This document outlines best practices on assessing security and privacy in artificial intelligence use cases, covering in particular those published in ISO/IEC TR 24030.

The following aspects are addressed:

—？an overall assessment of security and privacy on the AI system of interest;

—？security and privacy concerns;

—？security and privacy risks;

—？security and privacy controls;

—？security and privacy assurance; and

—？security and privacy plans.

Security and privacy are treated separately as the analysis of security and the analysis of privacy can differ.