ORO Labs Earns World’s First Accredited ISO 42001 Certification for AI Systems Management
July 16 2024 - 9:00AM
Business Wire
Combines AI-powered Procurement Orchestration
with Rigorous Commitment to Governance and Data Security and
Privacy
ORO Labs, creator of a market-leading no-code procurement
orchestration platform, announced today it has received the world’s
first ISO/IEC 42001:2023 certification issued with accreditation
for an Artificial Intelligence Management System (AIMS). The first
certifiable scheme of its kind, ISO/IEC 42001:2023, commonly
referenced as “ISO 42001,” specifies requirements for establishing,
implementing, maintaining, and continually improving AI systems.
The certification marks the latest milestone in ORO Labs’ ongoing
commitment to AI governance, including stringent data privacy and
security policies.
The certification was issued by Mastermind under its
accreditation maintained by the International Accreditation Service
(IAS), a member of the International Accreditation Forum and
recognized signatory of the Multilateral Recognition Arrangement
(MLA), who were observers to the initial audit of ORO Labs.
“At ORO Labs, we see GenAI as a real game-changer for
procurement. It delivers an easy, walk-up user experience and
scales compliance in a big way. When we chat with our large,
multinational customers, they all agree: improving user experiences
with GenAI is a must for better data quality and process
efficiency. They also see the need for solid governance and strict
audit controls,” said Lalitha Rajagopalan, ORO Labs co-founder.
“Building AI capabilities isn’t just about the tech. It’s about
creating smart workflows that automate compliance with the right
safeguards for AI-powered recommendations and process automation.
Trusting AI means having humans step in when a judgment call is
needed.”
Published in December 2023, the ISO 42001 standard describes
practices for the responsible development and use of AI systems. It
provides critical requirements for addressing the unique challenges
AI technologies present, such as ethical and transparency
considerations, and establishes a structured approach to managing
risks, opportunities, and impacts associated with AI, balancing
innovation with operational control. It applies to all
organizations that engage with AI systems, including entities that
produce large language models (LLM), and extend to both service
providers and users of AI-based products or services.
“Our team shares the excitement with ORO Labs as it is awarded
the world’s first accredited certificate for an AIMS scope meeting
the requirements of ISO 42001,” said David Forman, founder and CEO
of Mastermind Assurance. “ORO Labs was the ideal candidate to
efficiently uplevel its existing systems and governance to this new
benchmark, given the company’s long history of third-party
assessments and compliance with similar information security and
data protection frameworks. We look forward to observing the
continued success of ORO Labs as they champion the adoption of ISO
42001 as the de facto standard for building trust with AI
systems.”
To become the first to earn an accredited ISO 42001
certification, ORO Labs completed a rigorous internal audit of its
management system, conducted by Geels Norton. ORO Labs was
well-prepared for the audit due to its continuous testing and
monitoring of security controls that are routinely evaluated
throughout the year against third-party assessments including an
annual SOC 1 Type 2 examination, an annual SOC 2 Type 2
examination, and a certified Information Security Management System
conforming to the requirements of the latest revision of ISO/IEC
27001.
“Geels Norton is proud to support ORO’s achievement of ISO 42001
certification,” said Nick Norton, co-founder and chief visionary,
Geels Norton. “In a world where reliance on trusted third parties
is integral to business operations, ORO’s ISO 42001 certification
complements their existing SOC 1 Type 2 report, SOC 2 Type 2
report, and ISO 27001 certification. We have observed ORO’s
commitment to continually maturing their internal controls
environment over the past three years, demonstrating their focus on
protecting customer information and addressing key risks presented
by emerging technologies such as AI.”
Some of the processes audited within ORO’s platform offerings
include:
- AI system lifecycle
- Acquisition of data used in AI systems
- External reporting and communication of incidents related to AI
systems to interested parties
- Utilization of external suppliers to support organizational use
cases for AI systems
- Policies related to AI
- Processes for responsible AI system design and development
- Responsible and intended use cases of AI
- Assessing impacts of AI on individuals, groups of individuals,
as well as societal impacts
ORO’s platform helps customers coordinate people, processes, and
systems in a way that streamlines the end-to-end procurement
process and balances business needs with user expectations for
seamless workflows and interactions. The platform includes many
GenAI-powered features to further enhance the user experience by
enabling increased simplicity and efficiency.
About ORO Labs
ORO Labs is a procurement orchestration company on a mission to
humanize the procurement experience by coordinating teams, systems,
and processes so employees get what they need without frustration.
ORO’s GenAI-powered no-code platform is purpose-built to deliver
effortless user experiences that enable businesses to reduce cycle
times, decrease risk through end-to-end process visibility, and
increase agility in response to change. ORO is trusted by Fortune
500 companies and fast-growing global organizations to automate
processes, improve cross-team collaboration, and scale procurement
operations. To learn more, visit www.orolabs.ai.
About Mastermind
Mastermind is the most exclusively focused and expert-driven
certification body on the planet, specializing in information
security, privacy, and the responsible use of artificial
intelligence in the cloud. Mastermind’s services comprise the
assessment and accredited certification of management system scopes
conforming to ISO 27001, ISO 27017, ISO 27018, ISO 27701, and ISO
42001, as well as CSA STAR. https://mastermindassurance.com.
About Geels Norton
Geels Norton is an industry-leading security compliance and
advisory firm focused on helping high-achieving companies continue
to set themselves apart. With a reputation for delivering
white-glove experiences and world-class expertise, Geels Norton
specializes in quality-driven SOC 1, SOC 2, ISO 27001 and ISO 27701
services, is a Preferred Assessor for Microsoft’s Supplier Security
and Privacy Assurance (SSPA) program, and serves as strategic
advisor for clients navigating the world of cybersecurity and
compliance. https://www.geelsnorton.com.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240716867787/en/
Joe Livarchik Voxus PR for ORO Labs ORO@voxuspr.com