The four principles of responsible AI most widely cited in 2026 are fairness, accountability, transparency and reliability/safety. They appear, with minor wording variations, across the OECD AI Principles, the Microsoft Responsible AI Standard, the Google AI Principles, the NIST AI Risk Management Framework, and India's NITI Aayog #AIForAll document. In an audit, each principle is not a slogan — it is a row in the evidence register, scored on whether you have a written policy, a measurable control, and a recurring review.
- Responsible AI
- An umbrella term for the design, development and deployment of AI systems in a way that is fair, accountable, transparent, and safe — implemented through specific operational controls rather than principle statements alone.
- Fairness, accountability, transparency, reliability/safety — the FATR set.
- Each principle maps to ISO 42001 Annex A controls and to the NIST AI RMF functions.
- An auditor reads each principle as a policy + a control + an evidence record. Missing any of the three = finding.
- India's NITI #AIForAll adds three more: inclusivity, privacy, and protection of human values. Treat them as the fifth, sixth and seventh pillars.
- "We follow responsible AI principles" with no measurable controls is, in 2026, audit theatre.
The four principles, with audit treatment
1. Fairness
What it means: the system does not produce systematically different outcomes across protected groups in ways that are unjustified by the legitimate purpose. Importantly: "fair" is not a single metric. Demographic parity, equal opportunity, equalised odds, predictive parity — these are mathematically distinct definitions and they can conflict. Choose your definition, document it, defend it.
In an audit: the auditor expects a written fairness policy, a chosen metric, a threshold, a sampling methodology, and a remediation log. Mapped to ISO 42001 Annex A.6 (impact assessment) and A.8 (data for AI systems).
2. Accountability
What it means: a named human or governance body is answerable for the system's behaviour, can be contacted by affected users, and can compel remediation.
In an audit: the auditor expects an organisational chart with named owners for each production AI system, a documented escalation path, and a record of decisions taken at the AI governance forum (quarterly minimum). Mapped to ISO 42001 Clause 5 (leadership) and Annex A.3 (roles and responsibilities).
3. Transparency
What it means: stakeholders — users, regulators, internal oversight — can understand what the system does, what data it uses, and the basis for its decisions, at a level appropriate to their role.
In an audit: the auditor expects model cards, datasheets for training data, user-facing disclosures, and an internal documentation portal. Mapped to ISO 42001 Annex A.7 (information for interested parties) and the OECD AI Principle of transparency and explainability. [OECD AI Principles 2019, updated 2024]
4. Reliability and safety
What it means: the system performs as intended under expected conditions, degrades gracefully under unexpected conditions, and does not produce harm to users or third parties.
In an audit: the auditor expects a risk register (see our AI risk assessment template), drift-monitoring evidence, an incident-response runbook, and red-team reports. Mapped to ISO 42001 Annex A.6, A.10 (incident response) and the NIST AI RMF "Manage" function.
The Indian extension — NITI Aayog's additions
India's NITI Aayog #AIForAll document adds three principles that matter specifically for Indian deployment context: inclusivity (language, accessibility, vulnerable populations), privacy and security, and protection and reinforcement of positive human values. The first is the most operationally consequential — most Western-built AI fails it on Indian rollouts and only finds out at scale.
How the four principles cash out into your AIMS
- Policy layer — board-ratified statement covering all four (and the NITI extensions where relevant).
- Control layer — at least one measurable control per principle, with a named owner and a review cadence.
- Evidence layer — dated artefacts: fairness reports, incident logs, model cards, governance forum minutes.
- Improvement layer — quarterly review where measured controls feed back into policy and control updates.
This four-layer structure is exactly what ISO 42001 demands, what the NIST AI RMF recommends, and what an enterprise procurement team is checking when they ask "do you do responsible AI?". For the full audit treatment, see /ai-audit or our companion essay on ISO 42001 certification in India.
What the principles will not do
They will not tell you whether to build a particular AI product. They will not choose between conflicting fairness definitions for you. They will not adjudicate between safety and capability when those trade off. Those are leadership decisions that the principles frame but do not resolve. The point of the principles is to make the trade-offs visible and the decision-makers accountable — not to pretend the trade-offs don't exist.
Frequently asked
- What are the four principles of responsible AI?
- Fairness, accountability, transparency, and reliability/safety — the FATR set. They appear with minor wording variations across OECD AI Principles, Microsoft Responsible AI Standard, Google AI Principles, NIST AI RMF, and India's NITI Aayog #AIForAll.
- Are there five principles or seven principles of responsible AI?
- Different bodies count differently. NIST lists seven trustworthy-AI characteristics; NITI Aayog lists seven principles. The four-principle set is the smallest framework an auditor can score unambiguously. Start with four, layer the others as the AIMS matures.
- How does an auditor check that a principle is being followed?
- By looking for three artefacts per principle: a written policy, a measurable control, and a recurring evidence record. Missing any of the three is a finding. 'We follow responsible AI principles' with no measurable controls fails audit.
- What is the difference between fairness and bias?
- Bias is the technical phenomenon — systematic difference in outputs across groups. Fairness is the normative judgement that those differences are unjustified given the system's legitimate purpose. A model can be unbiased on one metric and unfair on another.
Score your AI on the four principles in one audit.
The automated audit returns a per-principle score with the evidence each one is missing. Free preview, ₹799 for the full audit.
Dr. Nitnem Singh Sodhi is a Lead Auditor for ISO/IEC 42001, 27001 and 27701, accredited by ANSI/ABICB since March 2025.
— Bharat NeuroTech · /dr-sodhi