{"id":3186,"date":"2026-03-22T22:15:58","date_gmt":"2026-03-22T21:15:58","guid":{"rendered":"https:\/\/consalta.ba\/?p=3186"},"modified":"2026-03-24T17:45:26","modified_gmt":"2026-03-24T16:45:26","slug":"ai-rizici-informacijska-sigurnost-iso-27001","status":"publish","type":"post","link":"https:\/\/consalta.ba\/ba\/ai-risks-information-security-iso-27001\/","title":{"rendered":"Va\u0161 tim ve\u0107 koristi AI - \u0161ta je sa sigurno\u0161\u0107u informacija?"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"AI\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Hajde da se ne la\u017eemo: va\u0161i zaposlenici ve\u0107 koriste AI! ChatGPT, Copilot, Gemini... neko iz va\u0161eg tima je ve\u0107 neko vrijeme, redovno \"puni\" AI alate podacima va\u0161e kompanije.<\/p>

Nekada je to brzinski draft emaila. Nekada finansijski izvje\u0161taj. Nekada su u pitanju li\u010dni podaci klijenta? Pitanje nije\u00a0da li je<\/em>\u00a0AI alat dio va\u0161e organizacije - pitanje je upravljate li\u00a0rizicima povezanim sa upotrebom AI alata u kontekstu informacione sigurnosti.<\/strong>\u00a0.<\/p>

S druge strane, ako ste kompanija u Bosni i Hercegovini koja sara\u0111uje s EU partnerima (npr. u Hrvatskoj, Sloveniji ili Njema\u010dkoj), ovo vi\u0161e nije samo interna briga unutar firme, ovo ve\u0107 postaje postaje poslovni zahtjev.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

AI rizici o kojima morate voditi ra\u010duna<\/h2>

When we talk about AI risks in the context of information security, we’re not talking about sci-fi scenarios. We’re talking about practical, everyday problems that are already happening in organizations across the region.<\/p>

Curenje podataka upotrebom AI alata.<\/strong> Kad va\u0161 zaposlenik ubaci osjetljive podatke u javni AI chatbot, postoji realna \u0161ansa da te informacije zavr\u0161e u treningu modela i da se pojave u ne\u010dijem drugom upitu. Povjerljive poslovne strategije, li\u010dni podaci, izvorni kod softvera... sve to mo\u017ee \"procuriti\" jednim copy-paste-om. Zvu\u010di dramati\u010dno? De\u0161ava se svaki dan.<\/p>

Tzv. shadow AI<\/strong> Znate za shadow IT? E, ovo je ista pri\u010da, samo s AI alatima. Zaposlenici po\u010dnu koristiti alate na svoju ruku, bez ikakvog odobrenja ili nadzora. Niko ne zna koji se alati koriste, koji podaci prolaze kroz njih, niti da li ispunjavaju bilo kakve sigurnosne zahtjeve. A ne mo\u017eete upravljati rizikom za koji ni ne znate da postoji!<\/p>

\"Halucinacije\" AI-a u dono\u0161enju odluka.<\/strong> AI modeli imaju jednu nezgodnu osobinu: generi\u0161u neta\u010dne informacije s ogromnim samopouzdanjem. Ovo dovodi do toga da je vrlo lako prepustiti se i povjerovati svemu \u0161to AI napi\u0161e. Ukoliko se va\u0161 tim osloni na AI-generirani izvje\u0161taj ili analizu, a da niko ne provjeri podatke pogre\u0161ne informacije mogu zavr\u0161iti u poslovnim odlukama, ugovorima, isporukama klijentima... S tim da ste vi odgovorni za posljedice, ne ChatGPT.<\/p>

Pritisak od EU partnera i klijenata.<\/strong> Va\u0161i partneri iz EU podlije\u017eu EU AI Act-u (Nova legislativa o umjetnoj inteligenciji)<\/a>koji se primjenjuje fazno tokom ove i naredne godine. Ova legislativa dovodi do jednog potencijalnog izazova za na\u0161e firme: iako BiH nije u EU, ako ste dio njihovog lanca snabdijevanja, njihove obaveze uskla\u0111enosti postaju va\u0161 problem<\/strong>. Ve\u0107 sada (ili uskoro) mo\u017eete o\u010dekivati pitanja tipa: \"Kako upravljate AI rizicima? Imate li to dokumentovano?\"<\/p>

