ISITC TALKTIME: ISO42001 vs. the EU AI Act
TalkTime Podcast: ISO42001 vs the EU AI Act
A crucial conversation every modern enterprise needs to hear ISO42001 vs. AI Act.
As artificial intelligence becomes the defining technology of our era, organisations are scrambling to understand how to build, deploy, and govern it safely. In this insightful episode of ISITC Europe’s AI podcast series, Director Gary Wright sits down with Bob Morel, CEO of Genbounty, to unpack one of the most important—and misunderstood—topics in AI governance: the relationship between ISO42001 and the EU AI Act.
Bob explains that while the EU AI Act is a regulation enforced by strict fines, ISO 42001 is an international standard designed to help organisations build responsible, ethical, and secure AI systems. One governs how AI products behave; the other governs how AI is built. Together, they form a powerful framework for safe, compliant AI.
Listeners will gain clarity on:
- How ISO 42001 structures AI development, ensuring alignment across departments, strong governance, and best‑practice machine‑learning operations.
- Why the EU AI Act focuses on the final product, assessing purpose, impact, safety, and fundamental rights.
- Why firms must understand both, rather than assuming one replaces the other.
- How to choose the right starting point, whether top‑down governance or bottom‑up assessment of existing AI exposure.
- How ISITC Europe and Genbounty are helping firms bridge the knowledge gap, offering tools, assessments, and accreditations to build confidence and control.
Gary highlights a key industry challenge: organisations have wildly different levels of AI understanding. That’s why ISITC Europe advocates starting with a practical audit of existing AI exposure, building policies from real insight, and then maturing into full governance.
Whether you’re a fintech, a global bank, or a software provider, this conversation offers a roadmap for navigating AI standards, regulation, and risk—without getting lost in complexity.
Explore the full discussion and start building AI governance that’s robust, future‑proof, and fully under your control.
Viewing time: 17 mins
Bob Morel is the CEO of Genbounty, an AI Risk Management platform designed to facilitate market access for AI-driven applications within the European Union. Specializing in the EU AI Act and Enterprise Architecture, Bob helps AI teams classified as manufacturers under new regulations to navigate complex compliance landscapes. Through Genbounty, he delivers end-to-end product risk management, offering services that range from litigation defense and consumer safety to accreditation for CE Marking.
With a robust background in technical leadership, Bob previously served as the Head of Application Security at Centrica and the Application Security Lead at CoinFLEX, where he oversaw secure development lifecycles and ISO 27001 compliance. He is an active contributor to the cybersecurity community as an author for Infosec, creating learning paths on topics such as HTML5 security and the use of ChatGPT for offensive security. His expertise is supported by a B.Sc. in Computer Science, an ongoing MBA in Cybersecurity, and industry certifications including the (ISC)² CISSP, Security+, and SecAI+.
Leave a Reply
You must be logged in to post a comment.