Standards for Artificial Intelligence Products

• Home
• Insights
• Publications
• Standards for Artificial Intelligence Products

Standards for Artificial Intelligence Products

The rapid proliferation of artificial intelligence ("AI") products across the marketplace has prompted both public and private standards-setting organizations to develop comprehensive standards governing such products. These standards support effective risk management, enable clearer expectations between contracting parties and help establish common terminology and methodologies across jurisdictions and industries. These standards further serve as invaluable instruments for conducting due diligence and provide a useful framework for articulating specific conditions within contractual arrangements.

This bulletin presents a list of widely recognized AI standards from the International Organization for Standardization ("ISO"), International Electrotechnical Commission ("IEC"), the National Institute of Standards and Technology ("NIST") and frameworks provided by the Government of Canada. We have compiled this list for your general information and as a means to offer practical reference for organizations seeking to understand the range of standards that may be relevant to the design, operation and oversight of AI systems. The following sections have organized these standards by category according to their respective objectives:

1. Terminology and Concepts
2. AI Management and Governance
3. Risk Management and Trustworthiness
4. Lifecycle and Processes
5. Data Quality and Governance
6. Transparency and Explainability
7. Bias and Fairness
8. Testing and Validation
9. Robustness
10. Ethics and Social Responsibility
11. Environmental Sustainability
12. Use Cases and Technical Reports
13. Canadian Government Frameworks

Terminology and Concepts

The following standards define foundational terminology, conceptual frameworks and reference architectures intended to establish a common language and conceptual baseline for AI systems and related technologies.

ISO/IEC 22989:2022 - Information technology - Artificial intelligence - Artificial intelligence concepts and terminology

• Scope: Foundational concepts and terminology for AI.

ISO/IEC 5392:2024 - Information technology - Artificial intelligence - Reference architecture of knowledge engineering

• Scope: Reference architecture and common vocabulary for AI knowledge engineering.

AI Management and Governance

The following standards provide frameworks for establishing, implementing, auditing and governing artificial intelligence management systems within organizations.

ISO/IEC 42001:2023 - Information technology - Artificial intelligence - Management system

• Scope: Sets out requirements for establishing, implementing, maintaining and improving Artificial Intelligence Management Systems (AIMS) for entities that develop or use AI-based products or services. The requirements aim to ensure AI systems are developed and used responsibly.

ISO/IEC 42005:2025 - Information technology - Artificial intelligence (AI) - AI system impact assessment

• Scope: Guides organizations conducting AI system impact assessments, focusing on the applications and effects of AI systems on individuals, groups and society.

ISO/IEC 42006:2025 - Information technology - Artificial intelligence - Requirements for bodies providing audit and certification of artificial intelligence management systems

• Scope: Provides competence and rigour-based requirements for organizations that audit and certify artificial intelligence management systems (AIMS).

ISO/IEC 38507:2022 - Information technology - Governance of IT - Governance implications of the use of artificial intelligence by organizations

• Scope: Guides governing members of an organization on enabling and overseeing the effective, efficient and acceptable use of Artificial Intelligence (AI).

ISED Canada - Implementation Guide for Managers of Artificial Intelligence Systems

• Scope: Provides guidance to clarify and support the implementation of Canada's Voluntary Code of Conduct for Advanced Generative AI Systems, offering best practices for safety, accountability, transparency, oversight and system robustness across the AI lifecycle.

Risk Management and Trustworthiness

The following standards outline methodologies and guidance for identifying, assessing and mitigating risks, supporting organizations in developing safe, trustworthy and well-governed AI systems.

ISO/IEC 23894:2023 - Information technology - Artificial intelligence - Guidance on risk management

• Scope: Offers AI specific risk-management guidance for organizations developing, producing, deploying or using AI products, systems and services.

ISO/IEC TR 24028:2020 - Information technology - Artificial intelligence - Overview of trustworthiness in artificial intelligence

• Scope: Provides an overview of topics related to trustworthiness in AI systems, including engineering pitfalls and practices to establish trust.

ISO/IEC TR 5469:2024 - Artificial intelligence - Functional safety and AI systems

• Scope: A description of the properties, related risk factors and processes relating to the use of AI systems.

NIST AI RMF 1.0 - AI Risk Management Framework

• Scope: A framework to help organizations identify, assess, measure and manage risks associated with AI systems. It introduces four core functions, Govern, Map, Measure and Manage, to support the development and deployment of trustworthy AI systems.

