← Apex Delivery|Delivery SignalCIO AIICT PMOEnterprise PMOICT TOMISO GovernanceAI MaturityCybersecurity
ISO AI Governance Blueprint Wiki · July 2026

Ten Blueprints for ISO AI Governance

A practitioner-grade reference for the ISO/IEC AI standards ecosystem, centred on ISO/IEC 42001:2023 — the world's first certifiable AI management system standard. Dual-lens: executive strategy and implementer depth, kept separate.

ISO/IEC 42001:2023 · Certifiable ~350 Certified Orgs · 2026 SC 42 Ecosystem EU AI Act Crosswalk NIST AI RMF Mapped CMMI AIM · Jun 2026
Blueprint 01
ISO AI Ecosystem Landscape

ISO/IEC JTC 1/SC 42 — the joint technical subcommittee for artificial intelligence, established in 2017 under secretariat ANSI and chaired by Wael William Diab — is the standards body behind the entire ecosystem mapped on this page. Five working groups divide the work: WG1 foundational standards, WG2 data, WG3 trustworthiness, WG4 use cases and applications, WG5 computational approaches and characteristics of AI systems. At the 17th plenary in Singapore (April 2026, SC 42's first ASEAN plenary), Singapore's IMDA tabled ISO/IEC 42119-8 — the first proposed GenAI testing standard, covering benchmarking and red-teaming.

By the Numbers
The ecosystem at a glance
2023
ISO/IEC 42001 published — 18 December
~350
Organisations certified worldwide by spring 2026
38
Annex A controls
9
Annex A control objectives (A.2–A.10)
Jun 2026
CMMI AIM (AI Maturity model) launched
Management & Governance Layer
The certifiable core and its direct governance companions
📘

ISO/IEC 42001:2023

The AI Management System (AIMS) standard — the certifiable core of the entire ecosystem. Published 18 December 2023.

🔍

ISO/IEC 42005:2025

AI system impact assessment guidance. Published May 2025, ~39 pages. Guidance only — not certifiable.

🏅

ISO/IEC 42006:2025

Requirements for bodies providing audit and certification of AIMS — supplements ISO/IEC 17021-1 for the AI domain.

🧮

ISO/IEC 23894:2023

AI risk management guidance — extends ISO 31000:2018 principles, framework, and process to AI-specific risk.

🏛️

ISO/IEC 38507:2022

Governance implications of AI for the governing body — part of the 38500 IT governance family.

Technical & Trustworthiness Layer
The measurable substance beneath the management plane
StandardScope
TR 24028:2020Overview of trustworthiness in AI.
TR 24027:2021Bias in AI systems and AI-aided decision making.
25059:2023AI system quality model — SQuaRE extension; companion TS 25058:2024 quality measurement.
5338:2023AI system lifecycle processes.
5259 seriesML data quality — Parts 1-4 published 2024, Part 5 2025, Part 6 (TR) due 2026.
TS 4213:2022Machine learning classification performance — revision flagged October 2025.
24029 seriesNeural network robustness — TR-1:2021 overview, -2:2023 formal methods, DIS-3 statistical methods in development.
TS 8200:2024Controllability of automated AI systems.
12792:2025Transparency taxonomy of AI systems.
TS 6254:2025Objectives and approaches for explainability of ML models and AI systems.
TR 5469:2024Functional safety and AI systems.
⚠️ In Development — Watch SC 27, Not SC 42

Two consequential standards are being developed by SC 27 (security), not SC 42: FDIS 27090 AI security (stage 50.20 as of 23 June 2026, publication expected H2 2026 — covers data poisoning, evasion, model extraction, membership inference, and prompt injection) and DIS 27091 AI privacy (DIS ballot closes February 2026, publication expected late 2026 or 2027). Both are guidance documents, not certifiable.

