Konfirmity

ISO 42001 vs ISO 27001: How the AI and Security Standards Compare

Niranjan Rajendran

Niranjan Rajendran

2026-07-10

ISO 42001 vs ISO 27001: How the AI and Security Standards Compare

ISO 42001 vs ISO 27001 reads like a versus matchup, but it is the wrong framing if you take it as either/or. ISO 27001 certifies that you manage information security. ISO 42001 certifies that you govern artificial intelligence responsibly. They are built on the same management-system skeleton, they overlap by roughly two-thirds, and they are designed to run together. For a company that both handles sensitive data and ships AI, the honest answer is usually both, in that order.

The two get confused because they look alike on paper: the same clause structure, the same Annex A pattern, the same three-year certification cycle. What they govern is different. This comparison walks through what each standard actually covers, where the 38 AI controls and the 93 information-security controls overlap, what ISO 42001 adds that no security standard touches, and how to certify both as a single program rather than two.

TL;DR

  • ISO/IEC 27001:2022 governs an information security management system with 93 Annex A controls in four themes; ISO/IEC 42001:2023 governs an AI management system with 38 controls across nine objectives (A.2 to A.10).
  • Both use ISO's Harmonized Structure (clauses 4 to 10), so they share the same leadership, risk, audit, and improvement machinery.
  • If you already hold ISO 27001, roughly 60 to 70 percent of the ISO 42001 foundation is already built.
  • ISO 42001 adds requirements no infosec standard covers: AI system impact assessment, algorithmic bias, transparency, and human oversight.
  • The efficient path is one integrated management system audited against both standards, not two parallel programs.

ISO 42001 vs ISO 27001: What Each Standard Governs

Start with purpose, because everything else follows from it.

ISO 27001 is the international standard for an information security management system, or ISMS. Its job is to protect the confidentiality, integrity, and availability of information, whether that information is customer data, source code, or internal records. The current edition, ISO/IEC 27001:2022, is the version auditors certify against today, and it is the credential most enterprise buyers already ask for. If you want the ground floor, our ISO 27001 glossary entry covers the essentials.

ISO 42001 is the newer standard. Published as ISO/IEC 42001:2023 on 18 December 2023, it is the first international standard for an artificial intelligence management system, or AIMS. Its job is to govern how an organization develops, provides, and uses AI: the risks the AI creates, the impact it has on the people it touches, and its behavior across the full lifecycle. Our ISO 42001 guide goes deep on the clauses and the 38 controls; here we hold it next to ISO 27001.

So one standard is pointed at the security of your information. The other is pointed at the responsible behavior of your AI. Those are related concerns that share tooling, but they are not the same concern.

The Difference Between ISO 42001 and ISO 27001

The cleanest way to state the difference between ISO 42001 and ISO 27001 is by the direction of the risk.

ISO 27001 protects information from threats. It asks what could happen to your data: a breach, a leak, an outage, an unauthorized change. The threats come from outside the asset, and the asset being defended is the information itself.

ISO 42001 protects people and society from the AI system's own behavior. It asks what your AI could do to others: produce a biased decision, deny someone a loan on an unexplained basis, hallucinate a harmful instruction, or drift out of its intended use. The risk originates inside the asset. That is why a perfectly secure model, one that never leaks a byte, can still fail an ISO 42001 audit. Encryption does not fix an unfair outcome.

Both standards are voluntary, both are certified by an accredited body, and both certificates run three years with annual surveillance. The distinction is not process. It is subject matter.

AIMS vs ISMS: Two Systems, Two Objects of Control

Framed as AIMS vs ISMS, the split comes down to what each system takes as its object of control.

An ISMS controls information assets. You inventory the data and systems in scope, assess the risks to their confidentiality, integrity, and availability, and apply controls that reduce those risks to an acceptable level. The whole apparatus points at keeping information safe.