Regulatorni sat otkucava<\/h2>

Tri regulatorne komponente su na snazi (ili u fazi uspostave) - i sve tri ukazuju u istom smjeru za kompanije u Bosni i Hercegovini:<\/p>

EU AI Act<\/strong> je stupio na snagu u augustu 2024. Zabranjene AI prakse su ve\u0107 na snazi. Pravila za visokorizi\u010dne AI sisteme postaju obavezna od augusta 2026., a neke kategorije slijede u 2027. Dakle, ako isporu\u010dujete bilo \u0161ta na EU tr\u017ei\u0161te ovo vas direktno poga\u0111a.<\/p>

Novi Zakon o za\u0161titi li\u010dnih podataka BiH <\/strong> je u primjeni od oktobra 2025. AI alati koji obra\u0111uju li\u010dne podatke (a ruku na srce, ve\u0107ina njih to radi) potpuno su u dometu ovog zakona. Znate li uop\u0161te gdje zavr\u0161avaju podaci koje va\u0161i zaposlenici svakodnevno unose u AI alate?<\/p>

Nacrt zakona o informacionoj sigurnosti FBiH<\/strong> (Nacrt zakona o informacionoj sigurnosti FBiH<\/strong>je upu\u0107en u parlamentarnu proceduru, i djelimi\u010dno je uskla\u0111en s EU NIS2 Direktivom. Poruka je jasna: BiH gradi svoj regulatorni okvir za kiberneti\u010dku sigurnost, htjeli mi to ili ne.<\/p>

I da ne zaboravimo - BiH je kandidat (kakav-takav) za \u010dlanstvo u EU. \u0160to zna\u010di da uskla\u0111ivanje s EU standardima nije stvar izbora, to je smjer u kojem idemo. Firme koje se pripreme sada bi\u0107e u prednosti. One koje \u010dekaju \u0107e improvizirati pod pritiskom, a to nikada ne funkcioni\u0161e<\/strong>dobro.<\/p>

Ve\u0107 imate ISO 27001? U boljoj ste situaciji nego \u0161to mislite!<\/h2>

Here’s the good news. If your organization already operates an Information Security Management System (ISMS) based on ISO 27001<\/strong><\/a>, you have a solid foundation for managing AI risks. Many of the controls you’ve already implemented are directly relevant.<\/p>

Pogledajte tabelu koja pokazuje \u0161ta va\u0161 postoje\u0107i ISMS ve\u0107 rje\u0161ava, a gdje su potencijalna mjesta za pobolj\u0161anja:<\/p>
AI rizici<\/th>\u0160ta ISO 27001 ve\u0107 pokriva<\/th>\u0160ta vam jo\u0161 treba<\/th><\/tr><\/thead>
Curenje podataka kroz AI alate<\/td>A.8.10 Brisanje informacija, A.8.12 Prevencija curenja podataka<\/td>Politika prihvatljive upotrebe AI alata. Jasna klasifikacija podataka koji smiju (i ne smiju) u\u0107i u AI sisteme<\/td><\/tr>
Shadow AI (neodobreni alati)<\/td>A.5.9 Evidencija informacija i druge povezane imovine, A.8.20 Sigurnost mre\u017ea<\/td>Popis AI imovine (Alata). Pra\u0107enje kori\u0161tenja neodobrenih AI alata<\/td><\/tr>
Gre\u0161ke AI-a u odlu\u010divanju<\/td>A.5.1 Politike informacione sigurnosti (upravlja\u010dki okvir)<\/td>Obaveza ljudske provjere kod AI-potpomognutih odluka. Procedure validacije AI-generiranog sadr\u017eaja<\/td><\/tr>
AI usluge tre\u0107ih strana<\/td>A.5.19\u2013A.5.22 Odnosi s dobavlja\u010dima i sigurnost<\/td>Specifi\u010dne klauzule vezane za AI u ugovorima s dobavlja\u010dima. Provjera kako provajderi AI modela postupaju s va\u0161im podacima<\/td><\/tr>
Pristranost i eti\u010dka pitanja<\/td>Ograni\u010dena direktna pokrivenost<\/td>Procjene uticaja AI sistema. Detekcija pristranosti; eti\u010dko upravljanje AI alatima - ovdje ve\u0107 imamo i integraciju sistema upravljanja<\/a> sa novim standardom ISO 42001<\/td><\/tr><\/tbody><\/table>

