Highlighter Documentation

ISO42001 - AI Management

Highlighter as an AI Management System (AIMS) supporting ISO 42001

With regard to ISO 42001, Highlighter provides the centralized platform and interconnected subsystems necessary to implement the normative controls outlined in Annex A of the standard. Here are some key domains of ISO 42001 and how Highlighter supports it:

  • AI System Lifecycle Management (ISO/IEC 42001 Annex A.6) The standard requires documented processes for every stage of the AI system lifecycle. Highlighter is built around this principle.

    • Requirements and Specification (A.6.2.2): Our Services Methodology begins with workshops to define the business case, success criteria, and desired workflow, ensuring requirements are documented in Highlighter and signed off before development begins.
    • Data Management (A.7): Highlighter’s Schema and Data Collection subsystems provide a structured way to manage data, track provenance, and document its use for training, validation, and testing, directly supporting data quality and governance requirements.
    • Verification and Validation (A.6.2.4): The Evaluation subsystem is designed to continuously monitor agent performance against predefined metrics (e.g., accuracy, cost-effectiveness). This provides the objective evidence needed to validate AI models before and during deployment.
    • Deployment, Operation, and Monitoring (A.6.2.5, A.6.2.6): Highlighter manages the deployment of human and AI agents into production workflows. Its integrated nature ensures that performance is continuously monitored, and the Visualization subsystem provides dashboards and reports to track this, fulfilling the need for ongoing operational oversight.

  • Risk and Impact Assessment (ISO/IEC 42001 Clause 6.1, Annex A.5) A central tenet of ISO 42001 is the assessment of risks and potential impacts on individuals and society.

    • AI System Impact Assessment (A.5): Highlighter provides the necessary transparency to conduct these assessments. By documenting the data sources (Schema), the logic of the AI agent (Agent Development), and its performance (Evaluation), an organization can formally assess potential impacts like bias or unfairness.
    • Risk Treatment: Highlighter allows for defining clear, auditable responses to identified risks. For example, if a model's confidence is low, the system can automatically route the task to a human expert for review in our Assessment Editor, mitigating the risk of an incorrect automated decision. This provides a clear mechanism for human oversight.

  • Information and Transparency for Interested Parties (ISO/IEC 42001 Annex A.8) The standard mandates that organizations provide clear information to users and stakeholders.

    • System Documentation (A.8.2): Because every workflow, data schema, agent, and action is defined and managed within Highlighter, the system serves as a "single source of truth." It provides the provenance and context for how a decision was made and what action was taken, enabling the generation of clear, auditable reports for users, management, or regulators.
    • Communication of Incidents (A.8.4): The centralized logging and monitoring within Highlighter facilitate the timely identification and reporting of incidents, such as performance degradation or unexpected model behavior.

  • Continual Improvement (ISO/IEC 42001 Clause 10) The "Enterprise Journey" enabled by Highlighter is a direct embodiment of the continual improvement cycle. Highlighter enables the PDCA (Plan-Do-Check-Act) cycle by:

    • PLAN: Plan and standardise organisational workflows and taxonomies
    • DO: Execute perception tasks and actions consistently.
    • CHECK: Aggregate and compare data to evaluate agent performance
    • ACT: Use feedback and metrics to refine agent performance and further optimize the system

    This structured maturity path provides tangible evidence of a commitment to continual improvement as required by the standard.

← Services Workflow