Information Technology Standards Summary – May 2025 Monthly Overview (Part 2 of 7)

Looking back at May 2025, the landscape of Information Technology and Office Equipment standardization was significantly shaped by the publication of five notable international standards. These documents reflect the sector’s evolving priorities—spanning digital identity, biometric security, health data quality, artificial intelligence impact assessment, and data interoperability for machine learning. The breadth of topics attests to a growing drive toward greater security, transparency, and interoperability in digital infrastructure. For IT professionals, quality managers, compliance officers, and other industry stakeholders, this overview delivers essential analysis and context to help navigate the month’s most impactful standardization developments.

Monthly Overview: May 2025

May 2025 saw the release of five prominent standards under the Information Technology banner. A close evaluation of these publications reveals a common thrust towards robust digital identity management, responsible deployment of artificial intelligence (AI), assurance of interoperability in both health and geospatial data, and the introduction of conformance testing for next-generation biometric applications. Compared to more routine publication cycles, this month emphasized both fundamental and emerging technologies, reflecting the industry’s focus on digital trust, data harmonization, and responsible AI.

This month’s standards collectively signal the sector’s commitment to integrating security, privacy, and transparency into the foundational architecture of digital services. The attention to biometric comparison, mDL add-ons, and AI impact assessment demonstrates the sector’s responsiveness to current societal and regulatory demands. Health informatics and geospatial data advancements highlight the critical intersection between IT and domain-specific requirements.

Standards Published This Month

ISO/IEC 18584-2:2025 – Test Methods for On-Card Biometric Comparison Applications – Part 2: Work-Sharing Mechanism

Information technology – Test methods for on-card biometric comparison applications – Part 2: Work-sharing mechanism

Published in May 2025, ISO/IEC 18584-2:2025 established conformance testing procedures for the work-sharing mechanisms specified in ISO/IEC 24787-2. This standard focuses on verifying the proper division of biometric comparison tasks between on-card and external systems without directly assessing algorithmic performance, such as error rates or speed.

The standard defines clear test environments, cases, and reporting requirements for evaluating how integrated circuit cards (ICCs) handle the collaborative (work-sharing) comparison of biometric data—critical in highly secure identification and authentication scenarios. By formalizing these test methods, ISO/IEC 18584-2:2025 supports implementers aiming for reliable biometric verification, particularly where sensitive credentials reside directly on the card, and the biometric reference never leaves the secure boundary.

Who should comply? Organizations involved in the development, testing, and deployment of secure identification solutions, especially vendors and authentication providers integrating biometric comparison on smart cards, payment systems, and secure access devices.

Broader landscape: This document complements an evolving suite of standards around card-based biometrics and is pivotal for compliance and procurement specifications in regulated sectors, including finance, government identification, and secure facility access.

Key highlights:

• Establishes comprehensive test methods for work-sharing biometric comparison in ICCs
• Focuses on conformance rather than algorithm performance evaluation
• Ensures secure biometric processing by preventing biometric reference data leakage

Access the full standard:View ISO/IEC 18584-2:2025 on iTeh Standards

ISO/IEC TS 18013-7:2025 – Mobile Driving Licence (mDL) Add-On Functions

Personal identification – ISO-compliant driving licence – Part 7: Mobile driving licence (mDL) add-on functions

ISO/IEC TS 18013-7:2025 was released as a technical specification enriching the mobile driving licence (mDL) standard (previously outlined in ISO/IEC 18013-5) with critical add-on features—most notably, enabling the remote presentation of a digital driving licence over the internet.

This specification details data structures, models, and secure communication protocols for mDLs, ensuring verifiers can request, receive, and validate mDLs with robust integrity and authenticity safeguards, irrespective of their association with the issuing authority. The standard covers device and web-based retrieval, leveraging technologies such as OpenID for Verifiable Presentations (OID4VP) and Digital Credentials APIs for interoperability. Security mechanisms to ensure data confidentiality and selective data sharing are also specified.

Who benefits? Public authorities, private service providers, payment and authentication solution vendors, and systems integrators facilitating digital identity solutions, especially those implementing mDLs for citizen or customer identification.

