A futuristic data center corridor with rows of server racks on both sides, illuminated by vibrant pink and purple lighting. The perspective and digital effects create a sense of motion and advanced technology, enhancing the high-tech ambiance of the environment.

Technical Controls

Strengthen technical risk management (with models, data, technology) to identify, monitor and mitigate risks, ensuring alignment with regulations and organisational risk appetite

Technical Controls sub-dimensions

3.1 Data management

Ensure the use of quality, trustworthy data that underpins decision-making (e.g., minimise malicious use and security threats through consideration of sensitive variables within the data such as race or ethnicity).

Examples of evidence

Reports/guidelines on data quality checks and validation processes

Requirement for Evolving level

Documentation (e.g., reports, guidelines, SOPs) outlining data quality objectives (DQOs) and procedures for verifying and validating data

3.2 Model risk management

Establish model risk management practices to address risk issues (e.g., for inaccurate output, model drift, algorithmic bias).

Examples of evidence

Model risk management practices

Requirement for Evolving level

Clear policies and procedures for model development, validation, implementation, and monitoring

3.3 Control environment (incl. technical guardrails)

Develop a control environment with technical guardrails and controls to ensure compliance with applicable regulations (e.g., EU AI Act).

Examples of evidence

Library of controls

Requirement for Evolving level

Collection of documented controls (e.g., technical, procedural, cultural) that can mitigate different AI risks

3.4 Monitoring and incident response

Monitoring of KRIs (in real-time, as required) for oversight and improvement of AI systems once deployed, along with incident response plans to manage and respond to failures in AI systems.

Examples of evidence

Incident response plans

Requirement for Evolving level

Documented plan outlining procedures for containing, mitigating, and recovering from AI incidents

Monitoring dashboard and/or logs

Requirement for Advanced level

System that displays data streams (logs) or visualisations (dashboard) to track KRIs and potential AI risks, in real-time if applicable

Step-By-Step
Guide

This guide outlines the steps companies can take to establish a foundational level of RAI maturity and offers practical recommendations on how to progress towards higher levels of maturity across the five dimensions.

Download

Best Practice
Tools

In this guide, you will find supporting tools and recommendations to help companies progress on the GSMA Responsible AI Maturity Roadmap. Developed by mobile operators, each example covers a specific sub-dimension required to operate at the highest level of maturity. 

Download