work equitably across diverse groups and contexts.
A process through which potential buyers of AI assess risks associated with an AI system, including compliance, security, and ethical factors. The assessment aids buyers in making informed decisions by evaluating operational risks and impact.
A structured set of guidelines and best practices designed to ensure that AI systems meet legal, ethical, and operational standards. The framework addresses accountability, transparency, risk management, and data security requirements.
Individuals or entities that operate or use AI systems in various applications. Deployers are responsible for ensuring that systems function as intended and in compliance with regulatory standards, especially when using high-risk AI systems.
Natural or legal persons within the supply chain, other than providers or importers, who make AI systems available on the EU market. They must ensure that systems meet all regulatory standards and provide essential documentation upon request.
Principles guiding the responsible development and use of AI to align with human values and rights, including transparency, fairness, and accountability. AI ethics frameworks aim to prevent harm, discrimination, and misuse of AI systems in various contexts.
A natural or legal person who places an AI system from a third country on the EU market. Importers are responsible for verifying compliance with EU regulations and ensuring all necessary documentation accompanies the system.
The extent to which the meaning of AI outputs is clear and understandable within the system’s designed functional purpose. Interpretability helps operators or overseers effectively use and govern the AI system in practice.
Entities responsible for integrating AI systems as components of physical products. They must ensure these systems comply with safety and compliance requirements before releasing the products on the market.
Any entity that develops or markets an AI system in the EU. Providers are accountable for system compliance, including meeting technical, safety, and documentation standards, especially for high-risk applications.
‘AI system’ means a machine-based system designed to operate with varying levels of autonomy, that may exhibit adaptiveness after deployment and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments
Obligations ensuring that an AI system’s functions, capabilities, and limitations are clear to users and regulators, promoting informed use and adherence to compliance requirements, particularly in high-risk cases.
The process of systematically reviewing AI systems to ensure adherence to regulatory, ethical, and operational standards, focusing on system accuracy, fairness, and accountability. Audits identify risks and verify compliance with established guidelines.
The adherence of AI systems to established legal, ethical, and technical standards to ensure safe and trustworthy deployment. Compliance encompasses data governance, accountability, and user rights in alignment with regulatory requirements.
The degree to which an AI system’s mechanisms can be understood by humans. Explainability allows stakeholders to gain insights into how the system generates outputs, fostering trust, facilitating debugging, and enabling accountability.
Oversight structures and policies ensuring that AI systems are developed, deployed, and monitored in accordance with legal, ethical, and organizational standards, including data security, fairness, transparency, and risk management protocols.
The ability of users and stakeholders to understand basic AI concepts, including its risks, limitations, and implications on decision-making. AI literacy enables informed use, promotes transparency, and enhances trust in AI-driven outcomes.
Continuous oversight of AI system performance and compliance, ensuring it adheres to regulatory standards and operates as intended. Monitoring includes documenting system outputs and reporting deviations or incidents affecting user rights or safety.
Internal organizational guidelines that establish standards for AI development, deployment, and oversight, focusing on ethics, accountability, and data governance to align AI use with regulatory and organizational objectives.
Standardized sets of questions assessing AI system risks, performance, and compliance. These questionnaires help AI buyers evaluate AI reliability, fairness, and adherence to ethical and regulatory standards, providing insights for decision-makers.
The ability of an AI system to perform as required, without failure, over a specified time interval and under defined conditions. Reliable AI systems consistently operate correctly, promoting user trust and reducing risk in critical applications.
The capacity of an AI system to maintain functionality and performance in the face of unexpected challenges, including adversarial attacks or environmental shifts. Resilient AI systems are robust and recover gracefully from disruptions.
Coordinated activities to identify, assess, and mitigate risks throughout the AI lifecycle. AI risk management enhances understanding of potential impacts, reduces harm, and improves the trustworthiness of AI systems across contexts.
The ability of an AI system to sustain performance across a range of scenarios, including those not initially anticipated. Robust systems demonstrate reliability and minimize harm, even in varied or unexpected environments.