Contextual importance: This edition responds to the accelerating adoption of digital identity and the increasing need for secure, verifiable credentials that operate seamlessly across devices and platforms, especially for remote and cross-jurisdictional transactions.

Key highlights:

• Introduces internet-based remote presentation for mDLs
• Specifies interoperability with web and API-based digital credential retrieval
• Bolsters identity data protection and user-controlled data sharing

Access the full standard:View ISO/IEC TS 18013-7:2025 on iTeh Standards

ISO 21564:2025 – Health Informatics – Terminology Resource Map Quality Measures and Requirements (MapQual)

Health informatics – Terminology resource map quality measures and requirements (MapQual)

Released in late May 2025, ISO 21564:2025 focuses on improving the quality and utility of maps created to bridge terminological systems within health informatics. As patient data traverse varied clinical and administrative systems using different coding standards (like SNOMED CT, LOINC, ICD-10), reliable mapping is essential for continuity, safety, and analytics.

The standard details determinants of map quality (such as semantic structure, equivalence, documentation, validity, and governance), along with conformance levels appropriate for various healthcare use cases—from direct patient care to administrative planning. It provides a foundation for quantifying map quality and defines required processes for map development, validation, governance, and maintenance.

Targeted at: Health IT vendors, clinical data managers, healthcare providers, procurement officers, and anyone charged with harmonizing health data across terminological boundaries.

Industry positioning: ISO 21564:2025 is a critical addition for global healthcare organizations, supporting data safety, regulatory compliance, and interoperability initiatives, especially as electronic health record usage expands internationally.

Key highlights:

• Defines measurable requirements and processes for high-quality terminology mapping
• Addresses both technical and organizational determinants of map quality
• Supports safe, reliable health data transfer for clinical and administrative needs

Access the full standard:View ISO 21564:2025 on iTeh Standards

ISO/IEC 42005:2025 – Artificial Intelligence (AI) System Impact Assessment

Information technology – Artificial intelligence (AI) – AI system impact assessment

In tandem with increasing regulatory expectations and societal debate over AI deployment, ISO/IEC 42005:2025 arrived as a foundational guidance document for performing AI system impact assessments. This international standard guides organizations through the structured evaluation of potential positive and negative impacts AI systems may have on individuals, groups, and society at large.

The standard covers:

• When and how to perform impact assessments throughout the AI system lifecycle
• Documentation requirements and integration with risk management frameworks (such as those outlined in ISO/IEC 23894 and 42001)
• Considerations for stakeholder engagement, approval processes, and ongoing monitoring

ISO/IEC 42005:2025 emphasizes transparency, trustworthiness, and the prevention of adverse consequences (such as bias, discrimination, or legal non-compliance) in AI implementations.

Intended users: Organizations developing, deploying, or procuring AI systems across all sectors. The guidance applies regardless of organization size, maturity, or industry.

Relevance in the regulatory landscape: This standard is timely, given the global trend toward mandatory impact assessments for high-risk AI use and increasing scrutiny of AI ethics, governance, and accountability.

Key highlights:

• Outlines standard process for AI system impact assessment and documentation
• Supports integration with organizational risk and compliance processes
• Addresses direct and indirect societal effects, supporting trustworthy AI

Access the full standard:View ISO/IEC 42005:2025 on iTeh Standards

ISO 19178-1:2025 – Geographic Information – Training Data Markup Language for Artificial Intelligence – Part 1: Conceptual Model

Geographic information – Training data markup language for artificial intelligence – Part 1: Conceptual model

ISO 19178-1:2025, published at the end of May, delivers a conceptual UML-based framework for representing Earth Observation (EO) training data in AI and machine learning workflows. The standard maximizes interoperability and utility for EO imagery by providing a unified model for data, encompassing supervised learning tasks ranging from scene-level to pixel-level labelling.

Crucially, the standard also requires comprehensive metadata around permanent identifiers, versioning, licensing, data size, quality, provenance, and annotation processes. This level of detail facilitates the creation, sharing, and reuse of high-quality training datasets—an increasingly critical need as AI-driven analysis of satellite and geospatial imagery expands in governmental, commercial, and research settings.

Who should focus on this? Agencies, organizations, and developers involved in geospatial AI/ML, Earth Observation data curation, and AI model training requiring consistent, interoperable training data annotation.