🔮

Forthcoming from SC 42

  • AWI TR 42103 — synthetic data
  • 42119 series — testing standards, including 42119-8 GenAI testing (benchmarking + red-teaming)
  • prEN 42105 — human oversight
  • prEN 42102 — capability taxonomy (joint CEN-CENELEC JTC 21)
  • CD 42007 — conformity-assessment schemes
  • 22989 revision — may address AI agents
🏆 Authority Point

The ecosystem is a stack, not a menu — 42001 is the certifiable management plane; the technical standards supply the measurable substance auditors and regulators increasingly expect underneath it.

Blueprint 02
Executive / CIO Lens

This tab is written for the boardroom, not the audit room — strategic rationale, competitive positioning, and investment framing. Implementation detail lives in Tab 03. Keeping the two lenses separate is deliberate: executives need the "why now," implementers need the "how exactly," and mixing them dilutes both audiences.

Signal Strength
Why 2026 is the certification window
350+
Organisations certified to ISO/IEC 42001 worldwide
26%
Of organisations already taking steps to align (BSI research)
30 Mar 2026
Microsoft SSPA DPR v12 went live
~30
Orgs hold the 27001+27701+42001 "trifecta" (Oct 2025, Anecdotes)
1st
BSI dual UKAS+RvA accreditation — 17 Nov 2025
The Business Case
Five reasons this belongs on the CIO's 2026 agenda
🎯

Strategic Rationale

ISO/IEC 42001 is the first certifiable AI governance standard — following the SOC 2 procurement-gate trajectory. Microsoft SSPA DPR v12, live 30 March 2026, makes ISO 42001 mandatory for "Sensitive Use" AI suppliers — a concrete commercial trigger, not a hypothetical one.

🏆

Competitive Advantage of Early Certification

Scarcity is the differentiator today. BCG described itself as "among the first 100 organizations globally certified" (27 Jan 2026). Follow the ISO 27001 trajectory: while the certified population sits in the hundreds it differentiates; once it reaches thousands, it becomes baseline expectation.

🏛️

Board Reporting

ISO/IEC 38507 gives boards an evaluate–direct–monitor framework for AI. The AIMS integrates into existing governance structures, producing one consolidated risk view instead of a parallel AI reporting line.

⚖️

Regulatory Defence

Audit-ready evidence — risk management, impact assessment, post-market monitoring, incident handling — supports EU AI Act obligations and underpins a rebuttable presumption of reasonable care under Colorado SB 24-205 → SB 189 (effective 1 January 2027) and Texas TRAIGA (January 2026).

💰

Investment Framing

Year-one cost ranges from tens of thousands of dollars (SME, narrow scope, existing ISO 27001) to six figures (enterprise scope). Integrated audits with existing ISO management systems cut audit time and cost by 20-30%.

🏆 Authority Point

"Certify now while it is a differentiator, not yet an expectation." Watch for the trigger list: a procurement questionnaire that requires it, EU high-risk exposure, investor due diligence, or a Microsoft supply-chain requirement. Any one of these should move certification from "someday" to "this fiscal year."

Trigger Signals
Four signals that should move certification off "someday"
TriggerWhy it matters
Procurement Questionnaire Requires ItA customer or prospect's RFP now lists ISO/IEC 42001 as a requirement or scored criterion — the commercial case has arrived, not just the strategic one.
EU High-Risk ExposureAny AI system in scope could fall under EU AI Act high-risk classification — certifying early builds the audit trail before the 2 Aug 2026 deadline pressure hits.
Investor Due DiligenceAI governance maturity is increasingly a diligence line item for investors and acquirers — a certificate answers the question before it's asked.
Microsoft Supply-Chain RequirementSSPA DPR v12 makes certification mandatory for "Sensitive Use" AI suppliers — not optional if your organisation falls in that category.
Blueprint 03
Implementer Lens: Clause-by-Clause

This tab is deliberately kept separate from the Executive Lens (Tab 02) — it is written for the person building and operating the AIMS, not the person approving the budget for it. ISO/IEC 42001 follows the Annex SL Harmonized Structure shared across ISO management-system standards, so Clauses 4-10 will look familiar to anyone who has implemented ISO 27001 or ISO 9001. The AI-specific weight sits inside those familiar clause numbers.