An AIMS controls AI systems and their impact. You inventory the AI systems in scope, assess the risks they pose across their lifecycle, and apply controls that keep their development and use responsible. Crucially, an AIMS assesses impact on individuals, groups, and society, not just on the organization. That outward-facing risk lens has no equivalent in an ISMS, which is fundamentally inward-facing: it protects the organization's assets, not the public from the organization.

Both use identical machinery to do this work: a defined scope, a risk methodology, a statement of applicability against Annex A, internal audits, and a management review. Same engine, different cargo.

Comparing the Controls: 38 vs 93

The Annex A control catalogues are where the difference gets concrete. ISO 27001:2022 lists 93 controls; ISO 42001 lists 38.

DimensionISO 27001:2022ISO 42001:2023
Management systemInformation security (ISMS)Artificial intelligence (AIMS)
Published2013, current edition 2022December 2023 (first edition)
ProtectsConfidentiality, integrity, availability of informationResponsible behavior and impact of AI systems
Annex A controls93 controls38 controls
Control grouping4 themes (A.5 to A.8)9 objectives (A.2 to A.10)
Shared structureHarmonized Structure, clauses 4 to 10Harmonized Structure, clauses 4 to 10
Distinctive requirementStatement of applicabilityAI system impact assessment
CertificationAccredited, 3-year cycle, annual surveillanceAccredited, 3-year cycle, annual surveillance

ISO 27001's 93 controls sit in four themes: Organizational (A.5, 37 controls), People (A.6, 8 controls), Physical (A.7, 14 controls), and Technological (A.8, 34 controls). Our ISO 27001 controls list breaks all 93 down theme by theme.

ISO 42001's 38 controls sit in nine objectives numbered A.2 to A.10, covering AI policy, internal roles, resources, impact assessment, the AI lifecycle, data for AI, information for interested parties, use of AI, and third-party relationships. In both standards these are reference controls: you justify which apply through your risk and impact assessments and record the reasoning, rather than implementing every one.

What ISO 42001 Adds That Information Security Cannot

Strip out everything ISO 42001 shares with ISO 27001 and you are left with the controls no information-security standard has ever asked for. Four stand out.

  • AI system impact assessment. Clauses 6.1.4 and 8.4, reinforced by control objective A.5, require a documented process for assessing the consequences an AI system has on individuals and society, performed at planned intervals and whenever the system changes materially. No infosec standard evaluates impact on third parties this way.
  • Algorithmic bias. ISO 42001 pulls fairness into scope as a governed risk, expecting you to identify and treat bias in data and outputs rather than assume it away.
  • Transparency. Control objective A.8 covers information for interested parties: users and affected people should understand that AI is in use and how it behaves, which is a disclosure duty security controls never touch.
  • Human oversight. The standard expects meaningful human control over consequential AI decisions, a concept with no counterpart in the CIA triad.

These are the requirements that make ISO 42001 a genuinely new certification rather than a rebadged ISMS.

Control Overlap: The Foundation You Already Have

Here is the reason the two standards are complements, not competitors. The control overlap between them is substantial, and most of it lives in the management system rather than the technical controls.

Because both are written on ISO's Harmonized Structure, clauses 4 through 10 are effectively the same shape in each: context of the organization, leadership and policy, planning and risk treatment, support and competence, operation, performance evaluation with internal audit, and improvement. If you have already stood up an ISMS, you have already built the AI management system's spine. The statement-of-applicability approach to Annex A, the internal-audit cadence, the management-review forum, the document-control system, and the corrective-action process all carry straight over.

What does not carry over is the AI-specific content: the impact assessment, the AI risk sources, the lifecycle controls, and the data-governance controls tuned to training data rather than data at rest. In practice organizations that already hold ISO 27001 report the ISO 42001 effort shrinks by roughly a third to a half, which lines up with the 60 to 70 percent foundational overlap. Our ISO 27001 readiness guide describes exactly the foundation you would be reusing.

If you already hold ISO 27001, most of ISO 42001 is groundwork you have already laid.

Drop your work email and we will map your existing ISMS against the 38 AI controls and scope the real gap.

