ISO/IEC JTC 1/SC 42 · Artificial intelligence
Information technology.
Artificial intelligence.
Management system.
The world's first certifiable AI management system standard. Thirty-eight controls, nine objectives, and a Statement of Applicability that decides which of them are actually yours. Published December 2023. A European Standard since March 2026.
Annex A · Table A.1
This is the single most misunderstood thing about ISO/IEC 42001. Annex A is not a checklist to be completed. It is a reference set. You run a risk assessment, choose the controls that treat those risks, and then justify — in writing, to an auditor — both what you put in and what you left out. Nine objectives. Select any to see what it is for.
A.2
Reference control objectiveClause 6.1.3
The Statement of Applicability is where 42001 stops being a document you read and starts being a position you defend. It lists the controls you have judged necessary, and it justifies every inclusion and every exclusion against your own risk assessment.
Get it right and the audit is a conversation about evidence. Get it wrong — adopt all 38 because it felt safer, or exclude something you could not defend — and you have either bought yourself years of pointless control maintenance or a major nonconformity.
Context, leadership, planning, support, operation, performance evaluation, improvement. These use “shall”. There is no opting out, and this is what an auditor certifies you against.
Normative, but selective. The standard says plainly that not all of the objectives and controls are required to be used, and that you may design your own where Annex A does not reach.
Implementation guidance for every Annex A control — also normative, but you do not have to justify following it or not. It is a starting point, not a specification.
Most organisations end up implementing the majority of Annex A, because AI risk is broad and the controls are pitched high. That is a conclusion you should arrive at, not an assumption you start with.
Adoption
ISO/IEC 42001 has just become a European Standard, and almost nobody has noticed. CEN-CENELEC/JTC 21 — the same committee developing the harmonised standards for the EU AI Act — took the text over unmodified. The clock on national adoption is already running.
A new work item is registered in the programme of ISO/IEC JTC 1/SC 42, the joint ISO and IEC subcommittee for artificial intelligence, established in 2017. From here to publication took over three years, two committee draft consultations and an international ballot.
ISO/IEC 42001:2023, first edition, 51 pages. The world's first management system standard for artificial intelligence, and the first that an organisation can be certified against.
ISO/IEC 42006:2025 sets the requirements for the bodies that audit and certify AI management systems — competence, impartiality, and how audit time is calculated. Certification only means something once this exists, because it is what accreditation bodies assess certifiers against.
Approved by CEN and taken over as EN ISO/IEC 42001:2026 by CEN-CENELEC/JTC 21, Artificial Intelligence, whose secretariat is held by Danish Standards. The endorsement notice records that it was approved without any modification.
Under the CEN-CENELEC Internal Regulations, the national standards bodies of 34 countries are bound to give it the status of a national standard — and to withdraw any conflicting national standard. Austria to the United Kingdom, including Iceland, Norway, Serbia, Switzerland, Türkiye and North Macedonia alongside the EU member states.
A distinction worth holding onto, because it is routinely mangled: that obligation falls on the standards bodies, not on you. No company is required by this to do anything. What it changes is status — 42001 stops being an international standard your buyers might have heard of, and becomes the national standard in their country.
Certification
42001 is certifiable, which makes it unusual among AI standards — most are frameworks or guidance with nothing to audit. Certification is a two-stage audit by an accredited certification body, and the path to it is well worn from ISO 27001.
Determine what your AI management system covers and what role you play — whether you develop, provide or use AI systems, and often several of these at once for different systems. Clause 4.1 makes this the first decision, and it is the one that shapes everything after it.
Run an AI risk assessment and an AI system impact assessment — a separate obligation under Clause 6.1.4, and about consequences for people rather than risk to you. Select controls, write the Statement of Applicability, build the evidence.
Gap analysis, internal audit and management review before an auditor arrives. Stage 1 tests readiness and documentation; Stage 2 tests whether the system actually operates. Then surveillance audits, and recertification.
That your organisation runs a management system for AI, that it is being followed, and that a third party has checked. That is a real and useful thing to be able to show a procurement team.
That any particular model is safe, fair, accurate or lawful. 42001 certifies the system that governs your AI, not the AI. Anyone selling it as a safety certificate for a model has misread the standard, and an informed buyer will know.
EU AI Act
You are being told that ISO/IEC 42001 gets you EU AI Act compliance. It does not, and the people who would know have said so in writing.
