Microsoft, AWS, and Miro have all done it. So have a growing number of SaaS vendors, model developers, and consultancies racing to put a credible governance label on their AI work. The label is ISO/IEC 42001:2023, and it is currently the only international AI management standard an organization can be certified against by an accredited third party. Every other prominent AI framework — the NIST AI Risk Management Framework, the OECD AI Principles, the EU AI Act itself — either resists certification by design or imposes obligations without offering one.
That distinction matters. With the EU AI Act’s high-risk obligations now coming into full force in August 2026, certification under ISO 42001 has shifted from a forward-looking gesture into a procurement-grade artifact buyers and regulators ask to see. This article walks through what the standard actually requires, how its clauses and Annex A controls fit together, where it overlaps with ISO 27001 and the EU AI Act, and where its limits show.
What ISO 42001 Actually Is
ISO/IEC 42001 was published on December 18, 2023 by the International Organization for Standardization and the International Electrotechnical Commission. It defines requirements for an Artificial Intelligence Management System (AIMS) — a structured set of policies, processes, and controls covering how an organization develops, provides, or uses AI systems. The standard applies to any organization in any sector that builds, deploys, or operates AI, regardless of size.
Crucially, ISO 42001 is a management system standard, not a product standard. It does not certify a model, a dataset, or an output. It certifies that an organization has the governance scaffolding to manage AI responsibly across the full lifecycle: design, development, validation, deployment, monitoring, and decommissioning. Sister standards such as ISO/IEC 22989 (AI terminology), ISO/IEC 23053 (machine learning framework), ISO/IEC 23894 (AI risk management guidance), and the newer ISO/IEC 42005:2025 (AI system impact assessment) sit alongside it and feed into AIMS implementation.
Like ISO 9001 and ISO 27001, ISO 42001 follows the Annex SL high-level structure and the Plan-Do-Check-Act (PDCA) cycle. That design choice is deliberate: it lets organizations bolt the AIMS onto management systems they already operate rather than running parallel governance programs.
The Ten Clauses That Define the AIMS
The body of ISO 42001 contains ten clauses. The first three are scoping and definitional. Clauses four through ten are the auditable substance of the standard — the requirements an external auditor will test against.
The most consequential single requirement sits in Clause 6.1.3, which obliges the organization to map its chosen AI risk treatments against Annex A and confirm that no necessary control has been omitted. This clause is what binds the abstract management system to a concrete control catalogue.
Annex A: The Reference Control Catalogue
ISO 42001 ships with four annexes. Annex A is normative — it defines the reference set of control objectives — while Annexes B, C, and D provide implementation guidance, AI-specific risk source taxonomy, and integration advice for sector-specific use. Annex A organizes its control objectives across nine domains, A.2 through A.10. Different consultancies count the underlying controls differently, with reported totals ranging from 39 to 42 depending on how sub-controls are aggregated, but the domain structure is fixed.
Unlike a prescriptive checklist, the Annex A controls are objectives. The organization decides how to meet them and documents the decision in a Statement of Applicability (SoA) that names every control, marks it as included or excluded, and justifies the call. That document is one of more than 20 written artifacts ISO 42001 demands — notably more than ISO 27001 — including the AI Policy, AIMS Scope, AI Risk Management Methodology, AI Risk Treatment Plan, and AI System Impact Assessment records.
A.5 and A.6 carry the most novel material relative to information-security standards: AI impact assessment and lifecycle governance have no clean ISO 27001 analogue. A.7 overlaps significantly with data governance work most regulated organizations already do but reframes it around model training and inference. A.10 has become a sleeper priority — most organizations consume far more AI than they build, and the standard makes them accountable for what their vendors and embedded models do.
How Certification Actually Works
ISO 42001 certification is performed by accredited certification bodies, not by ISO itself. BSI holds the distinction of being the first body accredited by UKAS, the Netherlands’ RvA, and the ANSI National Accreditation Board (ANAB) to issue ISO 42001 certificates. DNV, TÜV SÜD, SGS, and Schellman are also active in the market, with overlapping accreditation across jurisdictions.
The certification process mirrors the rhythm familiar from ISO 27001:
- Gap assessment against ISO 42001 requirements
- AIMS implementation — policies, procedures, controls, training, evidence collection
- Stage 1 audit — documentation review and readiness check
- Stage 2 audit — on-site or remote testing of operational effectiveness
- Certification issued, valid for three years
- Annual surveillance audits in years one and two
- Recertification audit in year three
Implementation timelines reported by certification bodies and consultancies typically run 8 to 12 months for mid-sized organizations starting from a mature ISO 27001 baseline, longer where AI governance is being built from scratch.