Dakle? Va\u0161 ISMS vam daje strukturu koju treba pro\u0161iriti da pokrije AI specifi\u010dne rizike.<\/strong> Konkretno, to zna\u010di: a\u017eurirati procjenu rizika<\/a> s AI scenarijima, dodati AI alate u inventar informacijske imovine<\/a>, napisati jasnu politiku prihvatljive upotrebe AI-a, i pregledati\/doraditi ugovore s dobavlja\u010dima za AI-relevantne klauzule.<\/p>

For organizations looking to go further, ISO\/IEC 42001<\/strong> - novi me\u0111unarodni standard za sistem upravljanja umjetnom inteligencijom (objavljen u decembru 2023.). Izgra\u0111en je na istoj strukturi kao ISO 27001, \u0161to zna\u010di da integracija ne predstavlja zna\u010dajan problem. Zamislite ga kao prirodno sljede\u0107e poglavlje va\u0161eg ISMS-a u doba AI-a.<\/p>

Nemate ISMS? AI vam je upravo dao najbolji argument za\u0161to vam treba<\/h2>

Mo\u017eda ve\u0107 neko vrijeme razmi\u0161ljate o ISO 27001. Mo\u017eda ga je klijent spomenuo. Mo\u017eda je na onoj listi \"do\u0107i \u0107emo do toga kad-tad\" koja svaka firma ima. Izgleda da je AI je upravo premjestio ISO 27001 na vrh te liste.<\/strong><\/p>

Bez strukturiranog okvira upravljanja, gotovo je nemogu\u0107e upravljati AI rizicima na bilo koji smislen na\u010din. Zavr\u0161ite s ad-hoc pravilima koja niko ne po\u0161tuje, nemate pojma koji se alati koriste po odjelima, nema dokumentovanog procesa za procjenu novih rizika, i (\u0161to je mo\u017eda najgore) nemate na\u010din da klijentu ili partneru poka\u017eete da informacionu sigurnost uop\u0161te shvatate ozbiljno.<\/p>

ISMS baziran na ISO 27001 daje vam upravo ono \u0161to vam nedostaje: sistemati\u010dan, ponovljiv pristup identifikaciji i upravljanju rizicima<\/strong> - uklju\u010duju\u0107i i ove nove rizike povezane sa upotrebom AI alata. Ali ne radi se o uvo\u0111enju dodatne \"papirologije\", nego o tome da imate jasnu sliku svojih rizika i konkretan plan za njihovo rje\u0161avanje.<\/p>

A evo i prakti\u010dne realnosti: ako sara\u0111ujete s firmama iz EU - posebno u reguliranim industrijama (finansije, zdravstvo, kriti\u010dna infrastruktura), pitanje \"imate li ISO 27001?\" sve \u010de\u0161\u0107e postaje preduslov za saradnju, a ne bonus. NIS2 Direktiva<\/a> i EU AI Act podi\u017eu letvicu kroz \u010ditave lance snabdijevanja, i to se ne\u0107e zaustaviti na granicama EU.<\/p>

Dobra vijest je da uspostava ISMS-a ne mora biti zastra\u0161uju\u0107a. Kre\u0107e se od razumijevanja gdje ste sada, identifikacije najkriti\u010dnijih rizika, pa onda Izgradnjom jakih temelja<\/a> postavljate zdrave osnove. A kada ga od starta dizajnirate s AI rizicima na umu, osiguravate investiciju za budu\u0107nost.<\/p>

Tri stvari koje mo\u017eete uraditi ve\u0107 ove sedmice<\/h2>

Bez obzira na to gdje se danas nalazite, evo \u0161ta mo\u017eete uraditi odmah:<\/p>

1. Otkrijte koje AI alate va\u0161i ljudi zaista koriste.<\/strong> Po\u0161aljite jednostavnu anketu ili jednostavno popri\u010dajte s voditeljima odjela. Skoro sigurno \u0107ete biti iznena\u0111eni. Ovo je va\u0161a prva vje\u017eba \"otkrivanja shadow AI-a\", i ujedno prvi korak svake gap analysis.<\/a><\/p>

2. Klasificirajte podatke prema AI izlo\u017eenosti.<\/strong> Jasno defini\u0161ite koje kategorije informacija nikada, ali nikada ne smiju biti unesene u AI alate: li\u010dni podaci, povjerljivi podaci klijenata, finansijski podaci, intelektualno vlasni\u0161tvo. I onda to komunicirajte timu - jasno i glasno.<\/p>

