OBJECTIVE
- This Artificial Intelligence Management System (AIMS) Policy establishes the governance
framework for the responsible design, development, deployment, and operation of AI systems
within inmind.ai.
- The AIMS is aligned with the requirements of ISO/IEC 42001:2023 and reflects inmind.ai’s
commitment to ethical AI practices, transparency, accountability, and effective risk
management.
This policy applies to:
– Employees and contractors involved in the AI system lifecycle, including design, development,
deployment, operation, and maintenance
– Relevant internal functions supporting AI governance (e.g., Risk, Compliance, Information
Security)
POLICY
Senior Management of inmind.ai, located at Mkalles, Main Road, Building 757, Lebanon, is
committed to ensuring that AI systems are developed and operated in accordance with the
principles of fairness, transparency, security, reliability, and accountability.
This policy provides the framework to:
- Manage AI-related risks effectively
- Ensure compliance with applicable legal, regulatory, and contractual requirements
- Promote responsible innovation and continuous improvement
AI Governance Framework
inmind.ai establishes and maintains an AI governance framework aligned with ISO/IEC 42001:2023
to ensure that AI systems:
- Respect human rights and ethical principles, including fairness and non-discrimination
- Comply with applicable legal and regulatory requirements across all operating jurisdictions
- Ensure data protection, privacy, and information security throughout the AI lifecycle
- Support transparency, explainability, and accountability in AI-assisted decisions
- Are subject to continuous monitoring, evaluation, and risk management
- A structured risk management approach is implemented through:
– AI Risk Assessment
– Statement of Applicability (SoA)
– AI Risk Treatment Plan
Roles and Responsibilities
- Head of AI
The Head of AI is accountable for maintaining and updating the AI Risk Treatment Plan and for
coordinating its implementation across relevant functions.
2. AI/System Owner
The AI/System Owner is responsible for:
- Model validation, performance monitoring, and fairness testing
- Conducting AI Impact Assessments
3. Information Security Function
The Information Security function is responsible for:
- AI system integrity, security, and data protection
- Implementation of secure data handling practices
Risk and Compliance Functions
Risk Management and Legal/Compliance functions are responsible for:
- Supporting risk identification, evaluation, and mitigation
- Ensuring regulatory and ethical compliance
Cross-functional Responsibilities
The AI Risk Treatment Plan ensures that:
- Business Continuity: Contingency measures for AI failures are defined and implemented
- AI Impact Assessments: Conducted by the AI/System Owner with mandatory involvement from Risk, Legal/Compliance, and Information Security
- Responsible Deployment: AI systems include human oversight proportionate to the associated
risk level
- AI System Integrity & Security: Owned by the Information Security function, with the Head of AI acting as a stakeholder providing oversight and expertise
Security, Robustness, and Reliability
inmind.ai ensures that AI systems are secure, reliable, and robust through:
- Strong data governance practices to ensure data quality and minimize bias
- Model explainability and interpretability to support accountability
- Incident management processes addressing AI-related failures and security events
- Periodic audits and reviews to ensure compliance and continuous improvement
Competence and Awareness
All personnel involved in AI-related activities shall receive appropriate training covering:
- Ethical AI principles and responsible AI practices
- Data protection, privacy, and information security
- Bias mitigation and fairness in AI systems
Specialized training shall be provided to AI engineers, developers, and decision-makers, aligned
with ISO/IEC 42001:2023 requirements.
AI Governance Committee
inmind.ai has established an AI Governance Committee, chaired by the Chief Executive Officer
(CEO), and comprising:
- Head of AI
- Information Security Lead
- Head of Compliance
The Committee is responsible for:
- Reviewing and updating this policy periodically
- Monitoring AI risk management and regulatory compliance
- Ensuring ethical AI practices and transparency
- Driving continuous improvement in AI governance and operations
Continual Improvement and Review
inmind.ai is committed to maintaining compliance with ISO/IEC 42001:2023 and to continuously
improving its AI management system.
This policy shall be reviewed periodically and updated as necessary to reflect:
- Changes in regulatory requirements
- Technological advancements
- Emerging AI risks and best practices
Date: 21/03/2025
Al Bouna Bechara
Chief Executive Officer