ISO/IEC 42001:2023, published in December 2023 by the International Organization for Standardization and the International Electrotechnical Commission, is the first certifiable international standard for AI management systems. It is not a regulation. It is a voluntary framework that specifies what an AI management system must contain to be auditable and certifiable. What makes it consequential in 2026 is that it is being referenced in AI governance frameworks, regulatory safe harbours, and insurance underwriting criteria across multiple jurisdictions simultaneously. For operators deploying AI agents across borders, understanding ISO 42001 is no longer optional preparation for a future obligation. It is the present-day governance baseline that courts, regulators, and underwriters are converging on.

Key takeaways

  • ISO/IEC 42001:2023 is the first certifiable international AI management system standard. It specifies requirements for establishing, implementing, maintaining, and improving an AI management system across an organization's full AI portfolio.
  • The standard follows the High Level Structure common to ISO 9001, ISO 27001, and ISO 14001, which allows integration with existing management systems. Annex A provides over thirty AI-specific controls covering context, data governance, impact assessment, and lifecycle management.
  • Colorado SB 24-205 (C.R.S. section 6-1-1701 et seq.) creates a rebuttable presumption of reasonable care for developers who adopt a risk management programme aligned with a recognised framework. ISO 42001 qualifies.
  • Singapore's Model AI Governance Framework (IMDA, 2024 edition), Canada's AIDA successor process, and the OECD AI Principles (2024 revision) all reference alignment with international AI management standards. ISO 42001 is the only certifiable standard in this category.
  • ISO 42001 certification does not by itself satisfy EU AI Act obligations for high-risk AI, but an organization with a certified AIMS will have the governance foundation that the EU AI Act's procedural requirements build on.

What the standard specifies

ISO/IEC 42001:2023 specifies requirements for an AI management system (AIMS). The AIMS is the organizational infrastructure through which an entity governs its AI activities: the policies, processes, roles, objectives, documented information, and review cycles that together constitute a managed approach to AI risk and accountability. The standard uses the same High Level Structure as ISO 9001 (quality management), ISO 27001 (information security), and ISO 14001 (environmental management), which means organizations with existing certifications can integrate their AIMS into their existing management system infrastructure rather than building a separate one from scratch.

The standard's clauses cover the following areas. Clause 4 (Context of the organization) requires the organization to understand its internal and external context, identify relevant interested parties, and define the scope of the AIMS. The scope definition is significant: an organization must define which AI systems and processes are within the AIMS boundary. Systems excluded from scope are not protected by the certification. Clause 5 (Leadership) requires top management commitment through an AI policy, assignment of roles and responsibilities, and integration of AI governance into organizational processes. Clause 6 (Planning) requires the organization to determine risks and opportunities related to its AI activities, set objectives, and plan for contingencies. Clause 7 (Support) covers resources, competence of personnel, awareness, communication protocols, and documented information requirements. Clause 8 (Operation) is where the AI-specific requirements concentrate.

Clause 8 requires the organization to plan and control its AI activities through several processes that are not present in general management system standards. AI system impact assessment (Clause 8.4) requires the organization to assess the potential impacts of each AI system on individuals, groups, and society before deploying it. This assessment maps closely to the Fundamental Rights Impact Assessment (FRIA) required by Article 27 of the EU AI Act for certain deployers. AI objectives (Clause 8.6) require that targets are set for AI system performance and that evidence of achievement is retained. Supplier and customer relationships (Clause 8.8) require the organization to address AI governance in its contracts with AI providers and the AI obligations it places on customers who deploy its AI-enabled products.

Annex A: the AI-specific controls

Annex A to ISO/IEC 42001:2023 contains thirty-eight AI-specific controls organized across nine categories. Unlike the Annex A controls in ISO 27001, which are primarily information security controls, the ISO 42001 Annex A controls address AI-specific organizational and technical considerations that do not appear in general management frameworks.

Category A.2 covers AI policies, including controls on the organization's overall AI strategy, its AI use policy, and its approach to responsible AI. These controls are the policy layer that regulators and insurers examine first in any governance review. Category A.3 covers internal context, including controls on AI system documentation and the assignment of accountability for AI systems across the organization. Category A.4 covers resources, including the computational infrastructure and personnel competencies that AI activities require. Category A.5 addresses risk and impact assessment specifically for AI, including controls on the organization's approach to identifying and mitigating AI-related harms before deployment.

