Skip to content

Reference

AI Glossary

101 terms on AI, AI management systems, ISO/IEC 42001 and 27001, AI audit and the EU AI Act, explained in plain words. Every definition is our own wording; where a standard provides the technical reference, it is named as a reference, not quoted.

Audit & certification

Core terms from the audit process under ISO/IEC 17021-1 and the management system standards.

Audit criteria

The reference against which an audit measures: the standard, legal requirements, internal policies and contracts. Findings are always relative to the audit criteria.
Reference: ISO 19011:2018

Audit evidence

Records, statements of fact or other verifiable information relevant to the audit criteria. Audit evidence should be backed by triangulation (at least two methods: interview, observation, document review, data sampling).
Reference: ISO 19011:2018

Audit conclusion

The result the audit team reaches after considering the audit objectives and all findings. It forms the basis for the recommendation to the certification committee.
Reference: ISO 19011:2018

Audit trail

A thread through an audit: one topic (for example asset management or the data lifecycle of an AI) is examined end to end, from policy through procedure to evidence of effectiveness.
Reference: ISO 19011:2018

Multi-site sampling

For organisations with several sites, the auditor samples a representative subset instead of visiting every location. The sample size follows defined rules.
Reference: IAF MD 1

Witness audit

An accreditation body observes an auditor at work during a real audit to confirm competence and conformity. Quality assurance for the certification system.
Reference: ISO/IEC 17021-1

Audit time calculation

The number of audit days follows defined rules. For ISO/IEC 42001 it depends on the people involved in the AI lifecycle and the role, not on headcount alone.
Reference: ISO/IEC 42006

Technical expert

A specialist who supports the audit team with specific expertise but does not audit independently. Useful for complex AI or industry topics.
Reference: ISO 19011:2018

ISO management system

Terms around ISO/IEC 42001, ISO/IEC 27001 and the Statement of Applicability.

Statement of Applicability (SoA)

A mandatory document under ISO/IEC 27001 and ISO/IEC 42001. It lists all Annex A controls with an applicability decision (yes/no), a justification and a reference to the implementation. The bridge between risk assessment and controls.
Reference: ISO/IEC 27001:2022, ISO/IEC 42001:2023

Major nonconformity

A requirement is systematically unmet, or a whole element is missing. Blocks certification until resolved.
Reference: ISO/IEC 17021-1

Minor nonconformity

A requirement is unmet in an isolated case while the system works in principle. Resolved with a corrective action and a deadline.
Reference: ISO/IEC 17021-1

Residual risk

The risk that remains after controls have been applied. It must be assessed and formally accepted by the responsible risk owner.
Reference: ISO/IEC 27005

Risk owner

The person accountable for a specific risk and for deciding how to treat it. Without a clear risk owner, risk management stays on paper.
Reference: ISO/IEC 27005

Risk appetite

The amount of risk an organisation is willing to accept to reach its goals. It guides which risks are treated and which are accepted.
Reference: ISO 31000

AI System Impact Assessment (AIIA)

A structured process to assess the impact of an AI system on individuals, groups and society, both positive and negative. Required under ISO/IEC 42001 and operationalised by ISO/IEC 42005. Done before deployment, on major changes and periodically.
Reference: ISO/IEC 42001:2023, ISO/IEC 42005:2025

Sensitive use

Using an AI system in a context with raised potential for harm to affected people, for example HR decisions, lending or medical triage. The organisation must define thresholds for sensitive use and trigger a deeper AIIA.
Reference: ISO/IEC 42005:2025

Impact scale

A calibrated scale to rate the severity of impacts, typically four or five levels. Used in the AIIA to compare identified impacts consistently.
Reference: ISO/IEC 42005:2025

Positive impacts (in the AIIA)

An AIIA documents not only risks but also the intended benefits of an AI system, for example relief, quality or access. This keeps the assessment balanced.
Reference: ISO/IEC 42005:2025

Accreditation body

A national body that confirms certification bodies are competent and impartial. In Germany this is DAkkS. It certifies the certifiers, it does not certify companies itself.
Reference: ISO/IEC 17011

IAF Mandatory Document (IAF MD)

Binding rules of the International Accreditation Forum that make audits and certifications consistent worldwide, for example on audit time or multi-site sampling.
Reference: IAF MD

Impartiality

Acting and judging free of conflicts of interest. A core requirement under ISO/IEC 17021-1, for example separating consulting and the certification-deciding audit at the same client.
Reference: ISO/IEC 17021-1

CPD (continuing professional development)

Documented ongoing training that auditors must show to keep their qualification. Ensures expertise stays current.
Reference: ISO/IEC 17024

EU AI Act

Key terms of the EU's AI regulation, from high-risk to GPAI.

