AI governance

ISO 42001: the AI management system standard, explained

Short answer: what ISO 42001 is for

ISO/IEC 42001 answers one question: how does an organization govern its use of AI in a way it can demonstrate to an auditor? It does not tell you which model to pick or how to write a prompt. It defines the management system around AI — the policies, roles, risk assessments, controls, and review cycle — so that responsible AI is a repeatable process rather than a one-off promise. Because it is a certifiable standard, that process can be independently checked, which is its main value over a framework you simply self-attest to.

What is ISO 42001

The full title is ISO/IEC 42001:2023 — Information technology — Artificial intelligence — Management system. It was published in 2023 as the first edition, jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), and developed by their joint subcommittee ISO/IEC JTC 1/SC 42, which owns AI standardization.

AIMS stands for Artificial Intelligence Management System — in the standard's own framing, the interrelated elements an organization uses to set policies and objectives, and the processes to achieve them, for the responsible development, provision, or use of AI systems. If you have met ISO/IEC 27001 (information security) or ISO 9001 (quality), the shape is familiar: 42001 is the AI-specific member of that family, built so it can integrate with the others rather than replace them.

What an AI management system (AIMS) requires

ISO 42001 follows the ISO harmonized structure (Annex SL / High-Level Structure), so its requirement clauses are numbered 4 through 10 — the same skeleton as ISO 9001 and ISO/IEC 27001. Clauses 1–3 cover scope, references, and terms; the management system itself lives in:

The whole thing runs on a Plan-Do-Check-Act (PDCA) cycle: clauses 4–7 plan, clause 8 does, clause 9 checks, clause 10 acts. Two requirements give 42001 its AI-specific character. First, an AI risk assessment (clause 6) treats AI as a distinct risk source, not just an IT asset. Second — and this is the part security standards do not have — an AI system impact assessment, which considers consequences for individuals, groups, and society, including matters like fairness, safety, and human rights. ISO/IEC 42005:2025 was published as dedicated guidance for that impact assessment.

Implementation detail sits in Annex A, a reference set of 38 controls grouped under 9 control objectives, numbered A.2 through A.10 — covering AI policy, internal organization, resources for AI systems, impact assessment, the AI system lifecycle, data for AI systems, information for interested parties, use of AI systems, and third-party relationships. (You will see some secondary summaries miscount the objective groups; the defensible figure from the standard's structure is 38 controls across those 9 objectives.) Three informative annexes support it: Annex B gives implementation guidance per control, Annex C is an idea bank of AI-related objectives and risk sources, and Annex D covers applying the AIMS across domains and alongside other standards.

For an engineer, the practical translation is that controls like the AI system lifecycle (A.6) and data for AI systems (A.7) map onto things you already own — model selection, evals, data provenance, monitoring, the operational plane around an agent — and 42001 asks you to document and review them deliberately.

How certification works

ISO 42001 is a certifiable standard, but a clarification matters: ISO itself does not certify anyone. Certification is issued by accredited third-party certification bodies, which are in turn accredited by national accreditation bodies (such as ANAB in the US or UKAS in the UK) under the ISO/IEC 17021 scheme. That accreditation chain is what makes a certificate credible.

The audit typically runs in two stages. A Stage 1 audit reviews your documentation and readiness; a Stage 2 audit tests whether the management system is actually implemented and effective. Pass both and you receive a certificate, generally on a three-year cycle with annual surveillance audits and a recertification at the end. Before any of that, you typically run an internal audit and a management review yourself — the standard requires them.

On cost: certification prices are not publicly standardized, and I will not invent a figure. They vary with organization size, the scope of AI systems in question, your role (developer, provider, or user), and which certification body you choose. Published third-party estimates exist but range widely; treat any single number you see as that vendor's estimate, not a fixed price. Who needs it? Any organization that develops, provides, or uses AI systems — there is no size or sector restriction. In practice the early demand is from AI vendors and enterprises that need to show customers a credible governance posture; major providers including AWS, Anthropic, and Microsoft have publicly reported 42001 certification for specific AI services.

