Enterprises are shipping AI into products faster than they can govern it, and the people who buy from them have noticed. Procurement teams, regulators, and boards now ask a question that did not exist three years ago: can you prove your AI is managed responsibly?
ISO 42001 is the answer the market is converging on. Published in December 2023 as ISO/IEC 42001, it is the first international standard for an artificial intelligence management system, or AIMS — a structured, auditable way to govern how an organization develops, provides, and uses AI. Where ISO 27001 certifies that you manage information security, ISO 42001 certifies that you manage AI: its risks, its impact on the people it touches, and its behavior across the full lifecycle. Certification is issued by an accredited body, lasts three years, and is already held by AWS, Anthropic, and Microsoft.
This guide covers what ISO 42001 is, the clause requirements, the 38 Annex A controls, how it differs from and builds on ISO 27001, and what certification actually costs and takes.
TL;DR
- ISO/IEC 42001:2023 is the first AI management system (AIMS) standard, published December 2023 by ISO and IEC.
- It uses ISO's Harmonized Structure (clauses 4 to 10), so it integrates cleanly with ISO 27001 and other management systems.
- Annex A defines 38 controls grouped into nine areas (A.2 to A.10), covering AI policy, impact assessment, the AI lifecycle, and data governance.
- Certification runs a Stage 1 and Stage 2 audit, is valid for three years, and carries annual surveillance audits.
- Cost typically lands between $20,000 and $60,000, with a timeline of four to nine months — shorter if you already hold ISO 27001.
What ISO 42001 Is
ISO 42001 is an international standard, published jointly by ISO and the IEC, that specifies the requirements for an artificial intelligence management system. Its full title is Information technology — Artificial intelligence — Management system, and it carries the edition date of 18 December 2023.
A management system is not a technical control or a model test. It is the set of policies, roles, processes, and controls through which an organization consistently governs an activity — in this case, the responsible development, provision, and use of AI. If you have seen ISO 9001 for quality or ISO 27001 for information security, ISO 42001 is the same machinery pointed at AI. It does not tell you which model to use or dictate a fairness threshold. It requires that you have a deliberate, documented, and continually improving system for deciding those things and for catching them when they go wrong.
That distinction matters because most AI governance today is a slide deck and a set of good intentions. ISO 42001 turns responsible AI into something an external auditor can examine: defined accountability, a live AI risk process, impact assessments on real systems, and evidence that the whole thing operates rather than merely exists on paper.
The standard applies to any organization that develops, provides, or uses AI — a model vendor, a SaaS company embedding a third-party LLM, or a bank running an internal credit model all fall in scope. The AIMS covers the AI systems you choose to bring inside its boundary, not every algorithm you have ever written.
Why ISO 42001 Matters Now
Three forces are pulling ISO 42001 from "nice to have" toward "expected."
Regulation is arriving. The EU AI Act entered into force in 2024 with obligations phasing in through 2026 and 2027. It does not name ISO 42001 as a shortcut to compliance, but it demands exactly the governance discipline the standard formalizes: risk management, documentation, human oversight, and post-market monitoring. Building an AIMS now is the most direct way to be ready for what regulators will ask.
Buyers are asking. Security questionnaires have started carrying AI-specific sections — how is the model trained, what data feeds it, who is accountable when it produces a harmful output. An accredited certificate answers those questions once, in a form procurement already trusts, instead of a bespoke essay per deal.
It is a differentiator while it is still early. The certified population is small and visible. AWS announced in November 2024 that it had become the first major cloud provider to earn accredited ISO 42001 certification. Anthropic followed in January 2025 as one of the first frontier AI labs to certify, and Microsoft has certified across products including GitHub Copilot and Microsoft 365 Copilot. For a company selling AI features into regulated buyers, being early carries weight that will fade as the certificate becomes table stakes.
ISO 42001 Requirements: Clauses 4 to 10
Like every modern ISO management system, ISO 42001 is written on the Harmonized Structure (the framework formerly called Annex SL). The certifiable requirements live in clauses 4 through 10; clauses 1 to 3 cover scope, references, and terminology. These are the ISO 42001 requirements an auditor tests:
- Clause 4 — Context of the organization. Define what your AIMS covers, who the interested parties are, and where the boundary of the AI management system sits.
- Clause 5 — Leadership. Top management owns the AI policy, assigns roles and accountability, and commits resources. Responsible AI cannot be delegated entirely to an engineering team.
- Clause 6 — Planning. Run an AI risk assessment and risk treatment, define AI objectives, and establish the AI system impact assessment process (more below).
- Clause 7 — Support. Provide the resources, competence, awareness, communication, and documented information the AIMS needs to function.
- Clause 8 — Operation. Actually run the processes: execute risk treatment, perform impact assessments, and manage the AI lifecycle in production.