Do I Need Both ISO 42001 and ISO 27001?

The question most teams actually arrive with is do I need both, and the answer depends on what you do, not on picking a favorite.

If you handle sensitive data of any kind, start with ISO 27001. It is the load-bearing foundation, it is the credential enterprise buyers request by name, and it builds the management system that ISO 42001 later reuses. Getting security certified first is the cheaper sequence because the second standard then costs you only the AI-specific delta.

Add ISO 42001 when AI is part of what you sell or how you operate: a model you train, an LLM you embed, a scoring system you run. The moment a buyer's security questionnaire grows an AI section, or the EU AI Act's obligations start touching your product, ISO 42001 becomes the artifact that answers those questions in a form procurement already trusts.

If AI is your entire product and you hold no ISMS today, you still almost certainly need both, because an AI system runs on data, and governing the AI without securing the data underneath it is half a program. The realistic end state for an AI company selling into regulated buyers is both certificates, which is exactly why it pays to build them together.

Running Both as One Integrated Management System

Treat ISO 27001 and ISO 42001 as one integrated management system and you avoid paying for the shared foundation twice.

The mechanics are straightforward because the Harmonized Structure was designed for this. You maintain a single set of clause 4 to 10 processes and extend each with the AI-specific requirements: one risk methodology that handles both information-security risk and AI risk, one combined internal-audit programme that samples both control sets, one management review that covers both systems, and one documentation library with a security-and-AI policy stack. Your statement of applicability grows an AI section rather than becoming a second document.

Certification bodies support combined audits, so a single accredited assessor can run Stage 1 and Stage 2 against both standards in one engagement, which compresses audit days and travel. The saving is real: instead of two four-to-nine month projects, you run the ISO 42001 delta on top of an existing ISMS in a fraction of the time. Our ISO 27001 documentation toolkit is the same document backbone an AIMS extends. If you want to weigh the combined build against running two programs in isolation, you can calculate your compliance ROI.

This is the whole argument against reading the comparison as a contest. The standards were engineered to interlock, and the organizations doing this well are certifying both through one program, not choosing between them.

Frequently Asked Questions

Is ISO 42001 replacing ISO 27001?

No. They govern different things. ISO 27001 will remain the standard for information security; ISO 42001 sits alongside it for AI governance. Neither supersedes the other, and most AI companies will end up holding both.

Do I need ISO 27001 before ISO 42001?

It is not a formal prerequisite. But because both share the same management-system structure, holding ISO 27001 first typically cuts the ISO 42001 effort by a third to a half, which makes security-first the cheaper sequence for most organizations.

How many controls does each standard have?

ISO 27001:2022 has 93 Annex A controls organized into four themes. ISO 42001:2023 has 38 controls organized into nine objectives numbered A.2 to A.10. The counts differ because ISO 42001 governs a narrower, newer domain.

Can one auditor certify both at once?

Yes. Because both use ISO's Harmonized Structure, an accredited certification body can run a combined audit against both standards in a single engagement, which is the efficient path once you treat them as one integrated program.

Conclusion

ISO 42001 vs ISO 27001 is a comparison, not a decision. ISO 27001 proves you secure information; ISO 42001 proves you govern AI. They share clauses 4 to 10, overlap by roughly two-thirds, and were built to be certified together, with ISO 42001 adding the impact assessment, bias, transparency, and oversight requirements that security alone never covered.

Konfirmity runs both the way we run managed compliance for SOC 2, ISO 27001, and HIPAA: human-led and end to end. The team behind Konfirmity has supported more than 6,000 audits, and we build the ISMS and the AIMS as one program inside your stack, so you certify against both standards without paying for the shared foundation twice. Book a demo and we will scope the combined path from wherever you are today.

How Real Security Becomes Compliance

Built by the CTO who scaled NIUM to $2 billion. 10 years building security and compliance for regulated fintechs. 4.5 years running Konfirmity profitably.

Book a call