Categories A.6 through A.9 cover the AI system lifecycle in sequence. A.6 addresses design and development, including controls on specification of intended use, testing methodology, and bias and fairness considerations. A.7 covers data governance, including data quality, provenance, and the rights and obligations associated with training data. A.8 covers information for users of AI systems, which includes documentation requirements for external deployers and users. A.9 covers human oversight of AI systems, specifying controls for maintaining meaningful human intervention in AI decision processes.

Two controls in Annex A deserve particular attention for operators of autonomous AI agents. Control A.5.4 requires the organization to assess and document the potential for harm arising from the AI system's autonomous actions, including the scope of actions the system can take and the circumstances under which human review is required. This maps directly to the autonomy envelope concept in AI agent certification frameworks. Control A.9.1 requires that the organization maintains the ability to intervene in, override, and halt the AI system when necessary, and that persons with oversight responsibility have the competence and authority to exercise that ability. Both controls address the autonomous action dimension that distinguishes AI agents from conventional software.

The relationship with NIST AI RMF

NIST AI RMF 1.0, published in January 2023, and ISO/IEC 42001:2023 are the two dominant voluntary AI governance frameworks in use by large organizations in 2026. They were developed in parallel, with awareness of each other but with different primary audiences: NIST for US-based organizations and federal contractors, ISO 42001 for the international market and organizations seeking formal certification.

The two frameworks are complementary rather than competing. NIST AI RMF provides a more granular action catalogue through its Govern, Map, Measure, and Manage functions and approximately seventy subcategories. ISO 42001 provides a certifiable management system structure with auditable requirements. For an organization building against both, the practical integration approach is to treat NIST subcategory actions as the implementation evidence for ISO 42001 clauses. For example, the NIST GOVERN 1.1 subcategory (policies and procedures for AI risk management are in place) maps to ISO 42001 Clause 5.2 (the AI policy requirement). The NIST MEASURE 2.5 subcategory (AI system performance is monitored) maps to ISO 42001 Clause 9.1 (monitoring and evaluation).

The Generative AI Profile, NIST AI 600-1 published in July 2024, extends the RMF specifically to foundation models and autonomous agents. Its twelve risk categories, including confabulation, human-AI configuration, and value chain traceability, are not fully addressed by the ISO 42001 Annex A controls as published in the 2023 edition. NIST AI 600-1 and ISO 42001 should be used together for organizations deploying generative or agentic AI, with 600-1 providing the agent-specific risk vocabulary and ISO 42001 providing the management system container.

For operators building primarily to the NIST standard, see the companion analysis of NIST AI RMF and the emerging US standard of reasonable care.

ISO 42001 in US, European, and Asian governance contexts

United States. Colorado SB 24-205, codified at C.R.S. section 6-1-1701 et seq. and effective February 1, 2026, requires developers of high-risk AI systems to use reasonable care to protect Colorado consumers. The statute creates a rebuttable presumption of reasonable care for a developer that adopts a risk management programme aligned with a nationally or internationally recognised framework. ISO/IEC 42001 meets this description. Other states advancing similar legislation, including California AB 2013 and the Texas Responsible AI Governance Act proposals under discussion in 2026, reference similar safe harbour structures. Across US state AI statutes, ISO 42001 certification is becoming the most efficient path to demonstrating that a structured risk management programme exists.

European Union. The EU AI Act (Regulation (EU) 2024/1689) does not designate ISO 42001 as a harmonised standard, but the European AI Office has indicated that alignment with published international standards is a positive factor in compliance assessments for general-purpose AI providers under Articles 53 and 55. EIOPA's August 2025 opinion on AI governance for European insurers explicitly notes that AI management practices aligned with international standards reduce supervisory concern. For deployers of high-risk AI, ISO 42001 certification provides the documented management system that the quality management system requirement of Article 17 calls for, even though it does not substitute for the specific Annex IV technical documentation required by Article 11. For the EU-specific technical documentation requirements, see Agent Liability EU's Article 11 analysis.