Clause Structure
Clauses 4-10 — the auditable core
ClauseWhat it requires
4 · ContextInternal and external issues, the regulatory landscape, interested parties, AIMS scope, and — distinctively for 42001 — determination of the organisation's role: developer, provider, user, or producer of the AI system.
5 · Leadership5.1 top-management commitment · 5.2 AI policy · 5.3 assignment of roles, responsibilities and authorities.
6 · Planning6.1 risks and opportunities · 6.1.2 AI risk assessment · 6.1.3 risk treatment plus a mandatory comparison against Annex A · impact assessment · 6.2 AI objectives · 6.3 planning for change.
7 · Support7.1 resources · 7.2 competence · 7.3 awareness · 7.4 communication · 7.5 documented information.
8 · Operation8.1 operational planning and control · 8.2 AI risk assessment · 8.3 AI risk treatment · 8.4 AI system impact assessment — the full system lifecycle from design through decommissioning, including bias checks, human-in-the-loop design, and incident response.
9 · Performance Evaluation9.1 monitoring, measurement, analysis and evaluation · 9.2 internal audit (9.2.2 requires auditor independence from the activity being audited) · 9.3 management review.
10 · Improvement10.1 continual improvement · 10.2 nonconformity and corrective action.
Evidence Base
Mandatory documented information — what the auditor will ask to see
📂

The minimum documentation set

  • AIMS scope statement
  • AI policy
  • AI objectives
  • Risk-assessment methodology
  • Risk-treatment plan
  • Statement of Applicability (SoA)
  • Impact-assessment process
  • Internal-audit programme
  • Retained records — risk and impact assessments, competence evidence, internal audit results, management reviews
📌 Organisational Role — Decide This Before Scoping

Clause 4 requires the AIMS to record which role the organisation plays in relation to each AI system in scope — developer, provider, user (deployer), or producer. The role determines which Annex A controls are realistically applicable and which can be justifiably excluded in the Statement of Applicability. Get the role wrong at Clause 4 and the SoA built on it in Clause 6.1.3 inherits the error.

🏆 Authority Point

Clause 6.1.3 makes the Annex A comparison mandatory — you cannot skip a control your risk assessment finds inconvenient. Treat every Statement of Applicability exclusion as an evidentiary claim you will have to defend in Stage 2, not a paperwork formality you tidy up before the audit.

Blueprint 04
Annex A Controls Deep-Dive

Annex A is normative — every control must be considered during risk treatment, and any exclusion must be justified in the Statement of Applicability. Unlike ISO/IEC 27001, Annex A here functions as a reference set selected via the Clause 6.1.3 risk-treatment process rather than a fixed baseline everyone adopts wholesale. Annex B supplies the implementation guidance that auditors reference when testing whether a control is actually operating as designed.

The Full Control Set
9 objectives, 38 controls
ObjectiveControls
A.2 · Policies (3)A.2.2 AI policy · A.2.3 alignment with other organisational policies · A.2.4 policy review.
A.3 · Internal Organisation (2)A.3.2 roles and responsibilities · A.3.3 concern-reporting process (protected channel).
A.4 · Resources (6)AI system inventory · resource documentation · data resources (provenance and bias) · tooling resources · system and computing resources (including environmental impact) · human resources (diverse expertise).
A.5 · Impact Assessment (3)A.5.2 impact-assessment process · A.5.3 conducting the impact assessment per system · A.5.4 assessing AI system functionality and behaviour.
A.6 · System Lifecycle (10 — the largest objective)A.6.1.1 design and development objectives · A.6.1.2 data for development · development documentation · bias in data · robustness · operational concept · A.6.2.2 verification and validation testing · A.6.2.3 human oversight · A.6.2.4 event logging · A.6.2.5 deployment gate.
A.7 · Data for AI Systems (4)A.7.2 data for development and enhancement · A.7.3 acquisition and provenance · A.7.4 data quality · A.7.5 personal information and data preparation.
A.8 · Information for Interested PartiesDisclosure of AI system capabilities and limitations.
A.9 · Use of AI SystemsAcceptable-use requirements · intended-use verification · responsible-use practices.
A.10 · Third-Party and Customer RelationshipsSupplier due diligence · responsibility allocation across the AI supply chain.
Where Audits Bite
Highest audit weight — and the most common gaps
⚠️ Highest Audit Weight & Common Gaps

1. Human oversight (A.6.2.3) — auditors demand logs, escalation records, and override evidence. "Rubber-stamp" oversight fails.

