Glossary¶
Key terms used across the library, in plain language (our own words, not normative definitions). Each links back to the standard that uses it.
- Agentic AI — AI that plans, calls tools, holds memory and takes autonomous, multi-step actions — not just text replies. See CSA Agentic Profile.
- AIMS (AI Management System) — the organisation-wide framework that ISO/IEC 42001 certifies.
- AI-SBOM — an "AI bill of materials": the inventory of models, datasets and components an AI system is built from.
- Annex III (EU AI Act) — the list of use cases that make a system high-risk. See EU AI Act.
- Conformity assessment — the check (internal or by a notified body) that a high-risk system meets the EU AI Act before it goes to market.
- Cyber uplift — how much an AI model increases an attacker's capability. See Berkeley CLTC.
- FRIA — Fundamental Rights Impact Assessment, required of certain deployers of high-risk systems (EU AI Act, Art. 27).
- GOVERN · MAP · MEASURE · MANAGE — the four functions of the NIST AI RMF.
- GPAI — a general-purpose AI model, with its own EU AI Act duties (transparency, copyright, training-data summary).
- HITL (Human-in-the-Loop) — keeping a human in (or on) the loop of an AI decision; only effective if it can actually change the outcome.
- ICT third-party risk — risk from outside tech / AI / cloud providers a financial firm depends on. Central to DORA.
- Intolerable risk — a level of risk that should be prevented outright, not merely managed. See Berkeley CLTC.
- ISO 31000 — the general (non-AI) risk-management standard that ISO/IEC 23894 builds on.
- Model card — short structured documentation of a model's purpose, data, performance and limitations.
- Oversight theatre — human oversight that exists on paper but cannot actually stop the system. See CSA Agentic Profile.
- Profile (NIST) — a tailored selection of a framework for a specific context (e.g. the GenAI Profile).
- Residual risk — the risk that remains after treatment, which someone must formally accept.
- Risk source — the origin of a risk (e.g. training data, model opacity); ISO/IEC 23894 Annex B lists AI-specific ones.
- Risk threshold — a defined trigger point that, once crossed, demands a specific response.
- SC 42 (ISO/IEC JTC 1/SC 42) — the subcommittee that writes the international AI standards (42001, 23894, 42005, 42006 …).
- Statement of Applicability (SoA) — the documented list of which controls an organisation applies, and why (ISO/IEC 42001).
- Three Lines of Defence — a governance model: the business owns risk (1st line), risk & compliance oversee it (2nd), internal audit assures it (3rd).
- TLPT (Threat-Led Penetration Testing) — advanced, intelligence-led resilience testing required of significant entities under DORA.
- Trustworthy AI — NIST's set of characteristics: valid & reliable, safe, secure & resilient, accountable & transparent, explainable & interpretable, privacy-enhanced, and fair (with harmful bias managed).