Singapore. The Infocomm Media Development Authority's Model AI Governance Framework (2024 edition) references alignment with international AI management standards as a marker of responsible AI governance practice. Singapore's AI Verify testing framework, administered by IMDA, is designed to be compatible with ISO 42001 documentation requirements. The Monetary Authority of Singapore's Fairness, Ethics, Accountability and Transparency (FEAT) principles and the Veritas Initiative both reference governance documentation practices that align with ISO 42001 Annex A controls.

Canada. The Artificial Intelligence and Data Act (AIDA), originally introduced as part of Bill C-27, would have established high-impact AI obligations for Canadian operators. While AIDA's legislative path remained uncertain as of May 2026, the draft guidance published by Innovation, Science and Economic Development Canada referenced ISO 42001 as an appropriate management system standard for operators seeking to demonstrate responsible AI practices. The OECD AI Principles (2024 revision), which Canada has endorsed, also reference management system alignment as part of accountable AI deployment.

Korea. The Basic Act on Artificial Intelligence (passed by the Korean National Assembly in 2024, administered by the Ministry of Science and ICT) establishes principles for responsible AI and creates an AI ethics framework. The implementing guidance references alignment with international standards including ISO 42001 for organizations seeking to demonstrate compliance with Korea's responsible AI development principles. Korea was among the early adopters of ISO 42001 in the Asia-Pacific region, with several major Korean technology conglomerates pursuing certification ahead of the act's full implementation.

ISO 42001 and the Council of Europe Framework Convention

The Council of Europe Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law, adopted in September 2024 and open for signature by both Council of Europe member states and non-member states (including the United States, Canada, Japan, and Israel), establishes obligations for parties to ensure that AI systems meet standards of transparency, accountability, and human oversight. The Convention's Article 9 requires parties to adopt measures to ensure that AI systems affecting fundamental rights are subject to effective oversight and intervention. ISO 42001 Clause 8 and Annex A controls A.9.1 and A.5.4 address exactly these requirements at the organizational level.

For cross-border operators, the Convention represents the broadest multilateral consensus on AI governance principles currently in force. ISO 42001 certification provides a documented governance baseline that addresses the Convention's organizational requirements across all signatory jurisdictions simultaneously.

ISO 42001 certification and insurance underwriting

The insurance market has adopted ISO 42001 as a reference standard for AI governance evaluation. Armilla, the Lloyd's coverholder that provides AI coverage up to USD 25 million per company, explicitly references ISO risk management standards compliance in its underwriting criteria. Munich Re's aiSure underwriting process requires evidence of a documented risk management approach, and ISO 42001 certification provides exactly this evidence in a format that reduces underwriting uncertainty.

The AIUC-1 certification standard, published by the Artificial Intelligence Underwriting Company in 2025 and underlying ElevenLabs' February 2026 AI agent policy, requires evidence of governance documentation that maps to the ISO 42001 Annex A controls for AI policy, risk assessment, and human oversight. Organizations pursuing AIUC-1 certification that already hold ISO 42001 certification can reference their management system documentation rather than building a separate governance evidence file for the AIUC-1 process.

Across AI liability products available in 2026, the pattern is consistent: insurers treat ISO 42001 certification as shorthand for "this organization has a structured, audited, and documented approach to AI governance." The certification shortens underwriting timelines and can affect premium levels. For operators considering coverage before the August or December 2026 EU regulatory deadlines, ISO 42001 certification initiated now will not complete in time, but establishing alignment with the standard's controls and building toward certification provides meaningful benefit in the interim.

Common implementation gaps

Three implementation failures recur across organizations assessed against ISO 42001 controls before formal certification audits.

The first is incomplete scope definition. Organizations typically include their most visible AI systems in the AIMS scope while excluding AI used in internal processes (recruitment screening, performance management, document processing) or AI embedded in third-party tools. Regulators and insurers interpret a narrow scope as evidence that the organization has not taken full account of its AI risk exposure. A defensible AIMS scope covers all AI systems that materially affect business processes, customer interactions, or compliance obligations, not just the systems the organization built itself.

The second is a policy that is not operationalized. Organizations produce an AI use policy that satisfies Control A.2.1 on paper but cannot show how the policy shapes actual deployment decisions. An AI policy that is not linked to a procurement review process, a risk assessment gate, and a monitoring programme is a document, not a management system. Auditors and underwriters test whether the policy is operationalized, not just whether it exists.

