ISO 42001 is the first international standard establishing requirements for an artificial intelligence management system (AIMS).
ISO/IEC 42001:2023 defines requirements for establishing, implementing, maintaining and improving an AI management system within an organization. It addresses governance, algorithmic risk management, traceability and responsible AI use.
Follows the harmonized high-level structure (HLS), facilitating integration with ISO 27001, ISO 9001 and other management system standards.
Requires conducting algorithmic impact assessments considering effects on people, organizations and society.
Provides an auditable framework that facilitates compliance with the EU AI Act and other emerging AI regulations.
Any organization that develops, provides or uses AI systems. It is especially relevant for companies operating in regulated markets or handling sensitive data with algorithmic models.
No. ISO 42001 addresses AI governance while ISO 27001 covers information security. They are complementary and can be integrated thanks to their shared Annex SL structure.
ISO 42001 provides an auditable management framework that facilitates demonstrating compliance with EU AI Act requirements. It is not a direct equivalence, but covers most controls required for high-risk systems.
Assessment within 72 business hours. ISO methodology. No ties to certification bodies.
Request diagnosis