Human in the loop

also: human oversight

A design principle where a human reviews, approves or can stop key AI decisions or actions. The EU AI Act requires effective human oversight for high-risk AI; for autonomous agents it is the central safeguard against unwanted actions.
Reference: EU AI Act Art. 14

FRIA (Fundamental Rights Impact Assessment)

A mandatory assessment under EU AI Act Art. 27 for certain deployers of high-risk AI (public bodies plus banks/insurers). It assesses the impact of the AI use on the fundamental rights of affected people. Complements the AIIA with the legal dimension.
Reference: EU AI Act Art. 27

Restricted use

AI applications that are allowed only under specific conditions or not at all, for example emotion detection in HR settings or social scoring by public bodies. The prohibitions in EU AI Act Art. 5 fall under this.
Reference: ISO/IEC 42005:2025, EU AI Act Art. 5

Annex III high-risk categories

The list in EU AI Act Annex III of use cases counted as high-risk, for example HR, credit, critical infrastructure or law enforcement. High-risk AI carries the strictest obligations.
Reference: EU AI Act Annex III

GPAI with systemic risk

General-purpose AI models so capable that they pose systemic risks. They carry additional duties, for example model evaluation, risk mitigation and incident reporting.
Reference: EU AI Act Art. 51 ff.

Prohibited AI practices

AI uses banned outright under EU AI Act Art. 5, such as social scoring by public bodies or manipulative systems that exploit weaknesses.
Reference: EU AI Act Art. 5

Conformity assessment (EU AI Act)

The procedure by which it is checked and documented that a high-risk AI system meets the requirements, before it goes to market. Depending on the case via self-assessment or a notified body.
Reference: EU AI Act Art. 43

Notified body

An independent body designated by a state to carry out conformity assessments for certain high-risk AI systems. Not to be confused with an ISO certification body.
Reference: EU AI Act Art. 28 ff.

Annex IV technical documentation

The technical documentation required for high-risk AI under EU AI Act Annex IV: system description, data, architecture, risk management, test results and more. Evidence of conformity.
Reference: EU AI Act Annex IV

Post-market monitoring (PMM)

Systematically observing a high-risk AI system after it goes to market, to detect new risks, errors or drift and to react. A duty under the EU AI Act.
Reference: EU AI Act Art. 72

Serious incident

An event involving a high-risk AI system that leads to or could lead to serious harm. Subject to reporting duties under the EU AI Act within set deadlines.
Reference: EU AI Act Art. 73

AI security & threats

Attacks on and safeguards for AI systems.

Prompt injection

An attack that overrides an AI system's instructions through manipulated inputs (directly or hidden in documents or web pages) so it performs unintended actions or bypasses safeguards. Especially critical for AI agents, because the agent really acts.
Reference: OWASP Top 10 for LLM Applications (LLM01)

Guardrails

Technical and organisational limits that define what an AI system or agent may and may not do, for example allowed actions, value limits, mandatory human approval or running only in a sandbox.
Reference: General; cf. EU AI Act Art. 14, ISO/IEC 42001 operation

Least privilege

The principle of granting any user, service or AI agent only the rights strictly needed for the task. Limits the damage from misbehaviour or compromise. Central for AI agents, since over-broad access enables real actions.
Reference: ISO/IEC 27001:2022 Annex A 8.2/8.3

Agent identity

A unique, managed identity for an AI agent (own credentials/tokens, lifecycle, revocation) so its actions are attributable, limitable and traceable. A prerequisite for access control and an audit trail with agentic AI.
Reference: ISO/IEC 27001:2022 Annex A (identity/access management)

Sandboxing

Running an AI agent or its actions in an isolated environment with limited rights and no direct access to production systems. Lets you test and contain actions before they have real effect.
Reference: General; cf. ISO/IEC TR 24028

Tool & action security

Securing the tools and actions an AI agent can call: which APIs/functions are allowed, with what limits, what output validation and what logging. Prevents an agent from having uncontrolled external effect.
Reference: General; cf. ISO/IEC 42001 operation, OWASP LLM Top 10

Data poisoning

An attack that smuggles manipulated examples into the training data so the model learns wrong or harmful behaviour. Hard to detect after the fact, hence the focus on data provenance.
Reference: ISO/IEC TR 24028

Model stealing

Reconstructing or copying a model by querying it many times and learning from the answers. Threatens intellectual property and security.
Reference: ISO/IEC TR 24028

Model inversion

An attack that reconstructs sensitive training data from a model's outputs, for example personal data. A privacy risk.
Reference: ISO/IEC TR 24028

Membership inference attack

An attack that determines whether a specific record was part of the training data. Problematic for personal or confidential data.
Reference: ISO/IEC TR 24028

Evasion attack

Deliberately altered inputs that cause a model to misclassify, for example minimal image changes that fool an image classifier.
Reference: ISO/IEC TR 24028

Threat modeling

Systematically identifying possible attacks and weak points of an AI system early, in order to plan suitable safeguards.
Reference: ISO/IEC TR 24028

Red teaming (AI)

Deliberately attacking your own AI system to uncover weaknesses, harmful outputs or bypasses before others do.
Reference: General AI knowledge

Differential privacy

A mathematical method that adds controlled noise so that statistics can be used without revealing individuals. Protects personal data in training and analysis.
Reference: General AI knowledge

AI concepts & terminology

Core concepts of artificial intelligence, from LLMs and neural networks to generative AI, explained in plain words.