The third is missing AI system impact assessments for deployed systems. Clause 8.4 requires impact assessments before deployment, but most organizations have AI systems already in production when they begin ISO 42001 preparation. Retrospective impact assessments for existing deployments are required to bring those systems into scope. Organizations that skip this step will fail Clause 8.4 in any audit of their existing portfolio.

Practical sequence for new adopters. Start with scope and AI inventory. Identify every AI system and process in scope. Conduct an impact assessment for each. Produce or update the AI use policy. Build the management review cycle. Then pursue formal certification. Attempting certification without the inventory and impact assessment step produces audit findings that require remediation before certification can be granted.

Frequently asked questions

What is ISO/IEC 42001:2023?

ISO/IEC 42001:2023 is the first certifiable international standard for AI management systems. Published in December 2023, it specifies requirements for establishing, implementing, maintaining, and improving an AI management system. It uses the High Level Structure common to ISO 9001, ISO 27001, and ISO 14001.

Is ISO/IEC 42001 certification mandatory?

No. ISO/IEC 42001 is voluntary. However, it is referenced in regulatory safe harbours including Colorado SB 24-205, in procurement frameworks, and in insurance underwriting criteria across multiple jurisdictions. For most large enterprises with cross-border AI deployments, certification is increasingly expected in practice.

How does ISO/IEC 42001 relate to NIST AI RMF?

The two frameworks are complementary. NIST provides a granular action catalogue across approximately seventy subcategories. ISO 42001 provides a certifiable management system structure. Most organizations build to both, using NIST subcategory actions as implementation evidence for ISO 42001 clauses. The Generative AI Profile (NIST AI 600-1, July 2024) extends NIST to autonomous agents and should be used alongside ISO 42001 for agentic deployments.

Does ISO/IEC 42001 satisfy EU AI Act obligations?

ISO 42001 certification does not substitute for EU AI Act compliance for high-risk AI systems. It provides the governance foundation that Article 17 (quality management system) and Article 26 (deployer obligations) build on. An organization with a certified AIMS will have the documented management infrastructure that EU AI Act compliance requires, but must additionally meet the specific technical documentation, conformity assessment, and registration requirements for high-risk systems.

What does ISO/IEC 42001 certification involve?

Certification follows a three-stage process: Stage 1 documentation review, Stage 2 on-site audit, and certification following a successful Stage 2. Surveillance audits typically occur annually, with full recertification after three years. Organizations should budget six to twelve months for initial certification preparation.

References

  1. ISO/IEC 42001:2023, Artificial intelligence management system. International Organization for Standardization and International Electrotechnical Commission. Geneva, December 2023.
  2. NIST AI Risk Management Framework 1.0 (AI RMF 1.0). National Institute of Standards and Technology. NIST AI 100-1. Gaithersburg, January 2023.
  3. NIST AI 600-1, Generative AI Profile. National Institute of Standards and Technology. July 2024.
  4. Colorado AI Act, SB 24-205. Codified at C.R.S. section 6-1-1701 et seq. Effective 1 February 2026.
  5. Model AI Governance Framework for Generative AI. Infocomm Media Development Authority. Singapore, 2024 edition.
  6. Monetary Authority of Singapore, FEAT Principles and Veritas Initiative documentation.
  7. Basic Act on Artificial Intelligence (AI Basic Act). Republic of Korea. Ministry of Science and ICT (MSIT). 2024.
  8. Council of Europe Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law. Council of Europe Treaty Series No. 225. September 2024.
  9. OECD Recommendation on Artificial Intelligence (2024 revision). Organisation for Economic Co-operation and Development. OECD Legal Instruments.
  10. European Insurance and Occupational Pensions Authority. Opinion on Artificial Intelligence Governance and Risk Management. August 2025.
  11. Regulation (EU) 2024/1689 (EU AI Act). Article 11 (technical documentation), Article 17 (quality management systems), Article 53 (GPAI provider obligations). OJ L, 12.7.2024.
  12. AIUC-1 AI Agent Certification Standard. Artificial Intelligence Underwriting Company, 2025.
  13. Armilla AI, AI risk assessment and coverage framework, armilla.ai, 2025 to 2026.