Skip to content

Glossary

Key terms used across the library, in plain language (our own words, not normative definitions). Each links back to the standard that uses it.

  • Agentic AI — AI that plans, calls tools, holds memory and takes autonomous, multi-step actions — not just text replies. See CSA Agentic Profile.
  • AIMS (AI Management System) — the organisation-wide framework that ISO/IEC 42001 certifies.
  • AI-SBOM — an "AI bill of materials": the inventory of models, datasets and components an AI system is built from.
  • Annex III (EU AI Act) — the list of use cases that make a system high-risk. See EU AI Act.
  • Conformity assessment — the check (internal or by a notified body) that a high-risk system meets the EU AI Act before it goes to market.
  • Cyber uplift — how much an AI model increases an attacker's capability. See Berkeley CLTC.
  • FRIA — Fundamental Rights Impact Assessment, required of certain deployers of high-risk systems (EU AI Act, Art. 27).
  • GOVERN · MAP · MEASURE · MANAGE — the four functions of the NIST AI RMF.
  • GPAI — a general-purpose AI model, with its own EU AI Act duties (transparency, copyright, training-data summary).
  • HITL (Human-in-the-Loop) — keeping a human in (or on) the loop of an AI decision; only effective if it can actually change the outcome.
  • ICT third-party risk — risk from outside tech / AI / cloud providers a financial firm depends on. Central to DORA.
  • Intolerable risk — a level of risk that should be prevented outright, not merely managed. See Berkeley CLTC.
  • ISO 31000 — the general (non-AI) risk-management standard that ISO/IEC 23894 builds on.
  • Model card — short structured documentation of a model's purpose, data, performance and limitations.
  • Oversight theatre — human oversight that exists on paper but cannot actually stop the system. See CSA Agentic Profile.
  • Profile (NIST) — a tailored selection of a framework for a specific context (e.g. the GenAI Profile).
  • Residual risk — the risk that remains after treatment, which someone must formally accept.
  • Risk source — the origin of a risk (e.g. training data, model opacity); ISO/IEC 23894 Annex B lists AI-specific ones.
  • Risk threshold — a defined trigger point that, once crossed, demands a specific response.
  • SC 42 (ISO/IEC JTC 1/SC 42) — the subcommittee that writes the international AI standards (42001, 23894, 42005, 42006 …).
  • Statement of Applicability (SoA) — the documented list of which controls an organisation applies, and why (ISO/IEC 42001).
  • Three Lines of Defence — a governance model: the business owns risk (1st line), risk & compliance oversee it (2nd), internal audit assures it (3rd).
  • TLPT (Threat-Led Penetration Testing) — advanced, intelligence-led resilience testing required of significant entities under DORA.
  • Trustworthy AI — NIST's set of characteristics: valid & reliable, safe, secure & resilient, accountable & transparent, explainable & interpretable, privacy-enhanced, and fair (with harmful bias managed).