Assurance that an AI system will not, under defined conditions, cause harm to human life, health, property, or the environment. Safe AI systems incorporate design practices, rigorous testing, and controls to avoid dangerous states or failures.
Techniques used to exploit vulnerabilities in AI systems by manipulating data or inputs, causing the AI to perform unintended actions or produce incorrect outputs. Resilient AI systems are designed to withstand such attacks and maintain functionality.
A thorough examination of algorithms within AI systems to assess their accuracy, fairness, and compliance with legal and ethical standards. Algorithmic audits aim to identify and mitigate potential biases and ensure responsible AI deployment.
A tendency of an AI algorithm to produce discriminatory outcomes, often due to skewed training data or flawed model design. Algorithmic bias audits address disparities, ensuring outcomes align with fairness principles and anti-discrimination laws.
A principle ensuring AI systems do not perpetuate or amplify existing biases, particularly against protected groups. This includes detecting and mitigating discriminatory outcomes to align with fundamental rights and anti-discrimination laws.
The principle that AI systems’ decision-making processes should be clear and understandable, enabling users to comprehend how outputs are derived. Transparency fosters accountability and builds user trust by providing insight into AI operations.
The use of AI-driven tools to automatically monitor and enforce compliance with regulatory, ethical, and operational standards. Automated compliance tools ensure continuous adherence to requirements without manual oversight.
Processes in which AI systems independently make decisions or recommendations impacting individuals or groups. Automated decisions must align with fairness, transparency, and accuracy standards, particularly in high-risk applications.
The process of assigning individuals to specific groups or categories based on biometric data, such as age, gender, or behavior, excluding any direct identification purposes or consent-based verification processes.
Data derived from physical, physiological, or behavioral characteristics enabling unique identification of a natural person, including facial images, fingerprints, and gait, processed for either identity verification or categorization purposes.
The automated process of identifying individuals by comparing their biometric data with reference data, typically without active participation from the individual, to establish identity in various environments, including security settings.
AI models with complex internal operations that are opaque or difficult to interpret by users. These models pose challenges for transparency and accountability, often requiring explainability measures to ensure trust and understanding.
A strategic approach to maintaining AI system functionality during disruptions, ensuring ongoing operations. Plans include measures for data backup, disaster recovery, and contingency actions to mitigate risks of operational interruptions.
An assessment process evaluating the potential effects of AI system failure or disruption on business functions. This analysis identifies critical operations, quantifies impacts, and guides risk management and continuity planning efforts.
Records and materials that detail an AI system’s design, functionality, and risk assessments, ensuring conformity with applicable EU regulations, including technical specifications, testing protocols, and operational guidance for responsible use.
Structured approaches within an organization to ensure AI systems align with applicable legal and regulatory requirements. Compliance mechanisms encompass policies, processes, and monitoring activities to manage AI risks effectively.
A systematic evaluation process to verify that high-risk AI systems meet all EU compliance requirements, ensuring their safe deployment and adherence to standards that protect users and affected persons’ health, safety, and fundamental rights.
Ongoing observation and assessment of an AI system’s performance, identifying and addressing emergent risks and system failures over time. Continuous monitoring supports adaptation to evolving conditions and stakeholder needs.
Measures implemented to protect AI systems from unauthorized access, manipulation, or malicious attacks. These measures ensure the integrity, confidentiality, and reliability of the AI system’s performance across its operational lifecycle.
Policies and procedures ensuring data used in AI systems is accurate, representative, and privacy-compliant, particularly in high-risk contexts. Effective data governance prevents biases, protects user data, and maintains the integrity of AI processes.
The principle that only the necessary amount of data should be collected, processed, and retained to achieve the AI system’s intended purpose, particularly for personal and sensitive data, to safeguard privacy and prevent unauthorized data use.
The tracking and documentation of the origin, history, and quality of data used in AI systems. Maintaining data provenance ensures transparency, accountability, and compliance, supporting risk management and trustworthiness.
Standards ensuring that the data used for training and operating AI systems is complete, accurate, and free from biases that could affect system performance, especially in high-risk applications where data quality directly impacts decision integrity.
