Standard guide
ISO 42001: the AI management system standard
ISO 42001 is the first international standard for an artificial intelligence management system (AIMS). It gives organisations a certifiable structure for governing AI responsibly and consistently.
The basics
What is ISO 42001?
ISO 42001 and the EU AI Act
An ISO 42001 management system is one of the most practical ways to demonstrate the governance and risk controls the EU AI Act expects, especially for providers of high-risk AI systems.A management system for AI
ISO 42001 applies the familiar management-system model — plan, do, check, act — to the specific risks and duties of AI.
Built for responsible AI
The standard operationalises responsible AI: governance, risk assessment, impact assessment and continual improvement.
Certifiable
Like ISO 27001, ISO 42001 can be independently certified, giving customers and regulators assurance about your AI practices.
What an ISO 42001 AIMS includes
AI policy
Objectives and commitments for responsible AI.
AI risk assessment
Systematic assessment of AI-specific risks and impacts.
Controls
Operational controls across the AI lifecycle.
Improvement
Monitoring, audit and continual improvement.
Where to next
Connect the AI stack
AI governance
The governance model ISO 42001 formalises.
AI risk management
The risk engine inside the management system.
EU AI Act
The regulation ISO 42001 helps you meet.
ISO 42001 FAQs
What is ISO 42001?
The international standard specifying requirements for an artificial intelligence management system (AIMS).
How does it relate to ISO 27001?
It follows the same management-system structure, so organisations with an ISO 27001 ISMS can extend naturally to ISO 42001.
Does ISO 42001 help with the EU AI Act?
Yes. It provides a structured, certifiable way to evidence the governance and risk controls the AI Act expects.
Stand up an ISO 42001 AI management system.
Build the governance foundation in a hands-on workshop.