How ISO 42001 Relates to ISO 27001 and the EU AI Act
The standard was engineered to slot into existing compliance estates. Both ISO 42001 and ISO 27001 share Annex SL structure, identical clause numbering, and the PDCA cycle. Risk management methodology, document control, internal audit, and management review can largely be reused. What ISO 42001 adds on top: bias and fairness controls, explainability and transparency obligations, AI lifecycle stage gates, and AI-specific impact assessment.
The EU AI Act relationship is more nuanced. The Act is binding law that entered into force on August 1, 2024, with prohibitions on unacceptable-risk systems applying from February 2, 2025, and high-risk obligations under Annex III taking full effect from August 2, 2026. ISO 42001 is voluntary. But the two frameworks share an estimated 40–50% overlap in high-level requirements around risk management, data governance, transparency, and human oversight.
The practical implication: ISO 42001 certification is not a substitute for EU AI Act compliance. A high-risk AI system still requires conformity assessment under the Act regardless of any ISO certificate held. But the management system, documentation, risk treatment, and impact-assessment artifacts produced for ISO 42001 can be reused as evidence in EU AI Act conformity work and in due-diligence questionnaires from procurement, insurers, and partners.
Where the Standard Falls Short
ISO 42001 is not without rough edges, and they’re worth naming.
The bias and fairness controls remain technically immature. Annex A asks for bias detection and mitigation. Annex B offers implementation guidance. Neither prescribes specific testing methodologies, threshold metrics, or sampling approaches. Auditors and certified organizations are working out interpretation in real time, and consistency across certification bodies is uneven.
Documentation overhead is heavier than ISO 27001. The standard requires more than 20 mandatory documents, and unlike ISO 27001 every applicable Annex A control needs documented evidence, not just the inclusion call. Smaller organizations underestimating this burden routinely slip implementation timelines.
The “AI system” boundary is contested. Where does a stochastic feature in a traditional product become an AI system requiring AIMS coverage? The standard leaves this to organizational judgment, which means scoping decisions vary widely between certified vendors and complicate buyer comparison.
The certificate does not certify the AI. This is the most important caveat for buyers. An ISO 42001 certificate confirms that the organization has a working AIMS — not that any specific model is unbiased, accurate, or safe. Reading certification as a model-quality signal is a category error that vendors sometimes encourage and procurement teams sometimes accept.
FAQ
Is ISO 42001 mandatory? No. It is a voluntary standard. The EU AI Act, by contrast, is mandatory for AI systems placed on the EU market or whose outputs affect individuals in the EU.
Can ISO 42001 certification reduce EU AI Act exposure? It does not substitute for required conformity assessments, but evidence produced under ISO 42001 — risk assessments, impact assessments, documentation, governance records — can directly support EU AI Act obligations and is increasingly accepted as evidence of due diligence.
How long does ISO 42001 certification take? Typically 8 to 12 months for mid-sized organizations, faster for those already certified to ISO 27001 since the management system scaffolding is largely reusable.
Does ISO 42001 apply to organizations that only use third-party AI? Yes. Annex A.10 specifically addresses third-party and customer relationships, and AIMS scope can cover AI consumption as well as AI production.
The Bottom Line
ISO 42001’s value is precisely what its critics call its limitation: it certifies governance, not models. In a market awash with self-asserted “responsible AI” claims and frameworks that resist external testing, an audited management system from a body like BSI or DNV is currently the cleanest signal an organization can offer that its AI work is structured rather than improvised.
For organizations already operating ISO 27001, the marginal cost of adding ISO 42001 is real but manageable, and the procurement payoff is starting to show as buyers list it explicitly in vendor questionnaires. For organizations facing EU AI Act high-risk obligations from August 2026, the standard is the most coherent prep work currently available, even if it is not a legal substitute. For everyone else, the calculus depends on how much AI sits in the product, how regulated the sector is, and how loud the customers are getting about governance.
The standard will evolve. ISO/IEC 42005:2025 on AI system impact assessment has already shipped, and additional companion standards are in active drafting. Expect Annex A to be refined, expect interpretation to mature, and expect the certificate to mean more in 2027 than it does today.
META DESCRIPTION: ISO 42001:2023 is the first certifiable AI management standard. Inside its clauses, Annex A controls, certification process, and link to the EU AI Act.