A principle ensuring that data collected, processed, and stored by AI systems complies with applicable jurisdictional regulations, particularly for cross-border data transfers, and respects individuals’ rights to control their personal data.
Standardized surveys evaluating AI systems’ compliance, performance, and ethical adherence. These questionnaires help AI buyers assess potential risks, including data governance, transparency, and regulatory compliance, prior to deployment.
A centralized EU database where high-risk AI systems are registered to enhance transparency, facilitate regulatory oversight, and provide accessible information on compliance status and risk assessments associated with these systems.
Unanticipated behaviors or effects that arise in complex AI systems, often as a result of interactions among components. These properties may lead to unintended consequences and require careful monitoring and management.
AI systems designed to infer emotions or intentions from biometric data, such as facial expressions or voice intonation, potentially impacting users’ privacy. Such systems are subject to stricter regulations in sensitive environments like workplaces.
Policies and standards applied within organizations to ensure AI systems meet regulatory and ethical standards, fostering trust and accountability. Enterprise AI compliance encompasses data security, risk assessment, and stakeholder engagement.
The development and use of AI systems that prioritize human values, transparency, and fairness to protect individuals’ rights and freedoms. Ethical AI practices are intended to prevent discrimination, misuse, and adverse impacts on society.
The capability of an AI system to make its decisions or outcomes understandable to users or regulators, particularly in high-risk applications, supporting transparency and allowing individuals to assess system impact on their rights and interests.
AI systems designed to provide clear, interpretable explanations of their decision-making processes. Explainable AI enhances transparency and accountability, allowing users to understand and trust AI-driven outcomes in complex applications.
Built-in measures allowing AI systems to revert to a safe state in the event of errors, technical malfunctions, or unexpected behavior, thereby preventing harm to users, the public, or affected environments.
A characteristic that addresses equity and bias in AI systems, ensuring outcomes do not discriminate against specific groups. Fair AI systems promote inclusivity, mitigate unintended harm, and align with societal standards of justice.
A pre-deployment assessment of high-risk AI systems to identify and mitigate risks to individuals’ rights and freedoms, ensuring AI use complies with EU human rights protections and does not adversely affect vulnerable groups.
A European Union regulation ensuring the protection of individuals’ personal data. AI systems processing personal data must adhere to GDPR principles, including consent, transparency, and accountability, to safeguard privacy rights.
AI models or systems capable of performing a wide range of functions across multiple contexts. These models are typically trained on extensive datasets and may be adapted or fine-tuned for specific applications.
General-purpose AI models deemed to pose broad risks due to their capabilities and potential for widespread impact. They are subject to additional regulatory requirements for transparency, risk management, and impact assessment.
AI systems identified by the EU as having significant potential to impact health, safety, or fundamental rights. These systems must meet strict compliance standards, including risk assessments, documentation, and human oversight.
Mechanisms that allow humans to monitor and, where necessary, intervene in AI system operations to prevent or mitigate harmful outcomes, particularly relevant for high-risk AI systems in sensitive sectors.
A review assessing the impact of an AI system on fundamental human rights, including privacy and non-discrimination. This assessment identifies and mitigates potential harms, ensuring AI deployment aligns with EU rights protections.
Involvement of human oversight in AI decision-making, allowing humans to interpret, adjust, or override AI outputs. HITL configurations enhance safety, accountability, and the ethical deployment of AI systems.
An international standard for managing AI systems, focusing on guidelines for responsible AI development, deployment, and oversight. ISO 42001 outlines best practices for transparency, accountability, and continuous risk management.
A pre-deployment evaluation of potential risks and impacts associated with an AI system, focusing on user safety, privacy, and rights. This assessment informs risk management strategies and enhances compliance with regulatory standards.
Adherence to copyright, patent, and other intellectual property laws in the development and deployment of AI systems, ensuring that any protected content or methods used in AI are authorized or properly licensed.
The ability of AI systems to generate outcomes that can be understood by end users and regulators, especially in high-risk contexts, to promote transparency, accountability, and informed decision-making.