- Clause 9 — Performance evaluation. Monitor and measure the AIMS, run internal audits, and hold management reviews.
- Clause 10 — Improvement. Handle nonconformities with corrective action and continually improve the system.
The pattern is Plan-Do-Check-Act, the same rhythm as ISO 27001. What is new is the subject matter: the risks are AI risks (bias, drift, opacity, misuse), and the objects being governed are AI systems over their lifecycle.
The AI System Impact Assessment
The requirement that sets ISO 42001 apart from an information-security standard is the AI system impact assessment. Clause 6.1.4 requires you to establish a process for assessing the consequences an AI system can have on individuals, groups, and society — not just on the organization. Clause 8.4 requires you to actually perform that assessment at planned intervals and whenever a system changes materially, and to retain the results. Annex A reinforces this through control objective A.5, "Assessing impacts of AI systems." In practice this is where fairness, safety, and human-rights considerations get documented and revisited, rather than assumed.
Standing up an AI management system without a year of internal churn is the hard part.
Drop your work email and we'll map your AI systems to the 38 controls and run the AIMS with you.
Annex A: The 38 AI Controls
Where clauses 4 to 10 define the management system, Annex A supplies the control catalogue. ISO 42001 Annex A lists 38 controls organized into nine control objectives, numbered A.2 through A.10. As with ISO 27001's Annex A, these are reference controls: you justify which apply through your risk and impact assessments and record the reasoning, rather than implementing all 38 blindly. The nine areas are:
- A.2 — Policies related to AI: establishing and reviewing the AI policy.
- A.3 — Internal organization: roles, responsibilities, and reporting of AI concerns.
- A.4 — Resources for AI systems: documenting the data, tooling, compute, and human resources an AI system depends on.
- A.5 — Assessing impacts of AI systems: the impact-assessment process on individuals and society.
- A.6 — AI system life cycle: responsible design, development, verification, and deployment.
- A.7 — Data for AI systems: data governance, quality, provenance, and preparation.
- A.8 — Information for interested parties: transparency and documentation for users and affected parties.
- A.9 — Use of AI systems: responsible and intended use, including monitoring in operation.
- A.10 — Third-party and customer relationships: allocating responsibility across the AI supply chain.
Three informative annexes support the controls. Annex B gives implementation guidance for each control. Annex C is an idea bank of AI-related organizational objectives and risk sources — bias, security, explainability, data quality — to feed your risk assessment. Annex D covers applying the AIMS across sectors and alongside other standards. You are certified against the clauses and Annex A; annexes B, C, and D are guidance, not requirements.
ISO 42001 vs ISO 27001
The most common question from teams that already have an information-security program is whether ISO 42001 duplicates ISO 27001. It does not, but it rhymes with it.
Both are Harmonized-Structure management systems, so they share clauses 4 to 10, the Statement-of-Applicability approach to Annex A, and the internal-audit and management-review machinery. That shared skeleton is why the two integrate cleanly — you can run combined internal audits, one governance forum, and a single documentation system. The difference is scope. ISO 27001 governs an information security management system: confidentiality, integrity, and availability of information. ISO 42001 governs an AI management system: the responsible behavior and impact of AI systems, including risks that have nothing to do with a data breach, such as biased outputs or unexplained decisions.
The practical upshot: if you already hold ISO 27001, you have done much of the load-bearing work — the risk methodology, the audit cadence, the leadership structure — and most organizations report the ISO 42001 effort shrinks by roughly a third to a half. If you are starting cold, expect to build that management-system foundation first. Our ISO 27001 controls list guide is a useful reference for how the Annex A logic works, since ISO 42001 reuses the same pattern.
How to Get ISO 42001 Certified
ISO 42001 certification follows the same accredited path as any ISO management system. The route looks like this:
- Gap analysis. Compare your current AI governance against the clauses and the 38 controls to find what is missing.
- Build the AIMS. Write the AI policy, define roles, stand up the AI risk and impact-assessment processes, and implement the applicable Annex A controls in your actual workflow — not just in a document.
- Operate and collect evidence. The system has to run long enough to produce records: completed impact assessments, risk treatments, and a management review.
- Internal audit and management review. Test the AIMS yourself and have leadership formally review it before an external auditor does.
- Stage 1 audit. An accredited certification body reviews your documentation and readiness — typically one to two days.
- Stage 2 audit. The auditor tests whether the AIMS actually operates as designed, sampling evidence across the controls.
- Certification and surveillance. On a clean result you receive a certificate valid for three years, with annual surveillance audits and a full recertification before it expires.
Choose an accredited certification body, not just any assessor — the accreditation is what makes the certificate recognized. The same principles we cover in choosing an accredited auditor for ISO 27001 apply here.