ISO 42001 vs NIST AI RMF

These two are the references people most often confuse, and the difference is structural. The NIST AI Risk Management Framework (AI RMF 1.0), released in January 2023, is a voluntary US framework organized around four functions — Govern, Map, Measure, Manage — that you adopt and self-apply. ISO/IEC 42001 is an international management-system standard you can be audited and certified against. One gives you a structured way to reason about AI risk; the other gives you a system an external body can verify. They are complementary: many organizations use the NIST functions to do the risk thinking and 42001 to make it auditable.

Neither is a substitute for the other, and neither is a substitute for actual engineering controls. They organize the work; governing an agent in production is still where the controls get implemented.

ISO 42001 and the EU AI Act

This is where careful wording matters, because a common claim is wrong. ISO 42001 does not, by itself, grant a presumption of conformity with the EU AI Act. Under the AI Act, only harmonised standards listed in the Official Journal of the EU confer that legal presumption, and those harmonised standards are being developed by the European bodies CEN/CENELEC — not by ISO. The in-development European deliverable for AI management (drafted as prEN 18286) is aligned with 42001 but is a distinct standard.

What is true is that ISO 42001 is a strong governance foundation that supports AI Act readiness: its risk assessment, impact assessment, lifecycle controls, and documentation discipline overlap materially with what the Act expects of providers and deployers. So treat 42001 as a credibility and maturity signal that does a lot of the groundwork — not as a legal shield, and not as coverage of every Act obligation (for example, general-purpose AI provider duties). If your scope includes the EU, read the standard and the Act together; the EU AI Act for engineers guide covers the obligations side.

Frequently asked questions

What is ISO 42001?

ISO/IEC 42001:2023 is the international standard for an AI management system (AIMS) — a governance framework for developing, providing, and using AI responsibly. Published jointly by ISO and IEC in 2023, it is the first certifiable management-system standard for AI, structured like ISO 9001 and ISO/IEC 27001 with clauses 4–10, a Plan-Do-Check-Act cycle, and 38 controls in Annex A.

What is an AI management system?

An AI management system (AIMS) is the set of policies, roles, risk and impact assessments, controls, and review processes an organization uses to govern its AI responsibly. ISO 42001 defines what such a system must contain so it can be operated repeatably and audited, rather than relying on a one-off responsible-AI statement.

Who needs ISO 42001?

Any organization that develops, provides, or uses AI systems — there is no size or sector restriction. In practice, early demand comes from AI vendors and enterprises that need to demonstrate a credible governance posture to customers, regulators, or partners. Major providers including AWS, Anthropic, and Microsoft have publicly reported 42001 certification for specific AI services.

How do you get ISO 42001 certified?

You build the management system to the standard, run an internal audit and management review, then engage an accredited third-party certification body. The audit has a Stage 1 (documentation and readiness) and a Stage 2 (implementation and effectiveness); passing both yields a certificate, generally on a three-year cycle with annual surveillance audits. ISO does not certify directly — accredited bodies do. Certification prices are not publicly standardized; they vary by organization size, scope, role, and chosen body.

ISO 42001 vs NIST AI RMF — what's the difference?

ISO 42001 is a certifiable international management-system standard — you can be audited and certified against it. The NIST AI RMF (released January 2023) is a voluntary US framework organized around Govern, Map, Measure, and Manage, which you self-adopt with no certificate. They are complementary: NIST helps you reason about AI risk; ISO 42001 makes your governance auditable.

How does ISO 42001 relate to the EU AI Act?

ISO 42001 supports EU AI Act readiness but does not grant a presumption of conformity on its own — that legal mechanism belongs only to harmonised standards listed in the Official Journal of the EU, which CEN/CENELEC (not ISO) is developing. Treat 42001 as a strong governance foundation and credibility signal that overlaps materially with the Act's expectations, not as a legal shield or full coverage of every obligation.