Agentic AI (AI agent)

also: AI agent

An AI system that breaks a task into steps itself and carries them out with tools (APIs, databases, email, system access). Unlike classic AI it does not just produce an output, it acts, which shifts the risk from the answer to real-world actions.
Reference: General AI knowledge

Artificial intelligence (AI)

also: AI

Umbrella term for systems that perform tasks normally requiring human intelligence, such as perceiving, reasoning, learning or deciding. AI is not one method but a field of many.
Reference: General AI knowledge

Algorithm

A clear, step-by-step procedure to solve a problem. In AI, algorithms govern how a model learns from data and how it turns inputs into outputs.
Reference: General AI knowledge

Strong vs. weak AI

also: AGI, narrow AI

Weak (narrow) AI solves a clearly defined task, such as speech recognition. Strong AI (AGI) would be a hypothetical, general intelligence at human level. Today's systems are all narrow AI.
Reference: General AI knowledge

Prompt

The input or instruction a user gives to steer an AI model. How precisely the prompt is phrased strongly affects the quality of the answer.
Reference: General AI knowledge

Prompt engineering

Deliberately phrasing and structuring prompts to reliably get useful results from a language model.
Reference: General AI knowledge

Chatbot

A program that communicates with people in natural language. Modern chatbots are mostly built on large language models.
Reference: General AI knowledge

Computer vision

also: image recognition

Field of AI that analyses images and video, for example detecting and classifying objects or finding defects in production.
Reference: General AI knowledge

Natural language processing (NLP)

also: NLP

Field of AI that processes, understands and generates human language, from translation to sentiment analysis to chatbots.
Reference: General AI knowledge

Reinforcement learning

A learning method where a system learns to make good decisions in an environment through reward and penalty.
Reference: General AI knowledge

Supervised learning

Learning from examples with known correct answers (labelled data), so the model can apply the mapping to new cases.
Reference: General AI knowledge

Unsupervised learning

Learning from data without given answers; the model finds structure on its own, such as groups of similar cases.
Reference: General AI knowledge

Clustering

A method that groups data into clusters of similar objects without predefined labels, for example for customer segmentation.
Reference: General AI knowledge

Label (annotation)

also: annotation

The correct answer attached to a training example. Labelling (annotation) is often the most labour-intensive part of an AI project.
Reference: General AI knowledge

Feature

A single measurable property of the input data that a model uses, such as size, colour or a word.
Reference: General AI knowledge

Parameters (weights)

also: weights

The internal values of a model adjusted during training. Large language models have billions of them; they hold what the model has learned.
Reference: General AI knowledge

Context window

The amount of text a language model can consider at once. Once exceeded, earlier parts drop out of the model's view.
Reference: General AI knowledge

Foundation model

A very large, broadly pre-trained model that serves as the basis for many applications and is adapted for individual tasks.
Reference: General AI knowledge

Multimodal AI

AI that processes several data types at once, such as text, image and audio in one model.
Reference: General AI knowledge

Diffusion model

A model type for image generation that gradually shapes a matching image from random noise. The basis of many image generators.
Reference: General AI knowledge

Generative adversarial network (GAN)

also: GAN

Two neural networks compete: one creates content, the other judges it. This produces realistic synthetic data.
Reference: General AI knowledge

Zero-shot and few-shot learning

A model solves a task with no (zero-shot) or only a few (few-shot) examples in the prompt, without retraining.
Reference: General AI knowledge

Explainable AI (XAI)

also: XAI

Methods that make it understandable why an AI model arrives at an output. Important for trust, human oversight and evidence.
Reference: General AI knowledge

Recommender system

A system that suggests relevant content or products to users based on their behaviour and similar users. Subject to transparency duties under the EU AI Act.
Reference: General AI knowledge

Anomaly detection

A method that finds unusual patterns in data, for example for quality assurance, maintenance or fraud detection.
Reference: General AI knowledge

Predictive maintenance

AI-based prediction of when a machine should be serviced before it fails. A classic industrial use case.
Reference: General AI knowledge

Knowledge graph

A structured representation of knowledge as a network of concepts and their relationships. Helps AI use context deliberately.
Reference: General AI knowledge