2. Data governance and bias (A.6.1.4 + A.7) — the most common gap is a missing bias analysis or no data-lineage trail.

3. Supplier agreements (A.10) — auditors look for three specific provisions: audit rights, incident-notification timelines, and exit/data-return clauses.

🧭

The Practitioner Sequence That Works

Implementation order matters more than most teams assume:

  • A.2 Policies
  • A.5 Impact assessment
  • A.4 Resources
  • A.7 / A.6 Data and lifecycle
  • A.8 / A.10 Disclosure and third party
  • A.9 Use of AI
👤

Role Note — What "User" Organisations Can and Cannot Exclude

  • AI users (as opposed to developers) can exclude some A.6.1 development controls that don't apply to their role
  • They can never exclude: A.5 impact assessment, A.6.2.3 human oversight, A.8 disclosure, A.10 third-party governance
🏆 Authority Point

Auditors don't grade your policy prose — they sample operational evidence. If A.6.2.3 human oversight can't produce logs, escalation records, and override evidence on request, the certificate documents intent, not control.

Blueprint 05
Supporting Standards

None of the standards below certify anything on their own. They supply the methodology and measurable substance that ISO/IEC 42001's management clauses assume already exists — the "how" behind the AIMS "what."

Coverage Snapshot
How much of the ecosystem sits outside the certifiable core
3
Management-layer companion standards (23894, 42005, 38507)
11
Technical standards mapped in Tab 01
1
Of them — 23894 — directly extends ISO 31000:2018
~39pp
Length of the ISO/IEC 42005:2025 guidance document
The Companion Standards
What each one contributes to the AIMS
🎲

ISO/IEC 23894:2023 — AI Risk Management

Mirrors ISO 31000's principles, framework, and process, with AI-specific guidance layered on top. This is the "how" of AI risk assessment inside an AIMS. Organisations already aligned to ISO 31000 can adopt it incrementally rather than building a parallel risk process.

🔍

ISO/IEC 42005:2025 — Impact Assessment

A lifecycle impact-assessment framework covering effects on individuals, groups, and society — including foreseeable applications, not just intended ones. Complements Clause 6.1 and Clause 8.4. Functions as a DPIA-analogue that aligns with EU AI Act expectations. It is internal guidance — there is no external audit against 42005 itself.

🏛️

ISO/IEC 38507:2022 — Governing-Body Guidance

Guidance for the governing body on effective, efficient, and acceptable use of AI within the organisation. Ties directly to the accountability structures ISO/IEC 42001 requires at the leadership level.

📎

Annex C — AI Objectives & Risk Sources

Part of ISO/IEC 42001 itself, not a separate standard. Supplies the underlying catalogue of AI-specific objectives and risk sources that a Clause 6.1.2 / 23894 risk assessment should draw from — the reference list that keeps a risk register from missing AI-specific categories a generic ISO 31000 process wouldn't surface on its own.

🧪

The Technical Standards Layer

The measurable substance behind the management layer: 25059 quality, 5338 lifecycle, 5259 data quality, 24029 robustness, TS 8200 controllability, 12792 transparency, TS 6254 explainability, TR 24027 bias, TR 24028 trustworthiness — plus the forthcoming FDIS 27090 (security) and DIS 27091 (privacy) from SC 27. Full detail in Tab 01.

🏆 Authority Point

23894 tells you how to run AI risk inside an AIMS; 42005 tells you who a system affects and how; 38507 tells the board what good oversight looks like. None of the three is certifiable alone — that is the point. Together they supply the substance a 42001 audit tests against.