Article 17 of the AI Act requires providers of high-risk AI systems to operate a quality management system. Article 40 lets harmonised standards confer a presumption of conformity. 42001 is a genuine, rigorous management system standard, and the committee that adopted it as a European Standard — JTC 21 — is the same one writing the AI Act's harmonised standards under the Commission's request.
If you have implemented 42001 well, a large part of the organisational machinery an AI Act QMS needs already exists and is already audited.
ISO/IEC 42001 is not a harmonised standard cited in the Official Journal, and holding a 42001 certificate gives you no presumption of conformity with anything. The European position is explicit that 42001 does not cover the full set of the AI Act's quality management requirements — which is precisely why a separate European standard, prEN 18286, is being developed to do that job.
Treat 42001 as a very good head start on an AI Act QMS. Do not treat it as the finish line, and be careful of anyone who does.
The same discipline applies elsewhere. In the UK, where regulation is principles-based and delegated to existing sector regulators rather than a single AI act, an international standard carries more weight, not less — it is the shared reference a regulator can point at without legislating.
The family
It is a management system standard, which means it tells you to have a process and leaves the method to other documents. Those documents exist, and knowing which one answers which clause is most of the implementation.
What an auditor must be competent in, how impartiality is managed, and how audit time is calculated from your headcount, your systems and your regulatory exposure. Read it before you choose a certifier: it tells you what a credible audit looks like.
Clause 6.1.4 requires an impact assessment process. 42005 is how you do one, down to the documentation tables. The pairing is close to mandatory in practice.
Clause 6.1 requires AI risk management and the standard points at 23894 in a note. It is the method behind the requirement.
Annex A.7 is data for AI systems, and 42001 assumes a data life cycle exists and has owners. 8183 is the standard that defines what those stages are. See our ISO/IEC 8183 guide.
42001 uses the Harmonized Structure, so clauses 4 to 10 have the same shape as your existing management systems. If you are certified to 27001, you already own most of the scaffolding and can run a combined audit.
The vocabulary 42001 is written in. Disputes in an audit are surprisingly often disputes about what a word means.
Who wrote it
ISO/IEC 42001 was written by experts nominated through their national standards bodies, working in the subcommittee that produces the whole AI standards series. A management system standard that any organisation in any sector can be certified against has to survive scrutiny from every national body that will have to live with it — and it did, over more than three years.
The joint ISO and IEC subcommittee for artificial intelligence, established in 2017 and the source of the whole AI standards series — 42001, 42005, 42006, 23894, 8183, 5259, 22989. Its working groups draft; its national members vote.
Every participating country runs a mirror committee that develops its national position and casts its vote. In the UK that is BSI's ART/1, Artificial Intelligence. Experts are nominated through their national body and serve in a personal, expert capacity.
Registered as a project in August 2020. Two committee draft consultations, comments resolved, referred back to the working group once, then a Draft International Standard ballot before publication in December 2023. Consensus is slow on purpose.
Which is why nobody should claim to have written ISO/IEC 42001. What people can honestly claim is participation — and participation is what tells you how the text is meant to be read, where the committee argued, and which words were chosen carefully.
BSI and ISO AI committees
Matthew was part of the standards work behind ISO/IEC 42001, through BSI's ART/1 committee — the UK national mirror committee for ISO/IEC JTC 1/SC 42 — and as a member of the ISO committees producing the AI standards series it belongs to.
He was also sub-editor of ISO/IEC 8183, the data life cycle framework that Annex A.7 leans on. That combination is the useful part: he can tell you not just what 42001 requires, but why the committee wrote it that way, and which of the surrounding standards actually answers the clause in front of you.
Questions
ISO/IEC 42001:2023 is the international standard for artificial intelligence management systems, titled Information technology — Artificial intelligence — Management system. It sets out what an organisation must have in place to develop, provide or use AI responsibly: leadership, policy, risk assessment, impact assessment, controls, evidence, audit and improvement.
It is the first AI standard an organisation can actually be certified against, and the first to treat AI governance as a management system rather than a set of principles.
December 2023, as a first edition of 51 pages, by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 42, Artificial intelligence. The project had been registered in August 2020. It was approved as a European Standard, EN ISO/IEC 42001:2026, by CEN on 13 March 2026.