Lifecycle and Processes

The following standards establish structured processes, models and frameworks for the development, deployment, monitoring and maintenance of AI systems across their entire operational lifecycle.

ISO/IEC 5338:2023 - Information technology - Artificial intelligence - AI system life cycle processes

• Scope: Provides processes and concepts concerning AI system life cycles based on machine learning and heuristic systems.

ISO/IEC 5339:2024 - Information technology - Artificial intelligence - Guidance for AI applications

• Scope: Guides AI application development, focusing on stakeholder engagement and the AI application life cycle.

ISO/IEC 23053:2022 - Framework for Artificial Intelligence (AI) Systems Using Machine Learning (ML)

• Scope: Framework and terminology for describing ML-based AI systems.

Data Quality and Governance

The following standards define requirements and frameworks for ensuring the quality, integrity and governance of data used in AI systems, recognizing that responsible AI depends on reliable, well-managed data throughout the data lifecycle.

ISO/IEC 5259-1:2024 - Artificial intelligence - Data quality for analytics and machine learning (ML) - Part 1: Overview, terminology and examples

• Scope: Overview and terminology for data quality assessment and enhancement across different phases of the data life in ML.

ISO/IEC 5259-2:2024 - Artificial intelligence - Data quality for analytics and machine learning (ML) - Part 2: Data quality measures

• Scope: Data quality measurement methods for ML.

ISO/IEC 5259-3:2024 - Artificial intelligence - Data quality for analytics and machine learning (ML) - Part 3: Data quality management requirements and guidelines

• Scope: Data quality management requirements to ensure reliability and auditability in analytics and MLs.

ISO/IEC 5259-4:2024 - Artificial intelligence - Data quality for analytics and machine learning (ML) - Part 4: Data quality process framework

• Scope: Process framework for data quality management in ML.

ISO/IEC 5259-5:2025 - Artificial intelligence - Data quality for analytics and machine learning (ML) - Part 5: Data quality governance framework

• Scope: Governance framework for overseeing and directing ML data quality.

ISO/IEC 8183:2023 - Information technology - Artificial intelligence - Data life cycle framework

• Scope: Framework for data processing stages and associated actions throughout the AI system lifecycle.

Transparency and Explainability

The following standards provide taxonomies, principles and approaches intended to improve the transparency, interpretability and understandability of AI systems, enabling stakeholders to assess system behaviour and decision-making.

ISO/IEC 12792:2025 - Information technology - Artificial intelligence (AI) - Transparency taxonomy of AI systems

• Scope: Taxonomy for AI system transparency, helping categorize what information must be disclosed to stakeholders.

ISO/IEC TS 6254:2025 - Information technology - Artificial intelligence - Objectives and approaches for explainability and interpretability of machine learning (ML) models and artificial intelligence (AI) systems

• Scope: Explainability and interpretability approaches for ML and AI.

Bias and Fairness

The following standards address the identification, measurement and mitigation of bias in AI systems, supporting equitable outcomes and reducing discriminatory impacts in both model development and deployment.

ISO/IEC TR 24027:2021 - Information technology - Artificial intelligence (AI) - Bias in AI systems and AI aided decision making

• Scope: Overview of bias in AI systems, outlining techniques for assessing bias.

ISO/IEC TS 12791:2024 - Information technology - Artificial intelligence - Treatment of unwanted bias in classification and regression machine learning tasks

• Scope: Methods for addressing bias in AI systems utilizing ML models.

Testing and Validation

The following standards describe techniques and requirements for evaluating AI system performance, robustness and quality, helping organizations validate system behaviours and ensure AI operates as intended under a range of conditions.

ISO/IEC TS 42119-2:2025 - Artificial intelligence - Testing of AI - Part 2: Overview of testing AI systems

• Scope: Overview of AI testing methodologies, following a risk-based approach.

ISO/IEC TS 4213:2022 - Information technology - Artificial intelligence - Assessment of machine learning classification performance

• Scope: Performance measurement for ML model, system and algorithm classification.

ISO/IEC TS 25058:2024 - Systems and software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) - Guidance for quality evaluation of artificial intelligence (AI) systems

• Scope: Quality evaluation guidance for AI systems for all types of organizations engaged in the development and use of AI.

ISO/IEC 25059:2023 - Software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) - Quality model for AI systems

• Scope: Outlines a quality model for AI systems as an application-specific extension to SQuaRE standards.

Robustness

The following standards provide methods and guidance for assessing and enhancing the resilience, security and fault tolerance of AI systems, including their ability to withstand adversarial conditions and operational uncertainties.

