This talk explores seamlessly integrating AI compliance into DevSecOps, balancing technological innovation and regulatory adherence. As AI adoption grows, the EU AI Act, the world’s first AI regulation, imposes strict requirements on technology development and risk governance, significantly raising compliance thresholds for businesses.

We will deconstruct the AI Act, tracing its evolution from the AI White Paper → Trustworthy AI → AI Act, and incorporate ISO 42001 methodologies to examine risk management, governance, process management, data governance, AI algorithms, system architecture, and input-output processes for comprehensive AI compliance.

Additionally, this session will explore embedding compliance into the DevSecOps lifecycle, covering security and privacy, ethical standards, legal risk management, and continuous improvement. Ultimately, we aim to help businesses build human-centric, trustworthy AI, ensuring they stay competitive in the rapidly evolving AI regulatory landscape.