1 Scope
This document outlines best practices on assessing security and privacy in artificial
intelligence use cases, covering in particular those published in ISO/IEC TR 24030.
The following aspects are addressed:
-
— an overall assessment of security and privacy on the AI system of interest;
-
— security and privacy concerns;
-
— security and privacy risks;
-
— security and privacy controls;
-
— security and privacy assurance; and
-
— security and privacy plans.
Security and privacy are treated separately as the analysis of security and the analysis
of privacy can differ.