← All posts

AI needs its own risk rulebook. Here’s why.

A rulebook with a shield-and-checkmark, ringed by the stages of a risk-management lifecycle — planning, data, testing, deployment, monitoring and retirement.

Most of the risks a company faces sit still. A supplier is reliable or it isn’t. A contract says what it says. You can assess the risk once, write a rule, and it mostly holds. AI risk doesn’t behave like that — and that mismatch is the quiet reason the world is now writing standards specifically for it.

One of those standards is ISO/IEC 23894, published in 2023. It’s worth understanding not because you need to adopt it, but because of what it tells you about where AI risk is heading.

Why AI risk is different

A normal risk stays where you left it. An AI system doesn’t. It learns, it’s updated, and it makes decisions on its own. A model that was fair last quarter can quietly drift as the world around it changes. A tool that worked on last year’s data can start failing on this year’s, with no alarm going off. The risk isn’t a fixed thing you grade once — it moves.

It also fails in ways older risk frameworks weren’t built for: hidden bias in a decision, private data leaking into a tool, a security hole in a model, or a system doing something no one intended because it was acting on its own. A traditional risk register assumes the risk holds still long enough to manage it. AI breaks that assumption.

AI risk isn’t a fixed thing you grade once. It moves.

What ISO 23894 actually is

In plain terms: it’s international guidance for managing AI risk across the whole life of a system. It is not a law, and it’s not a certificate you pass — it’s a shared, structured way of thinking about the problem. It’s built on the same bones as ordinary risk management (the long-standing ISO 31000), then adapted for the things that make AI different.

It sits next to a related standard, ISO 42001, and people mix them up. The simplest way to hold them apart: 42001 is about how you run AI responsibly as an organisation; 23894 is about how you handle the risk specifically. One is the management system, the other is the risk lens.

What it actually asks you to do

Less than the numbers suggest. At its core it’s four steps, done again and again: find the risks in an AI system, weigh them (how likely, how bad), do something about them, then keep watching. That last step — keep watching — is the one that matters most and the one teams quietly skip.

The other half is that it treats risk across a system’s entire life, not just at launch: planning, the data you train on, building the model, testing, deployment, running it day to day, and finally retiring it. The point isn’t the checklist. It’s the habit underneath it — the idea that AI risk is something you manage continuously, with someone clearly accountable, rather than sign off once and forget.

Why this matters even if you never get certified

Most organisations will never formally adopt ISO 23894, and that’s fine. Its real value is as a signal. The conversation has moved from “is AI risky?”, which is a debate, to “how do we manage AI risk?”, which is a process. Regulators are asking the same questions the standard asks — the EU AI Act and financial supervisors both want to know how a system was assessed and how it’s being monitored.

So the useful test isn’t whether you hold a certificate. It’s whether your team can answer, for a given AI system: how did you decide it was safe to use, and how are you watching it now? If you can answer that, you’re in good shape with or without the paperwork. If you can’t, a standard number on a wall won’t save you.

The real takeaway

A standard is really just good judgement, written down. ISO 23894 is most useful not as a document to comply with, but as a mirror — a way to check whether your team thinks about AI risk the right way: continuously, across the whole life of a system, with clear ownership. You can build that habit without ever opening the standard. The standard just tells you what “good” looks like once you do.

If your team is working out how to manage AI risk in practice — as a habit people actually use, not a policy that gathers dust — that’s the kind of thing we help teams build. Talk to us if it’s useful, or see how we run it in-house.

Prefer plain text? Read the Markdown version — a clean copy for LLMs and AI tools.

Want this for your team?

If a topic here matches something your team is wrestling with, we can turn it into a session built around your business.

Enquire