The adherence of AI systems to legal standards and regulations, ensuring their deployment aligns with applicable laws governing data protection, safety, and ethical guidelines to protect users and affected individuals.
AI systems with moderate potential for adverse impact, subject to transparency and information requirements but not classified as high-risk. Users must be informed they are interacting with AI, ensuring responsible and transparent usage.
An AI technique where systems improve their performance by learning from data without explicit programming. Machine learning models require proper documentation and compliance to minimize risks of bias and errors.
Techniques and practices aimed at promoting equitable outcomes in machine learning systems by addressing potential biases. ML Fairness seeks to prevent discrimination and ensure AI models are fair across demographics.
AI systems with low potential to impact users’ health, safety, or fundamental rights. These systems typically require no specific regulatory oversight and are presumed safe for general use without additional compliance obligations.
Ensuring AI models operate in line with ethical and regulatory standards, with responsibility for outcomes assigned to providers. Model accountability includes transparency, risk management, and compliance with legal obligations.
The extent to which an AI model can maintain performance on new or diverse data that differs from its training data. Generalizable models perform effectively across varied contexts, enhancing reliability and reducing risk.
The ability of AI systems to produce results that are understandable to users, enabling them to comprehend the reasoning behind AI-driven outcomes. Interpretability is key for transparency, trust, and effective decision-making.
Guidelines established by the National Institute of Standards and Technology for ethical, transparent, and secure AI systems. NIST standards support regulatory compliance, risk management, and protection of user rights.
Continuous monitoring of an AI system’s performance and compliance after its deployment, enabling the provider to detect and correct any issues or unintended consequences impacting safety, accuracy, or compliance.
An evaluation to determine how AI systems handle personal data, assessing compliance with data protection standards, including GDPR. The assessment helps identify privacy risks and implement safeguards to protect user information.
AI designed to respect user privacy by limiting data access, ensuring confidentiality, and allowing individuals to control their data. Privacy-enhanced AI promotes autonomy and reduces risks of privacy intrusion.
AI systems whose applications are banned within the EU due to their capacity to harm fundamental rights, including systems using subliminal techniques, social scoring, or remote biometric identification in public spaces for surveillance purposes.
Internal processes established by providers to maintain compliance, quality, and safety standards throughout an AI system’s lifecycle, including during development, testing, and post-market monitoring.
A method for analyzing statistical biases in AI model outputs, ensuring they do not disproportionately affect specific groups. Quantitative bias testing supports fairness and compliance with anti-discrimination standards.
A structured process quantifying potential risks posed by AI systems, evaluating the likelihood and severity of adverse impacts. This assessment informs risk mitigation strategies and promotes responsible AI deployment.
AI systems capable of generating instant or near-instantaneous responses, often in high-stakes scenarios. These systems must be robust, secure, and reliable to mitigate risks associated with time-sensitive applications.
The requirement for AI systems to adhere to applicable EU regulations governing safety, transparency, and user protection. Regulatory compliance ensures AI systems meet legal standards for operation within the European market.
AI systems used to identify individuals from a distance, often in public spaces, by comparing live biometric data to reference databases, with stringent requirements for transparency, data protection, and authorization.
The development and use of AI systems that prioritize ethical principles, transparency, and human rights. Responsible AI practices minimize harm, enhance accountability, and support compliance with regulatory standards.
Structured methodologies for evaluating and mitigating risks associated with AI systems, ensuring that systems operate within acceptable risk levels and are equipped to handle potential adverse outcomes.
A continuous, lifecycle-wide process to identify, assess, and mitigate risks posed by AI systems, ensuring their safe, ethical, and compliant operation within their intended use environments.
The level of risk an organization or stakeholder is prepared to accept to achieve objectives. In AI, risk tolerance varies based on legal requirements, organizational priorities, and the specific context of system deployment.
The interplay of human, organizational, and technical influences on AI system design, development, and deployment. Socio-technical factors shape AI risks and benefits, impacting fairness, interpretability, and system acceptance.
