The Malta Digital Innovation Authority (MDIA) has just announced a set of consultation documents which will provide guidance to Innovative Technology Arrangement and Service Provider applications who wish to obtain certification and registration.
This set of documents comprises of four chapters which are collectively referred to as the ‘MDIA Guidance Notes’. The Authority seeks to gain feedback from stakeholders on each chapter, through a series of public consultations.
AI ITA Guidelines
These guidelines relate to the Strategy and Vision for Artificial Intelligence in Malta and the achievement of the Malta Ethical AI Framework. These guidelines will build on the ITA certification framework for AI-based solutions, making it the world’s first national AI certification programme that has been developed in a transparent, ethical, and socially responsible manner.
The guidance notes will assist Service Providers and AI-ITA Applicants when approaching the MDIA for registration and certification. The document lays out the definition of AI as well as which technologies can fall under its scope. It also provides instructions on how a prospective AI-ITA should submit their application form to the Authority, and what process the Authority will go through when considering applications.
Questions for consideration in the consultation document include any improvements with respect to the certification of AI-ITAs, whether the MDIA has overlooked any elements in its draft, whether there are any qualifying features or attributes that should be added.
AI System Auditor Control Objectives
The AI Systems Auditor Control Objectives document lists a number of objectives which the MDIA believes should be covered as a part of the Systems Audit report. The Systems Audit is a procedure that should be undertaken using the MDIA’s AI-ITA Systems Auditor Guidelines and not an audit in the sense of the International Auditing and Assurance Standards Board.
Objectives covered within the document include alignment with the Ethical and Trustworthy AI Framework, Incident Management, Security Assessments, Risk Management and Organisational Structures.
AI ITA Nomenclature
This document is designed to provide an overview of the processes and components that make up a typical AI-ITA. Recognising that AI is a rapidly evolving field, the document is meant to serve as a high-level guidance into what would usually constitute as an AI-ITA.
The ITA Nomenclature covers data collection and storage, data processing and analysis and application and implementation.
AI ITA Blueprint Guidelines
The Blueprint is a document which lays out all of the critical and important features which an AI-ITA should include in the information they submit to the MDIA during their application for certification. It will then be used by Systems Auditors to properly understand the implementation of various control objectives as specified in Systems Auditor Control Objectives.
These requirements include the reasons why the AI-ITA is being created, its characteristics, specific elements, functional capabilities, verifications and limitations, amongst others.
The consultation period is open until 1st November, 2019.
Get in touch with BDO's Technology Advisory Team to learn more.