ISO 42001 Cost and Timeline
There is no standardized price for ISO 42001, so treat every figure as a range driven by your scope and starting point. Published estimates cluster around $20,000 to $60,000 for the certification effort — audit fees of roughly $5,000 to $20,000, plus consulting or internal build cost, with larger or multi-service scopes running higher and ongoing surveillance adding roughly 20 to 30 percent of the initial fee per year.
Timelines run about four to nine months. Organizations that already hold ISO 27001 frequently compress to four to six months because the management-system foundation already exists; teams starting from nothing should plan for the longer end. The biggest cost driver is not the audit — it is the internal time spent building and operating the AIMS before the auditor arrives. If you want to weigh that build-and-operate cost against a managed approach, you can calculate your compliance ROI.
ISO 42001, the EU AI Act, and NIST AI RMF
ISO 42001 does not exist in isolation, and understanding how it relates to the other AI governance instruments prevents a common misconception.
The EU AI Act. This is the point to be precise about: as of 2026, ISO 42001 is not a harmonized standard under the EU AI Act, so certification does not by itself grant a presumption of conformity. Presumption of conformity requires a European standard cited in the Official Journal of the EU, and the AI Act's harmonized standards are still being developed by CEN-CENELEC — including prEN 18286, the dedicated AI-management-system deliverable being aligned with ISO 42001. What ISO 42001 does give you is certifiable, third-party evidence of exactly the governance the Act demands, which is the strongest head start available today. Expect this status to change once the harmonized standards are published; reconfirm it at the point you rely on it.
NIST AI RMF. The NIST AI Risk Management Framework is a voluntary US framework built around four functions — Govern, Map, Measure, Manage. It is complementary, not competing, and it is not certifiable. Its functions map onto ISO 42001's requirements, so work done for the RMF carries directly into an ISO 42001 audit.
The ISO companions. ISO/IEC 23894 gives detailed guidance on the AI risk management that ISO 42001 requires, extending ISO 31000 to AI-specific risks. ISO/IEC 22989 supplies the shared AI vocabulary the standard relies on. Neither is certifiable; both make implementation easier.
Common Pitfalls to Avoid
- Treating the 38 controls as a checklist. Annex A is a reference set justified by your risk and impact assessments, not a shopping list to tick off. Auditors want the reasoning, not just the checkmarks.
- Scoping too broadly. You do not have to put every model in the AIMS on day one. A defensible, well-run scope beats an ambitious one you cannot evidence.
- Skipping the impact assessment. The AI system impact assessment (clauses 6.1.4 and 8.4) is the distinctive requirement. A generic risk register that ignores impact on individuals and society will not satisfy an auditor.
- Documenting without operating. A policy no one follows fails a Stage 2 audit. The system has to produce real records over time.
- Assuming it proves EU AI Act compliance. It strengthens your position substantially; it does not confer conformity today.
Conclusion
ISO 42001 takes responsible AI out of the slide deck and makes it something you can prove. It gives an organization a defined AI policy, a live risk and impact process, a catalogue of 38 controls to apply against real systems, and an accredited certificate that buyers and regulators already understand. For any company putting AI in front of customers, it is fast becoming the credential that answers the governance question before it is asked.
Konfirmity runs AI governance the way we run managed compliance for ISO 27001, SOC 2, and HIPAA: human-led and end-to-end. The team behind Konfirmity has supported more than 6,000 audits, and we apply that same operating model to your AIMS — building the system inside your stack, running the impact assessments, and collecting the evidence, so your team spends around seventy-five hours across the year instead of the hundreds it takes to do alone. The message for AI-driven companies is the same one that has always held: build the program once, operate it daily, and let the certificate follow.
Frequently Asked Questions
Is ISO 42001 certification mandatory?
No. ISO 42001 is a voluntary standard. No law currently requires it. It is increasingly requested by enterprise buyers and is the most direct way to demonstrate the AI governance that regulations like the EU AI Act expect.
How long does ISO 42001 certification last?
The certificate is valid for three years, with annual surveillance audits in the interim and a full recertification audit before it expires — the same lifecycle as ISO 27001 and ISO 9001.
How is ISO 42001 different from the NIST AI RMF?
The NIST AI RMF is a voluntary, non-certifiable US framework of best practices. ISO 42001 is an international standard you can be independently certified against. They are complementary: RMF work feeds directly into an ISO 42001 audit.
Do I need ISO 27001 before ISO 42001?
No, it is not a prerequisite. But because both share the same management-system structure, holding ISO 27001 typically cuts the ISO 42001 effort by roughly a third to a half.
Does ISO 42001 make me compliant with the EU AI Act?
Not on its own. As of 2026 it is not a harmonized standard under the Act, so it does not grant a presumption of conformity. It does provide strong, certifiable evidence of the governance the Act requires, which is the best preparation available today.




