[{"data":1,"prerenderedAt":4},["ShallowReactive",2],{"raw-en-standards":3},"---\ntitle: Standards & Frameworks\ndescription: The AI and organisational standards IQ:NS models — what they cover, who they apply to, and how they connect.\nlang: en\nnavigation:\n  section: ontologies\n  label: Standards\n  order: 20\n---\n\n# Standards & Frameworks\n\n## The landscape\n\nNo single framework covers everything. Most organisations face overlapping requirements from multiple standards — and the gaps between them are where problems hide.\n\nIQ:NS models 50+ frameworks and domain models from `.\u002Fontologies\u002Fv1\u002F` as structured ontologies. Here's what they cover.\n\nIQ:NS does not prioritise a single set of regulations; it cherry-picks the relevant ontology models for each context from the repository.\n\n---\n\n## Horizontal Frameworks\n\n### EU AI Act\n- **Applies to:** Any organisation offering or deploying AI in the EU\n- **Covers:** Risk classification, conformity assessment, transparency, technical documentation, human oversight\n- **Enforcement:** Fines up to 7% of global revenue\n\n### NIST AI Risk Management Framework\n- **Applies to:** Voluntary, but increasingly referenced by US regulators and procurement\n- **Covers:** Four core functions — Govern, Map, Measure, Manage\n- **Why it matters:** The most operationally actionable framework available\n\n### ISO 42001\n- **Applies to:** Organisations seeking formal AI management certification\n- **Covers:** Plan-do-check-act management system, Annex A controls, internal audit\n\n### EU GDPR (AI provisions)\n- **Applies to:** Any organisation processing EU resident personal data with AI\n- **Covers:** Article 22 (automated decisions), profiling transparency, data minimization\n\n---\n\n## Sector-Specific Standards\n\n### Financial Services\n| Framework | Jurisdiction | Focus |\n|---|---|---|\n| SR 11-7 | US | Model risk management |\n| EBA AI Guidelines | EU | Credit institution AI oversight |\n| MAS AI Governance | Singapore | Financial institution AI governance |\n\n### Healthcare\n| Framework | Jurisdiction | Focus |\n|---|---|---|\n| FDA AI\u002FML SaMD | US | Clinical AI and software as medical device |\n| ONC Trustworthy AI | US | Health IT AI standards |\n\n### Security\n| Framework | Focus |\n|---|---|\n| OWASP LLM Top 10 | LLM security vulnerabilities |\n| MITRE ATLAS | Adversarial AI threat landscape |\n| Google SAIF | Secure AI framework |\n\n### Ethics & Principles\n| Framework | Origin |\n|---|---|\n| OECD AI Principles | OECD |\n| UNESCO AI Ethics | UNESCO |\n| IEEE 7000 | IEEE |\n\n---\n\n## How frameworks overlap\n\nDifferent terminology, same concepts:\n\n| Concept | EU AI Act | NIST AI RMF | ISO 42001 |\n|---|---|---|---|\n| Risk management | Article 9 | Map function | Clause 6.1 |\n| Human oversight | Article 14 | Govern 1.4 | A.8.4 |\n| Technical documentation | Article 11 | Map 3.4 | A.6.2 |\n| Bias and fairness | Article 10(2)(f) | Measure 2.6 | A.10.3 |\n| Transparency | Chapter IV | Govern 4.1 | A.8.3 |\n\nIQ:NS maps these crosswalks structurally — so you can see where one concept spans multiple standards and where genuine gaps exist.\n\n---\n\n[See how the ontologies work](\u002Fhow-it-works) · [Explore on GitHub](https:\u002F\u002Fgithub.com\u002Fiqns-org\u002Fontologies)\n",1776235631469]