ISO 42001
ISO 42001: certifiable AI governance
ISO/IEC 42001 is the first international, certifiable standard for an AI management system (AIMS). It describes how an organisation builds, runs and continually improves its AI governance along the PDCA cycle, including risk and impact assessment. It is the organisational underpinning, not the technology itself.
The moment an organisation stops merely trialling AI and starts running it for good, it faces the same question it once faced for information security: how do scattered measures become an auditable routine? ISO/IEC 42001:2023 answers that for AI the same way ISO 27001 has long answered it for the information security management system. This page describes what the standard requires, how it is structured and how it relates to the EU AI Act.
What an AI management system governs
An AIMS is not a tool but a set of interrelated provisions that makes the responsible development, provision and use of AI in an organisation controllable. ISO/IEC 42001 sets requirements along the familiar parts of a management system:
- Context and scope. Which AI systems, roles and processes fall under the system, and which internal and external expectations bear on it?
- Leadership and policy. A leadership-backed AI policy with clear ownership, instead of scattered one-off rules.
- Planning with risk and impact assessment. The standard requires both an AI risk assessment and an AI system impact assessment for affected individuals and groups.
- Operation and controls. An annex to the standard lists control objectives and measures, from which an organisation selects, with justification, what fits its risks.
- Evaluation and improvement. Internal audits, management review and corrective actions keep the system alive.
These parts are the skeleton. They follow the common high-level structure (Annex SL) of the ISO management standards, which is why ISO/IEC 42001 sits cleanly alongside an existing ISO 27001.
The PDCA cycle
Like every management standard, ISO/IEC 42001 is cyclical, not one-off. It follows the Plan-Do-Check-Act cycle, which turns those parts into a repeatable sequence:
flowchart TD
P["Plan<br/>context, AI policy,<br/>risk and impact assessment"] --> D["Do<br/>implement controls,<br/>roles and evidence"]
D --> C["Check<br/>internal audit,<br/>management review"]
C --> A["Act<br/>correction,<br/>continual improvement"]
A --> P
The decisive step is planning. Without a risk assessment that classifies each AI system by its purpose, and without an impact assessment that captures the effect on affected people, the later steps steer only the visible part. That ongoing classification of new models and use cases is also the subject of AI governance, which uses ISO/IEC 42001 as its organisational frame.
Relationship to the EU AI Act
ISO/IEC 42001 and the EU AI Act pursue related goals but are not the same thing. The standard is a voluntary management standard; the AI Act is binding EU law. Precision matters here, because conflating them can be expensive:
- An AIMS under ISO/IEC 42001 helps to meet the organisational obligations of the AI Act in an orderly way, such as risk management, data governance and human oversight for high-risk applications.
- An ISO/IEC 42001 certificate does not, however, confer a presumption of conformity under the AI Act. Only harmonised European standards carry that effect, once they are listed in the Official Journal of the EU.
- The European Commission has stated that the goals and definitions of ISO/IEC 42001 are not aligned with the quality management system the AI Act requires, and has mandated CEN-CENELEC (JTC 21) with a dedicated harmonised standard. The first harmonised AI standards are expected in 2026.
In practice this means an AIMS is a strong underpinning and considerably narrows the gap to AI Act conformity, but it does not replace the specific conformity assessment. The risk classification itself follows the classes of the EU AI Act; anyone processing personal data also meets the revised Swiss Data Protection Act (revFADP) in parallel. To anchor these obligations as an auditable rule in operations, the methodical lever is described under Compliance as Code.
What certification means
ISO/IEC 42001 is auditable: an accredited body checks whether the AI management system meets the requirements of the standard and, on success, issues a certificate. The certificate confirms the system, that is policy, processes and evidence, not the correctness of any single AI output. It is therefore a trust signal towards customers, regulators and the supply chain, comparable to what ISO 27001 provides for information security. Early large providers have already certified their AI services against the standard, AWS among them for several AI services.
Where adoption breaks
- Certificate over substance. An organisation obtains the certificate without actually enforcing the AI policy. An AIMS on paper steers nothing.
- Risk assessment without impact assessment. The technical risk view is maintained, but the effect on affected people is overlooked. The standard explicitly requires both.
- AIMS equals AI Act conformity. The certificate is misread as a presumption of conformity. It is an underpinning, not a legal shield.
- Siloed system. The AI management system runs separately from the existing ISO 27001 and from data protection, instead of using the shared Annex SL structure. The effort then doubles.
Governance that holds regardless of jurisdiction
The organisational gain from ISO/IEC 42001 is that the standard is international and origin-neutral: a cleanly run AIMS carries an organisation's AI governance whether or not it falls under the AI Act. It steers the question of which models may run on which data almost inevitably towards sovereign infrastructure, because the risk and impact assessment makes data outflows visible. For Swiss organisations this is doubly useful, because the same assessment also prepares the follow-on question of local data protection. The values layer behind the controls is covered by Digital Ethics.
References
- European Commission Understanding the standardisation of the AI Act. Explains how harmonised standards relate to the AI Act and where ISO/IEC 42001 fits. (10.03.2026). digital-strategy.ec.europa.eu/en/faqs/understanding-standardisation-ai-act
- AWS AWS achieves ISO/IEC 42001:2023 accredited certification. Vendor announcement of ISO/IEC 42001 certification for several AI services (Amazon Bedrock, Q Business, Textract, Transcribe). (25.11.2024). aws.amazon.com/blogs/machine-learning/aws-achieves-iso-iec-420012023-artificial-intelligence-management-system-accredited-certification/
- OECD AI Principles, 2024 update. Five values-based principles for trustworthy AI, adhered to by 47 states and organisations. (03.05.2024). oecd.ai/en/ai-principles
- ISO/IEC 42001:2023, AI management system. The first international, certifiable standard for an artificial-intelligence management system. (18.12.2023). www.iso.org/standard/81230.html
- NIST AI Risk Management Framework (AI RMF 1.0). Voluntary US framework for steering AI risk across the four functions govern, map, measure and manage. (26.01.2023). www.nist.gov/itl/ai-risk-management-framework
Related topics
- EU AI Act, the binding law an AIMS complements.
- ISO 27001, the sister management system for information security.
- AI Governance, the frame ISO/IEC 42001 underpins.
- nFADP / revFADP, the Swiss data protection law that applies in parallel.
- Compliance as Code, the methodical lever for auditable controls.
Ask AI
These links open external AI services, the conversation and its content are sent to their providers.