Processes on Rygen Technologies AI Management System Handbook

Document Control

Tue, 20 Jan 2026 00:00:00 +0000

Purpose

This procedure establishes requirements for the control of documents within the the Rygen AI Management System.

Scope

This procedure applies to all AIMS documents including policies, procedures, records, and forms. The specific identification and formatting rules in Section 3.1 apply to core governance documents classified as the AIMS Handbook (e.g., policies, procedures, processes). Other records (e.g., risk assessments, meeting minutes) must be identifiable and controlled, but may follow tooling-specific formats.

Risk Management

Tue, 28 Oct 2025 00:00:00 +0000

Purpose

This document establishes the framework for identifying, assessing, evaluating, and treating risks within Rygen Technologies’ AI Management System (AIMS), in accordance with ISO 42001, which ensures that AI risks are addressed systematically, ensuring responsible AI delivery that our stakeholders can depend on.

Scope

This framework applies to all AI systems within the AIMS scope, personnel involved in the AI system development lifecycle, and all risk assessments (initial, periodic, or trigger-based).

Impact Assessment

Tue, 13 Jan 2026 00:00:00 +0000

Purpose

This process ensures we systematically evaluate how AI systems affect the people and organizations that interact with them, enabling informed decision-making and responsible AI deployment. It defines the process for assessing potential positive and negative impacts to ensure that affected parties are considered and appropriate actions can be taken to capitalize on positive impacts while mitigating negative ones.

Scope

This process to all AI systems built or used by Rygen, including:

Data Management

Wed, 27 Aug 2025 00:00:00 +0000

Purpose

This document establishes Rygen Technologies’ AI Data Management Process in accordance with ISO/IEC 42001:2023 Section B.7. It ensures that data used in AI systems is properly acquired, validated, documented, and maintained throughout the AI system lifecycle.

Scope

This process applies to all data used within the AIMS scope:

Training data for custom ML models
Validation and test data
Production/operational data
Data transmitted to/from third-party AI APIs
Internal data used with internal AI tools

Applicability by System Type

This procedure applies to all AI systems within the AIMS scope, but deliverable requirements differ based on system architecture:

Development Lifecycle

Wed, 08 Oct 2025 00:00:00 +0000

Purpose

This document defines Rygen Technologies’ AI system development lifecycle, ensuring all AI systems are developed in accordance with ISO/IEC 42001:2023 requirements. It is intended to guide and inform the AI development process from end to end, ensuring that AI systems developed by Rygen are responsible and governed.

Scope

This lifecycle applies to all AI systems developed or substantially configured by Rygen:

AI-powered features developed for X1 Platform (IPaaS)
AI features developed for Corsair (TMS)
Internal AI tools and automations developed by Rygen
AI implementations requiring configuration, training, or customization

AI System Development Lifecycle

flowchart TD
 A[Problem Definition] --> B{Go / No Go?}
 B -->|No| C[Don't Implement]
 B -->|Yes| D[Data Collection and Preparation]
 D --> E[Training and Development]
 E --> F[Evaluation]
 F --> G{Acceptable?}
 G -->|No| D
 G -->|Yes| H[Deployment]
 H --> I[Monitoring]
 I --> J[Refinement]
 J --> D

Development Lifecycle Phases

Phase 1: Problem Definition

Purpose: Define the problem; assess impact and risk; evaluate feasibility; and document system design

Nonconformance

Wed, 14 Jan 2026 00:00:00 +0000

Purpose

This procedure establishes the process for identifying, documenting, investigating, and addressing nonconformities within Rygen’s AI Management System (AIMS) to ensure that we systematically identify, analyze, and resolve issues within our AI systems.

Scope

This procedure applies to all nonconformities related to:

AI systems within AIMS scope (X1, Corsair, internal AI tools)
AIMS processes and procedures
AI governance and compliance requirements
AI system performance, security, or ethical issues

Definitions

Nonconformity: Failure to fulfill a requirement of the AIMS, including:

Internal Audits

Mon, 13 Jan 2025 00:00:00 +0000

Purpose

This procedure establishes Rygen Technologies’ internal audit program for the AI Management System (AIMS) in accordance with ISO/IEC 42001:2023 Section 9.2, to provide information on whether the AIMS conforms to organizational requirements and the requirements of the standard, and is effectively implemented and maintained.

