AI Risk Management Framework App

AI Risk Assurance

Heart of AI™ consists of professional engineering and risk assurance services across the AI system development life cycle. The goal is explainable and trustworthy AI.

How do you achieve Responsible AI? AI trust is verified and validated through AI risk assurance. What we call the the ‘Heart of AI’.

EU AI Act requires risk assurance audits and assurance across the AI system development and deployment lifecycle All high risk AI models must be explainable, reliable, ethical, and effective. Here are the types of AI assurance and professional engineering services we provide:

Use Cases

  1. Ethics and Fairness Audits: Assess AI models for bias, discrimination, and fairness to ensure that they treat all users equitably.
  2. Security and Privacy Assurance: Assure AI models comply with privacy laws (like GDPR) and are resistant to security threats.
  3. Explainability and Transparency Evaluations: Help organizations make their AI models more interpretable and transparen.
  4. Compliance and Regulatory Alignment: Assure AI models meet industry standards and comply with regional and global regulations, such as the EU AI Act and US Executive Order 14110.
  5. Performance and Robustness Testing: Test, verify, and validate that models function as intended across diverse real-world scenarios.
  6. Continuous Monitoring and Lifecycle Assurance: Offer post-deployment monitoring to detect model drift and monitor real-world performance.
  7. Human-Centric Design and Usability Testing: Evaluate AI applications for usability and user experience to assure the technology aligns with human needs and promotes user trust.
  8. Impact Assessments: Assess the impact of high risk AI models.

Who is Quality + Engineering

Quality Plus Engineering (Q+E) is the only risk engineering company that has been approved by the US Department of Homeland Security for Critical Infrastructure Protection: Forensics, Assurance, Analytics®.

Q+E has worked in aerospace, automotive, trucking, high tech, government, NGO’s, chemical, homeland security, oil/gas, LNG, and electric power (all varieties).

Certified Enterprise Risk Management® Certificate

Q+E is the developer of the Certified Enterprise Risk Manager® (CERM) certificate program

CERM is based on risk based, problem solving and risk based, decision making.

CERM certificate has 3 core courses:

  1. Enterprise Risk Management (ERM)
  2. Project Risk Management Using ISO 31000
  3. Risk Assurance

CERM certificate integrates trademarked risk management frameworks:

  1. Architect – Design – Deploy – Assure (ADDA)®
  2. Proactive – Preventive – Predictive – Preemptive®

Trust Me: ISO 42001

ISO 42001 is the AI management system standard. Q+E wrote the first book on the standard. The book is updated to stay current on AI trust standardization.

ISO describes the standard as:

“ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizing AI-based products or services, ensuring responsible development and use of AI systems.”

Trust Me: ISO 42001 is available on Amazon.

Trust Me: AI Risk Management

Trust Me: AI Risk Management describes what is and how to operationalize the ISO/IEC 23894:2023 standard.

ISO describes the standard as:

“provides guidance on how organizations that develop, produce, deploy or use products, systems and services that utilize artificial intelligence (AI) can manage risk specifically related to AI. The guidance also aims to assist organizations to integrate risk management into their AI-related activities and functions.”

Trust Me: AI Risk Management is available on Amazo

Risk Based Auditing

ISO 19011 is the standard for auditing ALL management systems such as ISO 42001 and ISO 27001.

Risk Based Auditing covers the essential elements for conducting conformity assessment and other ISO AI compliance audits based on ISO 19011 – 2018. Risk based auditing is the reference for 1st, 2nd, and 3rd party auditing of ISO management systems.

Risk Based Auditing is available on Amazon.

ISO 31000

OECD and UN recommends the ISO 31000:

“Beyond the OECD, it (OECD) uses recognised risk management and due-diligence frameworks like the ISO 31000 Risk Management Framework and the US National Institute of Standards and Technology’s AI Risk Management Framework.”

Q+E has written the best selling book (4.8 stars out of 5.0 on Amazon) on ISO 31000.

ISO 31000 is available on Amazon.

Value Added Auditing

Value Added Auditing is an advanced operational auditing book. The 500 page book covers the critical elements of advavnced risk based auditing.

Value Added Auditing covers:

  1. Managing the ERM audit function
  2. Planning the risk based audit
  3. Conducting the risk based audit
  4. Closing out and reporting the risk based audit

Value Added Auditing is available on Amazon.

Artificial Intelligence Risk Management Framework (AIRMF) App®

Quality Plus Engineering partnered with Oregon State University to develop the Artificial Intelligence Risk Management Framework (AIRMF) App®.

The next update of the app will provide AI Governance, ERM, and compliance capabiliteis for evaluating AI systems.

Contacting Quality + Engineering

Greg Hutchins PE CERM- Engineering risk principal
503.233.1012
Greg@QualityPlusEngineering.com