3. Stavite ovo na dnevni red menad\u017ementa.<\/strong> Upravljanje AI rizicima nije IT problem nego poslovni rizik. Potrebna je podr\u0161ka rukovodstva<\/a> i \"me\u0111u-funkcionalni\" pristup. \u0160to se ranije rukovodstvo uklju\u010di, efikasniji \u0107ete biti u odgovoru na ove izazove.<\/p>

Ukratko<\/h2>

AI is already transforming how organizations in Bosnia and Herzegovina operate \u2014 and the risks it introduces are real. But they’re also manageable. Whether you already have an ISMS or are starting from scratch, the path forward is the same: understand your risks, build (or extend) a structured framework to manage them, and stay ahead of the regulatory curve.<\/p>

Firme u regionu koje djeluju sada (umjesto da \u010dekaju da ih propisi na to prisile) \u0107e biti one koje \u0107e zadr\u017eati jake EU partnerske odnose, osvojiti nove poslove i izbje\u0107i skupa iznena\u0111enja.<\/p>

Niste sigurni odakle po\u010deti? Javite nam se<\/a> za besplatne konsultacije od 30 minuta.<\/strong> Pomo\u0107i \u0107emo vam da utvrdite gdje stojite s AI rizicima i koji vam je sljede\u0107i konkretan korak. Bez \u017eargona, bez pritiska, bez prodajnih taktika.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