ISO/IEC TR 24029-1:2021 - Artificial Intelligence (AI) - Assessment of the robustness of neural networks - Part 1: Overview

• Scope: Overview of neural network robustness assessment.

ISO/IEC 24029-2:2023 - Artificial intelligence (AI) - Assessment of the robustness of neural networks - Part 2: Methodology for the use of formal methods

• Scope: Formal methods for robustness assessment of neural networks.

ISO/IEC TS 8200:2024 - Information technology - Artificial intelligence - Controllability of automated artificial intelligence systems

• Scope: Controllability requirements framework for automated AI.

Ethics and Social Responsibility

The following standards and recommendations outline ethical values, societal considerations and human-centric principles intended to guide the responsible design, deployment and governance of AI systems.

ISO/IEC TR 24368:2022 - Information technology - Artificial intelligence - Overview of ethical and societal concerns

• Scope: Overview of ethical and societal concerns in AI for a broad audience.

ISO/IEC TR 21221:2025 - Information technology - Artificial intelligence - Beneficial AI systems

• Scope: Framework for beneficial AI development and use cases.

CAN-ASC-6.2:2025 - Accessible and Equitable Artificial Intelligence Systems

• Scope: Requirements aimed at identifying, removing and preventing barriers in AI systems, ensuring equitable and inclusive participation for persons with disabilities in alignment with the Accessible Canada Act.

UNESCO - Recommendation on the Ethics of Artificial Intelligence

• Scope: A framework that sets out values, principles and policy actions to guide the responsible development and governance of AI systems, emphasizing human rights, dignity, inclusiveness, sustainability and harm prevention.

OECD - AI Principles

• Scope: A recommendation for policy makers on responsible development and deployment of AI systems focused on human rights and democratic values.

Environmental Sustainability

The following standards address the environmental impacts of AI systems, providing guidance on evaluating and reducing the resource consumption, carbon footprint and ecological effects associated with AI development and deployment.

ISO/IEC TR 20226:2025 - Information technology - Artificial intelligence - Environmental sustainability aspects of AI systems

• Scope: Environmental impact assessment for AI systems during their life cycle.

Use Cases and Technical Reports

The following technical reports present practical use cases, survey emerging approaches and summarize evolving practices in AI system design and implementation, offering insights into real-world applications and trends.

ISO/IEC TR 24030:2024 - Information technology - Artificial intelligence (AI) - Use cases

• Scope: Examples of AI use cases and analysis across sectors.

ISO/IEC TR 24372:2021 - Information technology - Artificial intelligence (AI) - Overview of computational approaches for AI systems

• Scope: Overview of computational methodologies for AI systems.

ISO/IEC TR 17903:2024 - Information technology - Artificial intelligence - Overview of machine learning computing devices

• Scope: Overview of terminology and approaches related to ML system hardware.

ISO/IEC 24668:2022 - Information technology - Artificial intelligence - Process management framework for big data analytics

• Scope: Process framework for effective data acquisition, description, storage and processing in big data analytics.

Canadian Government Frameworks

The following government frameworks provide guidance for the responsible adoption, oversight and governance of AI systems within the public sector, including transparency, accountability and administrative law considerations.

Government of Canada - Responsible use of artificial intelligence in government

• Scope: Provides principles for AI use in government, a list of qualified AI suppliers and a timeline of work completed regarding government use of AI.

Government of Canada - Guide on the use of generative artificial intelligence

• Scope: Provides guidance to federal institutions on their use of AI, outlining instances where federal institutions are deploying these tools.

Government of Canada - Directive on Automated Decision-Making

• Scope: Guidance for automated administrative decision systems to reduce risks to clients and Canadian society and ensure more efficient, accurate, consistent and interpretable decisions.

Conclusion

As AI technologies advance, the ecosystem of domestic and international standards is expanding in both scope and sophistication. Organizations should remain vigilant in tracking new and revised standards to understand their implications for governance, risk management and compliance obligations.

Should you wish to incorporate AI standards into your AI-related transactions, the Technology and AI law practitioners at McMillan are available to provide tailored guidance on the most effective approach for your specific circumstances.

by Amir Kashdaran, Aki Kamoshida and Richard Jiang (Articling Student)

A Cautionary Note

The foregoing provides only an overview and does not constitute legal advice. Readers are cautioned against making any decisions based on this material alone. Rather, specific legal advice should be obtained.

© McMillan LLP 2026