A-LIGN

?? It's almost time for December's edition of TrustMasters Monthly! The introduction of ISO/IEC 42001 this year has allowed organizations to showcase their ethical AI use and build stakeholder trust. With the first wave of ISO 42001 certifications completed, what's next? Join us on 12/12 as A-LIGN's Patrick Sullivan, Microsoft's Kim Lucy, and BABL AI's Shea Brown discuss the current state of AI compliance, the impact of ISO 42001, and predictions for 2025. Register here! ?? https://bit.ly/3Zhafoz #ISO42001 #AIcompliance #AI #TrustMastersMonthly

?? If you're a business operating in the EU, the NIS2 Directive is probably at the top of your compliance objectives. NIS2 builds on and aligns closely with ISO/IEC 27001, and our team at A-LIGN can help you get ready to meet the directive. ? A-LIGN can help you achieve: ? NIS2 readiness ? ISO 27001 + NIS2 readiness ? ISO 27001 certification + NIS2 readiness NIS2 compliance is more than a legal requirement—it's a chance to enhance their cybersecurity posture and achieve a competitive edge. Contact A-LIGN to start your NIS2 journey today.?#NIS2 #EUcompliance #ISO27001 Kevin Shinners

??Bridging Compliance and Strategy: How, Why, and What?? By integrating measurement methodologies inspired by Doug Hubbard's “How to Measure Anything” and John Doerr’s OKRs from “Measure What Matters”, organizations can quantify ethical progress and drive meaningful change leveraging #ISO standards. ? Using ISO Standards with Empirical Measures 1. Fairness as a Measurable Outcome ISO/IEC TS 12791 offers practical tools to identify and reduce bias in AI systems.? ?Example OKR:? ??????Objective: Ensure AI outputs are equitable.? ??????Key Results:? ???- Reduce demographic disparities in system recommendations by 20%.? ???- Conduct quarterly audits of datasets for bias detection. ??Hubbard's Insight: ?Even seemingly intangible metrics, like fairness, can be quantified. Use proxy variables like decision consistency across demographics to track progress. 2. Transparency Through Explainability ISO5339 emphasizes transparency by guiding organizations in creating explainable decision pathways.? ?Example OKR:? ??????Objective: Improve user trust in AI systems.? ??????Key Results:? ???- Achieve 90% satisfaction in user surveys related to system explainability.? ???- Implement traceability mechanisms in 100% of deployed systems. ??Hubbard's Insight: Measuring trust can use tools like Net Promoter Scores (#NPS) or user feedback metrics. Quantifying subjective experiences, such as transparency, makes iterative improvements possible. 3. Accountability in Governance ISO/IEC 38507 defines governance frameworks to ensure clear accountability for AI decisions.? ?Example OKR:? ??????Objective: Establish organizational accountability for AI outcomes.? ??????Key Results:? ???- Reduce the number of unresolved AI governance incidents to zero.? ???- Conduct biannual accountability reviews with stakeholder input. ??Hubbard's Insight: Accountability can be quantified by tracking the resolution time for identified governance issues or through compliance rates in internal audits. 4. Continuous Adaptation and Resilience ISO42001 and ISO/IEC 23894 support lifecycle monitoring to adapt to societal changes and emerging risks.? ?Example OKR:? ??????Objective: Maintain alignment with evolving ethical standards.? ??????Key Results:? ???- Update AI risk assessments every 3 months.? ???- Maintain 95% compliance with new regulatory requirements. ??Hubbard's Insight: Measuring adaptability involves monitoring the time taken to incorporate new standards and the percentage of systems updated within defined timelines. ?Combining Hubbard’s Metrics with Doerr’s OKRs Doerr’s OKRs provide a clear structure for setting ambitious yet achievable objectives, while Hubbard’s methodology ensures that even qualitative goals, like ethical AI, are measured empirically: ?Use OKRs to define the “What” (e.g., "Improve fairness in AI systems"). ?Apply Hubbard’s approach to measure the “How” (e.g., using decision parity or user sentiment as proxy metrics for fairness).

Congratulations to Atoro for achieving ISO/IEC 27001:2022 certification with the power of Vanta and the expertise of A-LIGN! ??

?? Achieving CMMC compliance is crucial for organizations in the Defense Industrial Base, but rushing into certification without preparation can be costly. Many hire a C3PAO too soon and skip essential preparation steps. Using a qualified MSP with RP status, like CyberSheath, can help organizations prepare effectively with compliance-driven IT and security services. Read our guest blog by CyberSheath's VP of Compliance Services Casey Lang to learn more about the role of C3PAOS and MSPs for #CMMC compliance. ?? https://bit.ly/4eGKSkx

We are LIVE at #VantaCon! ?? Come visit our booth to learn how you can achieve a high-quality, scalable audit powered by two market leaders. #bettertogether Vanta

Congratulations to MineHub Technologies for earning their #SOC2! Well done. ??

USA TODAY !!! ?? As a #TampaBay native, I couldn't be more proud of the work we do to make Tampa Bay Wave a world class program. With $1 BILLION raised by our portfolio companies, we can confidently claim to be one of the top non-profit accelerators in the U.S..... $2 BILLION??????, here we come!! ?????? Of course, this kind of success "takes a village", and certainly Wave's success story is the result of numerous supporters, collaborations, partnerships that I cannot thank enough including U.S. Economic Development Administration, U.S. Small Business Administration, Hillsborough County, City of Tampa, University of South Florida, A-LIGN, KnowBe4, Encore Bank, Smiley Technologies, Inc., The Depository Trust & Clearing Corporation (DTCC), South Florida College of Public Health, Center for Advanced Medical Learning and Simulation (CAMLS), Nielsen Foundation, and so many more!

Congratulations to Johnston Clem Gifford for earning their #SOC2 and further protecting client data! ??

???? Want to grow your business with ISO 42001, NIS2, DORA, and ISO 27001? Join A-LIGN, Assent Risk Management, and AvISO Consultancy Ltd's event to learn how to boost cybersecurity, streamline compliance, & drive revenue growth. ?? Kevin Shinners, Robert Clements, Dr Paul Stevens ?? Spitalfields Conservatory, 35-41 Folgate Street, London, E1 6BX ?? Wed, 27 Nov 2024 15:00 - 17:00 GMT https://lnkd.in/ggZ9qjeE #ISO42001 #ISO27001 #DORA #NIS2 #compliance