All ISMS Copilot assistants can directly be accessed in the ISMS Copilot web app.

ISO 27001 Copilot Documentation

About This AI System

The ISO 27001 Copilot is an AI-powered chatbot specifically designed to assist organizations with ISO 27001 compliance. It offers in-depth guidance on implementing and maintaining controls, preparing for audits, and achieving certification. In accordance with EU AI Act transparency requirements, we inform you that you are interacting with an artificial intelligence system.

Classification Under EU AI Act

Risk Classification

ISO 27001 Copilot is classified as a limited risk AI system (chatbot) based on:

• Intended Purpose: Provides tailored support for ISO 27001 compliance tasks.
• Functionality: Focuses exclusively on ISO 27001 controls, offering detailed guidance for compliance, audits, and certification preparation.
• Risk Level: As a limited risk chatbot, it supports organizations in navigating compliance processes without impacting fundamental rights.
• Decision Making: Offers advisory support, leaving all final decisions to human users.
• Data Processing: Conversation data is processed and stored in the United States with privacy safeguards in place.

Rationale for Classification

The system does not qualify as high-risk under Article 6 and Annex III because:

• It does not make decisions affecting fundamental rights or critical infrastructure.
• Its guidance is advisory and focused on helping users navigate ISO 27001 compliance processes.
• Human oversight remains a key part of all compliance activities.
• Data processing policies ensure user privacy and security are prioritized.