|
312 | 312 | } |
313 | 313 | } |
314 | 314 | ] |
| 315 | +, |
| 316 | + { |
| 317 | + "model": "dojo.regulation", |
| 318 | + "pk": 27, |
| 319 | + "fields": { |
| 320 | + "name": "ISO/IEC 42001:2023", |
| 321 | + "acronym": "ISO 42001", |
| 322 | + "category": "technology", |
| 323 | + "jurisdiction": "international", |
| 324 | + "description": "ISO/IEC 42001:2023 specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations.", |
| 325 | + "reference": "https://www.iso.org/standard/81230.html" |
| 326 | + } |
| 327 | + }, |
| 328 | + { |
| 329 | + "model": "dojo.regulation", |
| 330 | + "pk": 28, |
| 331 | + "fields": { |
| 332 | + "name": "EU Artificial Intelligence Act", |
| 333 | + "acronym": "EU AI Act", |
| 334 | + "category": "technology", |
| 335 | + "jurisdiction": "eu", |
| 336 | + "description": "Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence, establishing a risk-based framework classifying AI systems by risk level with corresponding compliance obligations.", |
| 337 | + "reference": "https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689" |
| 338 | + } |
| 339 | + }, |
| 340 | + { |
| 341 | + "model": "dojo.regulation", |
| 342 | + "pk": 29, |
| 343 | + "fields": { |
| 344 | + "name": "Network and Information Security Directive 2", |
| 345 | + "acronym": "NIS2", |
| 346 | + "category": "cybersecurity", |
| 347 | + "jurisdiction": "eu", |
| 348 | + "description": "Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union, expanding scope and introducing stricter security requirements and incident reporting obligations.", |
| 349 | + "reference": "https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022L2555" |
| 350 | + } |
| 351 | + }, |
| 352 | + { |
| 353 | + "model": "dojo.regulation", |
| 354 | + "pk": 30, |
| 355 | + "fields": { |
| 356 | + "name": "Digital Operational Resilience Act", |
| 357 | + "acronym": "DORA", |
| 358 | + "category": "finance", |
| 359 | + "jurisdiction": "eu", |
| 360 | + "description": "Regulation (EU) 2022/2554 on digital operational resilience for the financial sector, covering ICT risk management, incident reporting, resilience testing, and third-party risk management.", |
| 361 | + "reference": "https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022R2554" |
| 362 | + } |
| 363 | + }, |
| 364 | + { |
| 365 | + "model": "dojo.regulation", |
| 366 | + "pk": 31, |
| 367 | + "fields": { |
| 368 | + "name": "ISO/IEC 27701:2019", |
| 369 | + "acronym": "ISO 27701", |
| 370 | + "category": "privacy", |
| 371 | + "jurisdiction": "international", |
| 372 | + "description": "ISO/IEC 27701:2019 specifies requirements for a Privacy Information Management System (PIMS) as an extension to ISO/IEC 27001, addressing GDPR and other privacy regulation requirements.", |
| 373 | + "reference": "https://www.iso.org/standard/71670.html" |
| 374 | + } |
| 375 | + } |
0 commit comments