Annex A contains 38 controls organised into nine control objectives, numbered A.2 to A.10: policies related to AI, internal organization, resources for AI systems, assessing impacts of AI systems, AI system life cycle, data for AI systems, information for interested parties, use of AI systems, and third-party and customer relationships.
The number matters less than people think. Annex A is a reference set, not a checklist — the standard states that not all of its objectives and controls are required to be used.
No, and this is the most common misunderstanding about the standard. Under Clause 6.1.3 you select controls that treat the risks your own assessment identified, compare your selection against Annex A to check you have not missed anything necessary, and then produce a Statement of Applicability justifying both inclusion and exclusion. You may also design controls of your own where Annex A does not reach.
In practice most organisations implement the majority of Annex A, because AI risk is broad and the controls are pitched at a high level. That should be a conclusion you reach, not an assumption you start from.
The document required by Clause 6.1.3 that lists the controls you have determined necessary and justifies why each is included or excluded. Exclusions can be justified where your risk assessment does not deem a control necessary, or where external requirements do not require it or provide an exception.
It is the spine of the audit. A certification body will confirm there is at least one Statement of Applicability per certification scope, and will test whether your risk assessment genuinely supports what it says.
No. ISO/IEC 42001 is not a harmonised standard cited in the Official Journal of the European Union, so it confers no presumption of conformity. The European position is explicit that 42001 does not cover the full set of the AI Act's quality management requirements, and a separate European standard — prEN 18286 — is being developed to fulfil them.
What is true is that Article 17 requires providers of high-risk AI systems to run a quality management system, and that a well-implemented AIMS gives you a great deal of the organisational machinery an AI Act QMS needs, already audited. Treat it as a head start, not a finish line.
Through a two-stage audit by an accredited certification body. Determine your scope and your role under Clause 4.1; run an AI risk assessment and an AI system impact assessment; select controls and write the Statement of Applicability; implement clauses 4 to 10 and the controls you selected; run an internal audit and a management review; then Stage 1, which tests readiness and documentation, and Stage 2, which tests whether the system actually operates. Surveillance audits follow, then recertification.
ISO/IEC 42006:2025 governs the certification bodies themselves. It is worth reading before you choose one.
It depends on what already exists. An organisation certified to ISO/IEC 27001 has the harmonised-structure scaffolding — scope, leadership, internal audit, management review — and is mostly adding the AI-specific parts. An organisation starting from nothing is building a management system as well as an AI one.
Audit duration is not a matter of opinion: ISO/IEC 42006 sets out how a certification body calculates audit time from the number of people involved in the AI life cycle, then adjusts it for the number of AI systems, how many are high-risk or sensitive, how many regulatory frameworks you sit under, how many third-party agreements are in scope, and how many controls you carry beyond Annex A.
ISO/IEC 27001 manages information security; ISO/IEC 42001 manages artificial intelligence. They share the Harmonized Structure, so clauses 4 to 10 have the same shape and audits can be combined, and both use a risk assessment feeding a Statement of Applicability against an Annex A of reference controls.
The substance differs where it matters. 42001 requires you to determine your role with respect to AI systems, and requires an AI system impact assessment — an assessment of consequences for individuals, groups and societies, not risk to your organisation. Information security has no direct equivalent of that obligation.
No. It certifies the management system that governs your AI, not the AI itself. A certificate says a third party checked that you run a system for managing AI risk and that you follow it. It says nothing about whether a particular model is accurate, fair or safe.
That distinction is worth defending, because a certificate presented as a safety guarantee is exactly the sort of claim a regulator or a well-briefed procurement team will take apart.
ISO/IEC JTC 1/SC 42, the joint ISO and IEC subcommittee for artificial intelligence established in 2017. Unlike smaller standards drafted by a handful of editors, a management system standard passes through working groups, two committee draft consultations, comment resolution and an international ballot, with every participating national body voting through its own mirror committee — BSI's ART/1 in the United Kingdom.
Experts participate in a personal and expert capacity, nominated through their national standards body.
From ISO, from the IEC, or from your national standards body — in the UK, BSI, as BS EN ISO/IEC 42001:2026. It is a copyrighted document and this site does not reproduce it. The list price from ISO at the time of writing is CHF 406.
Next
Fifty-one pages will tell you a Statement of Applicability is required. They will not tell you which controls your risk assessment actually supports, what evidence an auditor accepts, how to scope an AIMS you can defend, or which of the surrounding standards answers the clause in front of you.