Scope

This procedure applies to all internal audits of the AIMS, covering all processes, activities, and areas within the defined AIMS scope including:

• AI systems (X1 Platform, Corsair, internal AI tools) • AIMS processes and procedures • AI governance activities • Risk management processes • All organizational units involved in AI activities

Performance Monitoring

Wed, 08 Oct 2025 00:00:00 +0000

Purpose

This plan defines what aspects of the AI Management System (AIMS) are monitored and measured, the methods used, and the frequency of evaluation to ensure continuing suitability, adequacy, and effectiveness per ISO/IEC 42001:2023 Section 9.1.

Scope

This monitoring plan applies to all components of Rygen’s AIMS including:

AIMS objectives performance
AI system performance and effectiveness
Risk management effectiveness
Process conformity and effectiveness
Stakeholder satisfaction

Monitoring and Measurement Framework

AIMS Objectives Monitoring

Objective	Metric	Target	Method	Frequency	Responsible
Trustworthy Delivery	% AI features with explainability or human oversight controls	100%	Review system documentation & implementation	Quarterly	Principal AI Engineer
Performance Excellence	% AI systems meeting performance targets	90%	Evaluation reports & benchmarking	Monthly	AI/ML Team
Responsible AI Governance	% completed assessments before deployment	100%	Risk & impact assessment tracking	Per deployment	Principal AI Engineer
Client Value Through Innovation	New AI features deployed per year	2+	Feature deployment tracking	Semi-annually	Product Manager
Operational Resilience	AI service availability	99%	System monitoring & incident logs	Monthly	DevOps Team
Compliance	% compliance with requirements	100%	Audit results & certification status	Quarterly	Principal AI Engineer

AI System Performance Monitoring

What is Monitored:

Management Review

Wed, 27 Aug 2025 00:00:00 +0000

Purpose

This procedure ensures systematic, regular evaluation of our AI Management System to maintain its effectiveness and continuous improvement. It establishes the quarterly management review process for Rygen Technologies’ AI Management System (AIMS) in accordance with ISO/IEC 42001:2023 Section 9.3.

Scope

This procedure applies to the systematic review of AIMS performance, suitability, adequacy, and effectiveness by top management.

Management Review Framework

Regular management reviews ensure our AIMS remains aligned with business objectives, addresses emerging risks, and continuously improves based on performance data and stakeholder feedback. This systematic approach demonstrates our commitment to maintaining effective AI governance at the executive level.

Incident Response

Tue, 14 Jan 2025 00:00:00 +0000

Purpose

This procedure establishes the framework for responding to incidents involving AI systems within Rygen’s AI Management System (AIMS) in accordance with ISO/IEC 42001:2023 Section 8.1 and Annex A.8.4. It ensures AI incidents are properly identified, managed, communicated, and used to improve the AIMS.

Scope

This procedure applies to all incidents involving AI systems within the AIMS scope:

X1 Platform AI features
Corsair TMS AI capabilities
Internal AI tools and third-party AI services
AI development and deployment processes

AI Incident Types

An AI incident is any unplanned event or situation that affects or has the potential to affect:

Competence and Training

Mon, 01 Jan 0001 00:00:00 +0000

1. Purpose

This procedure defines the process for ensuring that all personnel with responsibilities within the AI Management System (AIMS) possess the necessary competence to fulfill their roles. It establishes the framework for identifying training needs, delivering training, and maintaining records of competence in accordance with ISO/IEC 42001:2023 Clause 7.2.

2. Scope

This procedure applies to all Rygen employees and contractors whose roles and responsibilities are defined within the AIMS. It covers general AIMS awareness training for all staff and role-specific competence training for personnel with direct involvement in AI system development, oversight, or governance.