ISO/IEC 23053:2022
Framework for AI systems using ML. Terminology + lifecycle. The conceptual model behind Regulus's model-risk taxonomy.
What it is #
ISO/IEC 23053:2022 is a terminology + lifecycle framework for AI systems using machine learning. It defines the language and the phases — data acquisition, model training, deployment, operation, monitoring, retirement — that the more operational standards (23894 risk management, 42001 management system) build on.
It’s not directly actionable. It’s the conceptual scaffold.
How Regulus uses it #
The model-risk plugin’s data model — ModelRegistry, lifecycle
states, registered-model fields — follows ISO 23053’s vocabulary.
This isn’t a citation surface so much as a foundation: the framework
gives you the right words to describe what Regulus is tracking.
When you activate iso-23053 in your framework set, the audit chain
events use ISO 23053-aligned field names (e.g. model_lifecycle_phase
matches the terms in the standard). This is helpful for buyers whose
internal audit team already speaks the ISO vocabulary.
Activating #
regulus:
frameworks:
- iso-23053Pairs naturally with iso-23894 (risk management on the same
vocabulary) and iso-42001 (management system on the same
vocabulary).
When to skip it #
If your team uses a different AI vocabulary (NIST-flavoured, or in-house), there’s no obligation to add ISO 23053. The framework is voluntary; the runtime doesn’t depend on it.