MLOps

Practices and tools to reliably put AI models into operation, monitor them and update them, comparable to DevOps in software.
Reference: General AI knowledge

Edge AI

AI that runs directly on a device on site (machine, sensor, smartphone) instead of in the cloud. Saves latency and keeps data local.
Reference: General AI knowledge

Large language model (LLM)

also: language model

An AI model trained on very large amounts of text that understands and produces language. It predicts the most likely next word and can write, summarise, translate or answer.
Reference: General AI knowledge

Neural network

also: artificial neural network

A computing model loosely inspired by the brain: many simple units (neurons) in layers that learn patterns from data through weighted connections. The building block of modern AI.
Reference: General AI knowledge

Deep learning

A form of machine learning using neural networks with many layers. The deeper the network, the more abstract the patterns it can learn. The driver of most recent AI breakthroughs.
Reference: General AI knowledge

Machine learning (ML)

also: ML

A subfield of AI in which a system learns from data instead of being explicitly programmed. It recognises patterns in examples and applies them to new cases.
Reference: General AI knowledge

Generative AI

also: GenAI

AI that creates new content such as text, images, audio or code, rather than only classifying or predicting. Usually based on large models trained on huge datasets.
Reference: General AI knowledge

Transformer

A network architecture that uses an attention mechanism to find which parts of an input matter to each other. The technical basis of today's large language models.
Reference: General AI knowledge

Token / tokenisation

The smallest processing unit of a language model, often a word fragment. Text is split into tokens before processing. Cost and compute of AI services are usually measured in tokens.
Reference: General AI knowledge

Embedding

A representation of words, sentences or documents as a numeric vector, so that similar content sits close together. The basis for semantic search and for connecting your own data to AI.
Reference: General AI knowledge

Training data

The data a model learns from. The quality, origin and balance of training data largely determine how well and how fairly a model works, a central point of any AI governance.
Reference: General AI knowledge

Inference

Running a trained model: it receives an input and returns an output. In contrast to training, where the model first learns.
Reference: General AI knowledge

Overfitting

When a model effectively memorises the training data instead of general patterns, then performs poorly on new data. Remedies are more data, simpler models and clean validation.
Reference: General AI knowledge

Hallucination (AI)

When an AI model confidently states something that is factually wrong or made up. A consequence of its probability-based way of working, which is why human checks of AI output matter.
Reference: General AI knowledge

Fine-tuning

Further training a pre-trained model with your own specific data so it handles a task or style better. Cheaper than training a model from scratch.
Reference: General AI knowledge

RAG (retrieval-augmented generation)

An approach where a language model looks up relevant information from your own knowledge source before answering and includes it. Reduces hallucinations and makes AI answers traceable.
Reference: General AI knowledge

Bias

also: algorithmic bias

A systematic skew in data or model that leads to unfair or discriminatory results, for example against certain groups. A core topic for responsible AI and for ISO/IEC 42001.
Reference: General AI knowledge

AI model

also: model

The result learned from training data that turns inputs into outputs (predictions, text, classifications). The model is the core of an AI system, embedded in data, software and processes around it.
Reference: General AI knowledge

Affected stakeholders

People or groups whose rights, interests or wellbeing are affected by an AI system. A mandatory documentation point in the AIIA. Includes direct users, indirectly affected people (e.g. applicants in AI recruiting) and potentially whole populations.
Reference: ISO/IEC 42005:2025

Model drift

A gradual decline in model quality over time because the real world moves away from the training data. Requires monitoring and retraining.
Reference: ISO/IEC TR 24028

Opacity (black box)

also: black box

When it is hard to understand how an AI model reaches its decisions. Opacity makes oversight, error analysis and accountability harder, which is why explainability matters.
Reference: ISO/IEC TR 24028

Unpredictability

When an AI system behaves differently than expected in situations it was not designed or tested for. A key risk factor, especially for systems that act autonomously.
Reference: ISO/IEC TR 24028

Bias mitigation

Measures to reduce unfair skew across the AI lifecycle: balanced data, fairness metrics, testing and human review. Goal is comparable treatment of affected groups.
Reference: General AI knowledge

Adversarial training

Deliberately training a model with manipulated inputs so it becomes more robust against attacks and edge cases.
Reference: General AI knowledge

Federated learning

Training across several locations where the data stays local and only model updates are shared. Protects privacy and sensitive data.
Reference: General AI knowledge

Model card

A concise factsheet for an AI model: purpose, training data, known limitations, evaluation metrics and intended use. Supports transparency and governance.
Reference: General AI knowledge

Datasheet for datasets

A structured description of a dataset: origin, collection, composition, intended use and limitations. The data counterpart to a model card.
Reference: General AI knowledge

Clarify a term in practice

Want to know what a term means concretely for your AI management system? I will place it in your context in a free initial call.

Book an initial call To the insights hub