ISO 42001

Artificial Intelligence Management Policy

 

OBJECTIVE

  • This Artificial Intelligence Management System (AIMS) Policy establishes the governance
    framework for the responsible design, development, deployment, and operation of AI systems
    within inmind.ai.
  • The AIMS is aligned with the requirements of ISO/IEC 42001:2023 and reflects inmind.ai’s
    commitment to ethical AI practices, transparency, accountability, and effective risk
    management.

This policy applies to:

– Employees and contractors involved in the AI system lifecycle, including design, development,
deployment, operation, and maintenance

– Relevant internal functions supporting AI governance (e.g., Risk, Compliance, Information
Security)

 

POLICY

Senior Management of inmind.ai, located at Mkalles, Main Road, Building 757, Lebanon, is
committed to ensuring that AI systems are developed and operated in accordance with the
principles of fairness, transparency, security, reliability, and accountability.

This policy provides the framework to:

  • Manage AI-related risks effectively
  • Ensure compliance with applicable legal, regulatory, and contractual requirements
  • Promote responsible innovation and continuous improvement

 

AI Governance Framework

inmind.ai establishes and maintains an AI governance framework aligned with ISO/IEC 42001:2023
to ensure that AI systems:

  • Respect human rights and ethical principles, including fairness and non-discrimination
  • Comply with applicable legal and regulatory requirements across all operating jurisdictions
  • Ensure data protection, privacy, and information security throughout the AI lifecycle
  • Support transparency, explainability, and accountability in AI-assisted decisions
  • Are subject to continuous monitoring, evaluation, and risk management
  • A structured risk management approach is implemented through:
    – AI Risk Assessment
    – Statement of Applicability (SoA)
    – AI Risk Treatment Plan

 

Roles and Responsibilities

  1. Head of AI

The Head of AI is accountable for maintaining and updating the AI Risk Treatment Plan and for
coordinating its implementation across relevant functions.

2. AI/System Owner

The AI/System Owner is responsible for:

  • Model validation, performance monitoring, and fairness testing
  • Conducting AI Impact Assessments

3. Information Security Function

The Information Security function is responsible for:

  • AI system integrity, security, and data protection
  • Implementation of secure data handling practices

 

Risk and Compliance Functions

Risk Management and Legal/Compliance functions are responsible for:

  • Supporting risk identification, evaluation, and mitigation
  • Ensuring regulatory and ethical compliance

 

Cross-functional Responsibilities

The AI Risk Treatment Plan ensures that:

  • Business Continuity: Contingency measures for AI failures are defined and implemented
  • AI Impact Assessments: Conducted by the AI/System Owner with mandatory involvement from Risk, Legal/Compliance, and Information Security
  • Responsible Deployment: AI systems include human oversight proportionate to the associated
    risk level
  • AI System Integrity & Security: Owned by the Information Security function, with the Head of AI acting as a stakeholder providing oversight and expertise

 

Security, Robustness, and Reliability

inmind.ai ensures that AI systems are secure, reliable, and robust through:

  • Strong data governance practices to ensure data quality and minimize bias
  • Model explainability and interpretability to support accountability
  • Incident management processes addressing AI-related failures and security events
  • Periodic audits and reviews to ensure compliance and continuous improvement

 

Competence and Awareness

All personnel involved in AI-related activities shall receive appropriate training covering:

  • Ethical AI principles and responsible AI practices
  • Data protection, privacy, and information security
  • Bias mitigation and fairness in AI systems

Specialized training shall be provided to AI engineers, developers, and decision-makers, aligned
with ISO/IEC 42001:2023 requirements.

 

AI Governance Committee

inmind.ai has established an AI Governance Committee, chaired by the Chief Executive Officer
(CEO), and comprising:

  • Head of AI
  • Information Security Lead
  • Head of Compliance

The Committee is responsible for:

  • Reviewing and updating this policy periodically
  • Monitoring AI risk management and regulatory compliance
  • Ensuring ethical AI practices and transparency
  • Driving continuous improvement in AI governance and operations

 

Continual Improvement and Review

inmind.ai is committed to maintaining compliance with ISO/IEC 42001:2023 and to continuously
improving its AI management system.

This policy shall be reviewed periodically and updated as necessary to reflect:

  • Changes in regulatory requirements
  • Technological advancements
  • Emerging AI risks and best practices

 

 

Date: 21/03/2025

Al Bouna Bechara
Chief Executive Officer

Let’s get started

Need expertise and innovation on your project? We can help.