Your employees are already using AI tools \u2014 whether you’ve approved them or not. From data leakage to shadow AI, the risks are real but manageable. Here’s what companies in Bosnia and Herzegovina need to know, whether they already have an ISMS or are just getting started.<\/p>","protected":false},"author":1,"featured_media":3196,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"disabled","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[81,36,66],"tags":[92,94,93,86,95,96],"class_list":["post-3186","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-protection","category-privacy","category-regulation","tag-ai-risks","tag-eu-ai-act","tag-information-security","tag-iso-27001","tag-iso-42001","tag-shadow-ai"],"yoast_head":"\nYour Team Is Already Using AI \u2014 How's your Information Security?<\/title>\n<meta name=\"description\" content=\"AI risks to information security are real \u2014 and already in your organisation. Learn how ISO 27001 helps you manage them before regulations force your hand.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/consalta.ba\/ba\/ai-rizici-informacijska-sigurnost-iso-27001\/\" \/>\n<meta property=\"og:locale\" content=\"bs_BA\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Your Team Is Already Using AI \u2014 How's your Information Security?\" \/>\n<meta property=\"og:description\" content=\"AI risks to information security are real \u2014 and already in your organisation. Learn how ISO 27001 helps you manage them before regulations force your hand.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/consalta.ba\/ba\/ai-rizici-informacijska-sigurnost-iso-27001\/\" \/>\n<meta property=\"og:site_name\" content=\"Consalta\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-22T21:15:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-24T16:45:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"440\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"OJB\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"OJB\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minuta\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/\"},\"author\":{\"name\":\"OJB\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#\\\/schema\\\/person\\\/b8449ee47559258a18597f3b91629afc\"},\"headline\":\"Your Team Is Already Using AI \u2014 Is Your Information Security Keeping Up?\",\"datePublished\":\"2026-03-22T21:15:58+00:00\",\"dateModified\":\"2026-03-24T16:45:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/\"},\"wordCount\":1422,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/consalta.ba\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/AI-Black-Box.jpg\",\"keywords\":[\"AI risks\",\"EU AI Act\",\"information security\",\"ISO 27001\",\"ISO 42001\",\"Shadow AI\"],\"articleSection\":[\"data protection\",\"Privacy\",\"Regulation\"],\"inLanguage\":\"bs-BA\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/\",\"url\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/\",\"name\":\"Your Team Is Already Using AI \u2014 How's your Information Security?\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/consalta.ba\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/AI-Black-Box.jpg\",\"datePublished\":\"2026-03-22T21:15:58+00:00\",\"dateModified\":\"2026-03-24T16:45:26+00:00\",\"description\":\"AI risks to information security are real \u2014 and already in your organisation. Learn how ISO 27001 helps you manage them before regulations force your hand.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#breadcrumb\"},\"inLanguage\":\"bs-BA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"bs-BA\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#primaryimage\",\"url\":\"https:\\\/\\\/consalta.ba\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/AI-Black-Box.jpg\",\"contentUrl\":\"https:\\\/\\\/consalta.ba\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/AI-Black-Box.jpg\",\"width\":440,\"height\":600,\"caption\":\"AI risks information security \u2014 managing artificial intelligence risks within an ISO 27001 framework\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/ai-risks-information-security-iso-27001\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/consalta.ba\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Regulation\",\"item\":\"https:\\\/\\\/consalta.ba\\\/ba\\\/category\\\/regulation\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Your Team Is Already Using AI \u2014 Is Your Information Security Keeping Up?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/consalta.ba\\\/en\\\/\",\"name\":\"Consalta\",\"description\":\"Get Certified!\",\"publisher\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/consalta.ba\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"bs-BA\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#organization\",\"name\":\"Consalta\",\"url\":\"https:\\\/\\\/consalta.ba\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"bs-BA\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/consalta.ba\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/Logo-getcert-2024_transpback_blue-black.png\",\"contentUrl\":\"https:\\\/\\\/consalta.ba\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/Logo-getcert-2024_transpback_blue-black.png\",\"width\":\"617\",\"height\":\"90\",\"caption\":\"Consalta\"},\"image\":{\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/ba.linkedin.com\\\/company\\\/consalta-d.o.o.\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/consalta.ba\\\/en\\\/#\\\/schema\\\/person\\\/b8449ee47559258a18597f3b91629afc\",\"name\":\"OJB\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"bs-BA\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/69c0cb70266add0c68274346f544f85223697fb0959d7a797c6a99b8e6babcba?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/69c0cb70266add0c68274346f544f85223697fb0959d7a797c6a99b8e6babcba?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/69c0cb70266add0c68274346f544f85223697fb0959d7a797c6a99b8e6babcba?s=96&d=mm&r=g\",\"caption\":\"OJB\"},\"sameAs\":[\"https:\\\/\\\/consalta.ba\"],\"url\":\"https:\\\/\\\/consalta.ba\\\/ba\\\/author\\\/admin_8k999oh2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Your Team Is Already Using AI \u2014 How's your Information Security?","description":"AI rizici informacijske sigurnosti su stvarni i ve\u0107 u va\u0161oj organizaciji. Pogledajte kako vam ISO 27001 mo\u017ee pomo\u0107i prije nego regulativa to zahtjeva od vas.