Latest News
View all →Our Vision
AISML (AI Security Management Lab) combines electrical engineering research, ISO international audit practices, and government policy resources to help enterprises align their industrial expertise with international compliance requirements. We provide ISO certification and consulting, government grant applications, and industry-academia collaboration services, enabling businesses to build the technical and institutional foundations for digital transformation at a reasonable cost.
Core Services
ISO Certification & Consulting
AI, Information Security & Data Protection
Led by an ISO 42001 Lead Auditor, we provide full-scope consulting for ISO 42001 / 27001 / 27701 certification, from gap analysis to achieving certification, helping enterprises enter international supply chains.
Government Grants
SBIR, SIIR, CITD, TIIP
We help enterprises translate existing process optimizations into policy-recognized R&D proposals, incorporating cybersecurity and AI governance themes to improve grant review success rates.
Industry-Academia Collaboration
Grants + Tax Credits
Serving as your external R&D center through university partnerships, combined with up to 15% R&D tax credits under the Statute for Industrial Innovation. Grants plus tax savings to reduce your actual R&D costs.
Core Advantages
Auditor-Driven Compliance
Starting from ISO 42001 audit practices, we ensure systems comply with international certification logic from the development stage, reducing hidden costs of repeated revisions.
Business Meets Engineering
Combining EiMBA business acumen with PhD-level electrical engineering depth, we closely align engineering development goals with enterprise financial performance.
Deep Policy Navigation
Familiar with the scoring criteria of government grant programs, we help enterprises package everyday process improvements into policy-aligned R&D proposals.
Frequently Asked Questions
What is ISO 42001 and why do enterprises need it?▾
ISO 42001 is the world's first international standard for AI management systems, specifying how organizations should responsibly develop, deploy, and use AI technologies. Certification demonstrates AI governance capabilities to international clients and is an important prerequisite for advanced supply chain participation. AISML is led by an ISO 42001 Lead Auditor and offers services from gap analysis to certification.
How can SMEs apply for Taiwan government R&D grants like SBIR?▾
SBIR (Small Business Innovation Research) is administered by Taiwan's Ministry of Economic Affairs and provides up to NT$10 million in R&D funding. Enterprises submit proposals detailing research content, technical innovation, and market feasibility. AISML helps enterprises translate existing process optimizations into policy-recognized R&D language and improves review success rates through industry-academia collaboration.
Are industry-academia R&D expenses tax-deductible in Taiwan?▾
Yes. Under Article 10 of the Statute for Industrial Innovation, R&D expenditures from industry-academia collaboration with universities qualify for up to 15% corporate income tax credits. Combined with front-end government grants, this creates a dual benefit of subsidies plus tax savings, effectively reducing actual R&D expenditures.
Can traditional enterprises without IT departments achieve cybersecurity certification?▾
Absolutely. ISO 27001 Information Security Management System is designed to apply across all industries, not just ICT companies. AISML provides customized implementation pathways for non-ICT enterprises, from risk assessment to system establishment, helping businesses achieve international cybersecurity compliance at minimal cost.
What is the difference between ISO 42001 and ISO 27001?▾
ISO 27001 focuses on information security management, protecting information assets from disclosure, tampering, or disruption. ISO 42001 focuses on AI management, covering transparency, fairness, accountability, and risk control of AI systems. They are complementary: if an enterprise uses AI and handles sensitive data, planning both certifications together allows sharing the management framework and reducing redundant costs.
What is the difference between SBIR and CITD? How to choose?▾
SBIR (Small Business Innovation Research) is for innovative SMEs (typically under 10 employees) with grants up to NT$10 million. CITD (Conventional Industry Technology Development) targets traditional manufacturing upgrades with grants up to NT$5 million. Choose SBIR for innovation-driven businesses, CITD for existing manufacturing upgrades. AISML can help assess the best-fit program.
Do government R&D grants need to be repaid?▾
No. Government R&D grants (SBIR, CITD, SIIR) are subsidies, not loans. Once approved, funds are disbursed based on execution progress with no repayment required. However, enterprises must execute the R&D plan as proposed and submit completion reports. Partial clawback may occur if the plan is not executed as agreed.
How long does ISO certification take and what does it cost?▾
For ISO 27001, the typical timeline from kickoff to certification is 4-8 months, depending on company size and existing management maturity. Costs include consulting fees and certification body audit fees, commonly ranging NT$300,000-800,000 for SMEs. AISML offers free preliminary assessments to help enterprises understand the required investment and expected timeline.
Contact Us
Principal Investigator: En-Cheng Liou, Ph.D.
Background: Assistant Professor, Dept. of Electrical Engineering, MCUT / ISO 42001 Lead Auditor / NTU EiMBA
Key Services: AI Governance & Certification, Cybersecurity Compliance, Government R&D Grant Planning, Industry-Academia Collaboration
Location: Department of Electrical Engineering, Ming Chi University of Technology (MCUT), Room EE331