Within the standards ecosystem: This conceptual model forms the bedrock for future standardization of training data markup languages, enhancing reproducibility and collaboration in remote sensing and AI research.

Key highlights:

• Sets the reference conceptual model for AI/ML training data in Earth Observation imagery
• Specifies data elements, quality metrics, and provenance details for robust dataset documentation
• Facilitates data sharing, reuse, and interoperability between organizations and research initiatives

Access the full standard:View ISO 19178-1:2025 on iTeh Standards

Common Themes and Industry Trends

A review of May 2025 publications reveals several key trends across the Information Technology sector:

• Digital Identity and Biometric Security: The converging themes in ISO/IEC 18584-2:2025 and ISO/IEC TS 18013-7:2025 highlight the sector’s movement towards advanced digital identity frameworks, secure biometric authentication mechanisms, and user-controlled digital credentials, with an eye on both accessibility and privacy.
• Responsible and Trustworthy AI: ISO/IEC 42005:2025 represents a concerted industry response to mounting calls for responsible AI governance. AI’s societal impact—both intended and unintended—is an increasing focus, driving the need for documented, auditable assessment processes.
• Interoperability and Data Quality: Both ISO 21564:2025 and ISO 19178-1:2025 foreground interoperability and data quality, emphasizing robust modeling, mapping, and documentation to ensure reliable data exchange—whether in health, geospatial, or AI training contexts.
• Regulatory Alignment: Collectively, these standards equip organizations to meet growing regulatory scrutiny, especially around digital credentials, privacy, and risk in AI adoption.
• Sectoral Cross-Pollination: The presence of health informatics and geospatial standards within the core IT standardization cycle illustrates the sector’s cross-disciplinary reach and the essential role of IT in enabling complex, domain-specific solutions.

Compliance and Implementation Considerations

For professionals and organizations affected by these standards, the following steps are critical:

1. Gap Assessment: Review existing processes and systems against the specifications and requirements introduced in these documents, particularly for biometric-enabled applications, AI deployments, and data interoperability solutions.
2. Prioritize High-Impact Standards: Focus on early adoption of AI impact assessment frameworks (ISO/IEC 42005:2025), as regulatory pressure is likely to increase. Organizations integrating digital credentials or using health/geospatial data should closely study new mapping and training data models.
3. Integration and Documentation: Ensure that new requirements for conformance testing, documentation, and process transparency are addressed throughout solution development and lifecycle management.
4. Stakeholder Training: Promote understanding within design, compliance, and operations teams for the enhanced risk, ethical, and technical requirements these standards impose.
5. Utilize Official Resources: Access the full text of the standards via platforms like iTeh Standards to guide compliance and implementation decisions.

Timelines and Guidance:

• Immediate attention may be needed in sectors likely to undergo external audits, regulatory review, or involve sensitive personal data.
• Assess upcoming EU or national digital ID and AI legislation for alignment with these international specifications.
• Leverage annexes and informative content within standards for practical templates and real-world examples.

Conclusion: Key Takeaways from May 2025

The Information Technology sector’s May 2025 standards output reflects the industry’s most current priorities: enhancing security in biometric and digital ID, undertaking responsible and transparent AI adoption, and reinforcing the foundations of data interoperability in healthcare and geospatial environments. The standards issued during this period deliver a robust framework for organizations to:

• Prove compliance and readiness in regulated domains (ISO/IEC 18584-2:2025, ISO/IEC TS 18013-7:2025)
• Support quality, safety, and interoperability in health and AI research (ISO 21564:2025, ISO 19178-1:2025)
• Respond proactively to emerging legal and social obligations around AI deployment (ISO/IEC 42005:2025)

Recommendations for professionals: Assess these standards’ impact on your organization’s risk, compliance, and innovation strategies. Stay vigilant for future updates and related publications, especially as digital identity, AI governance, and cross-domain data integration evolve.

For comprehensive details and compliance resources, explore each standard directly on iTeh Standards via the provided links. Staying up-to-date with standards is not just best practice—it is essential for responsible innovation, risk mitigation, and long-term success in the dynamic information technology landscape.