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/consalta.ba\/ba\/ai-rizici-informacijska-sigurnost-iso-27001\/","og_locale":"bs_BA","og_type":"article","og_title":"Your Team Is Already Using AI \u2014 How's your Information Security?","og_description":"AI risks to information security are real \u2014 and already in your organisation. Learn how ISO 27001 helps you manage them before regulations force your hand.","og_url":"https:\/\/consalta.ba\/ba\/ai-rizici-informacijska-sigurnost-iso-27001\/","og_site_name":"Consalta","article_published_time":"2026-03-22T21:15:58+00:00","article_modified_time":"2026-03-24T16:45:26+00:00","og_image":[{"width":440,"height":600,"url":"https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg","type":"image\/jpeg"}],"author":"OJB","twitter_card":"summary_large_image","twitter_misc":{"Written by":"OJB","Est. reading time":"7 minuta"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#article","isPartOf":{"@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/"},"author":{"name":"OJB","@id":"https:\/\/consalta.ba\/en\/#\/schema\/person\/b8449ee47559258a18597f3b91629afc"},"headline":"Your Team Is Already Using AI \u2014 Is Your Information Security Keeping Up?","datePublished":"2026-03-22T21:15:58+00:00","dateModified":"2026-03-24T16:45:26+00:00","mainEntityOfPage":{"@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/"},"wordCount":1422,"commentCount":0,"publisher":{"@id":"https:\/\/consalta.ba\/en\/#organization"},"image":{"@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#primaryimage"},"thumbnailUrl":"https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg","keywords":["AI risks","EU AI Act","information security","ISO 27001","ISO 42001","Shadow AI"],"articleSection":["data protection","Privacy","Regulation"],"inLanguage":"bs-BA","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/","url":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/","name":"Your Team Is Already Using AI \u2014 How's your Information Security?","isPartOf":{"@id":"https:\/\/consalta.ba\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#primaryimage"},"image":{"@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#primaryimage"},"thumbnailUrl":"https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg","datePublished":"2026-03-22T21:15:58+00:00","dateModified":"2026-03-24T16:45:26+00:00","description":"AI rizici informacijske sigurnosti su stvarni i ve\u0107 u va\u0161oj organizaciji. Pogledajte kako vam ISO 27001 mo\u017ee pomo\u0107i prije nego regulativa to zahtjeva od vas.","breadcrumb":{"@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#breadcrumb"},"inLanguage":"bs-BA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/"]}]},{"@type":"ImageObject","inLanguage":"bs-BA","@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#primaryimage","url":"https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg","contentUrl":"https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg","width":440,"height":600,"caption":"AI risks information security \u2014 managing artificial intelligence risks within an ISO 27001 framework"},{"@type":"BreadcrumbList","@id":"https:\/\/consalta.ba\/ai-risks-information-security-iso-27001\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/consalta.ba\/en\/"},{"@type":"ListItem","position":2,"name":"Regulation","item":"https:\/\/consalta.ba\/ba\/category\/regulation\/"},{"@type":"ListItem","position":3,"name":"Your Team Is Already Using AI \u2014 Is Your Information Security Keeping Up?"}]},{"@type":"WebSite","@id":"https:\/\/consalta.ba\/en\/#website","url":"https:\/\/consalta.ba\/en\/","name":"Consalta","description":"Obezbijedite certifikat!","publisher":{"@id":"https:\/\/consalta.ba\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/consalta.ba\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"bs-BA"},{"@type":"Organization","@id":"https:\/\/consalta.ba\/en\/#organization","name":"Consalta","url":"https:\/\/consalta.ba\/en\/","logo":{"@type":"ImageObject","inLanguage":"bs-BA","@id":"https:\/\/consalta.ba\/en\/#\/schema\/logo\/image\/","url":"https:\/\/consalta.ba\/wp-content\/uploads\/2024\/11\/Logo-getcert-2024_transpback_blue-black.png","contentUrl":"https:\/\/consalta.ba\/wp-content\/uploads\/2024\/11\/Logo-getcert-2024_transpback_blue-black.png","width":"617","height":"90","caption":"Consalta"},"image":{"@id":"https:\/\/consalta.ba\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/ba.linkedin.com\/company\/consalta-d.o.o."]},{"@type":"Person","@id":"https:\/\/consalta.ba\/en\/#\/schema\/person\/b8449ee47559258a18597f3b91629afc","name":"OJB","image":{"@type":"ImageObject","inLanguage":"bs-BA","@id":"https:\/\/secure.gravatar.com\/avatar\/69c0cb70266add0c68274346f544f85223697fb0959d7a797c6a99b8e6babcba?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/69c0cb70266add0c68274346f544f85223697fb0959d7a797c6a99b8e6babcba?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/69c0cb70266add0c68274346f544f85223697fb0959d7a797c6a99b8e6babcba?s=96&d=mm&r=g","caption":"OJB"},"sameAs":["https:\/\/consalta.ba"],"url":"https:\/\/consalta.ba\/ba\/author\/admin_8k999oh2\/"}]}},"rttpg_featured_image_url":{"full":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg",440,600,false],"landscape":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg",440,600,false],"portraits":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg",440,600,false],"thumbnail":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box-150x150.jpg",150,150,true],"medium":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box-220x300.jpg",220,300,true],"large":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg",440,600,false],"1536x1536":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg",440,600,false],"2048x2048":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box.jpg",440,600,false],"trp-custom-language-flag":["https:\/\/consalta.ba\/wp-content\/uploads\/2026\/03\/AI-Black-Box-9x12.jpg",9,12,true]},"rttpg_author":{"display_name":"OJB","author_link":"https:\/\/consalta.ba\/ba\/author\/admin_8k999oh2\/"},"rttpg_comment":0,"rttpg_category":"<a href=\"https:\/\/consalta.ba\/ba\/category\/data-protection\/\" rel=\"category tag\">data protection<\/a> <a href=\"https:\/\/consalta.ba\/ba\/category\/privacy\/\" rel=\"category tag\">Privacy<\/a> <a href=\"https:\/\/consalta.ba\/ba\/category\/regulation\/\" rel=\"category tag\">Regulation<\/a>","rttpg_excerpt":"Your employees are already using AI tools \u2014 whether you've approved them or not. From data leakage to shadow AI, the risks are real but manageable. Here's what companies in Bosnia and Herzegovina need to know, whether they already have an ISMS or are just getting started.","_links":{"self":[{"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/posts\/3186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/comments?post=3186"}],"version-history":[{"count":27,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/posts\/3186\/revisions"}],"predecessor-version":[{"id":3217,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/posts\/3186\/revisions\/3217"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/media\/3196"}],"wp:attachment":[{"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/media?parent=3186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/categories?post=3186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/consalta.ba\/ba\/wp-json\/wp\/v2\/tags?post=3186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}