OWASP AIBOM Policy Workstream: Shaping the Future of AI Governance
As AI systems become critical infrastructure across industries, regulators worldwide are introducing frameworks requiring transparency and accountability. The EU AI Act, US state legislation, and emerging global standards all point to one reality: organizations need systematic ways to document their AI systems. This is where AI Bill of Materials (AIBOM) becomes essential.
The OWASP AIBOM Policy Workstream exists to bridge the gap between technical innovation and regulatory compliance. We’re not just building documentation standards—we’re actively shaping how governments, industry bodies, and organizations think about AI transparency requirements.
Our mission is clear: Engage with regulatory bodies, develop actionable policy recommendations, and ensure AIBOM becomes the recognized standard for AI system documentation globally.
We focus on four critical areas: mapping AIBOM to regulatory compliance requirements across jurisdictions, developing policy recommendations that balance innovation with accountability, creating legal and compliance frameworks that practitioners can actually use, and aligning our work with emerging industry standards from ISO, NIST, and international bodies.
This workstream brings together policy experts, legal professionals, compliance officers, and security practitioners to ensure AIBOM isn’t just technically sound—it’s practically implementable within real regulatory contexts.