Blueprint 06
Certification Roadmap

The path from a readiness assessment to a live certificate typically runs 4-12 months — and it compresses to 4-6 months for organisations extending an existing ISO 27001 ISMS rather than building an AIMS from a blank page.

The Certification Path
Nine stages from gap analysis to recertification
🔎
Readiness / Gap
2wk–3mo
📐
AIMS Design
1–3mo
🛠️
Implement & Train
1–4mo
🧾
Audit + Mgmt Review
~1mo
📋
Stage 1
Docs review
🕵️
Stage 2
Effectiveness
📜
Certificate
3 years
📡
Surveillance
Annual
🔄
Recertification
Year 3/4
Stage Detail
What happens at each stage — and how long it takes
StageDuration / costWhat happens
1 · Readiness / Gap Analysis2 weeks – 3 months · $5k–$15kDetermine scope, organisational role, and build the initial AI system inventory.
2 · AIMS Design & Documentation1–3 monthsWrite the policy, risk and impact-assessment methodologies, Statement of Applicability, and data-governance documentation.
3 · Implementation & Training1–4 monthsThe AIMS must operate for roughly 3 months minimum, including a management review and a full internal-audit cycle, before certification can proceed.
4 · Internal Audit + Management Review~1 monthThe auditor must be independent of the activity being audited (Clause 9.2.2) — internal staff from another function, or a third party.
5 · Stage 1 — Documentation Review1–2 days for small organisationsThe certification body reviews documentation for completeness. Fix findings here — it is far cheaper than fixing them after Stage 2.
6 · Stage 2 — Implementation & Effectiveness4 days (very small org) to ~30 days (large enterprise)Operational sampling — auditors test whether controls actually run, not just whether they're documented. Harder to falsify than a paper review.
7 · Certificate, Surveillance, Recertification3-year certificateAnnual surveillance audits sample Clauses 8-10 plus selected Annex A controls; full recertification in year 3 or 4.
Cost Benchmarks
What organisations report paying
$7k–$20k
Initial CB fees, low end (Vanta)
$20k–$40k
Year-one cost, mid/large org (Schellman)
$25k–$50k
BSI / DNV year-one (Elevate Consult)
$3.5k–$20k+
Surveillance — $3.5k–$9k (Vanta) to $13k–$20k+ (Schellman)
4–12mo
Typical implementation timeline
4–6mo
If an ISO 27001 ISMS already exists
Getting It Right
Choosing a certification body — and avoiding the common failure points
🏅

Choosing a Certification Body

  • Confirm accreditation — ANAB, UKAS, RvA, DAkkS, or JAS-ANZ — with 42001 explicitly in scope
  • Verify via the IAF CertSearch, ANAB, or UKAS public registers — not vendor marketing claims
  • Get at least 3 quotes before committing
  • ANAB-accredited CBs include Schellman (first, 24 September 2024), A-LIGN, Coalfire, SGS North America, and TÜV Rheinland North America
  • BSI's dual UKAS+RvA accreditation is the highest bar for UK/EU procurement credibility
🚧

Common Failure Points

  • Documentation without operation — "you wrote it but you aren't running it"
  • Weak or over-broad AIMS scope
  • Incomplete AI system inventory
  • Undocumented risk assessments
  • Missing human-oversight evidence
  • Third-party AI (APIs, SaaS) omitted from supplier management
⏱️

The Nonconformity Clock

  • Nonconformity reports: due within ~14 days
  • Correction evidence: due within 30 days
  • Major-finding remediation: due within 60 days
🔗

Already Hold ISO 27001?

Extend the existing ISMS — don't build a parallel system. Roughly 50% of controls are reusable, and the risk register, internal-audit programme, and management review can be shared. Integrated audits save 20-30% versus separate audit cycles, and the implementation timeline compresses from 6-12 months to 4-6 months.

🏆 Authority Point

"Documentation without operation" is the single most common failure point in the entire certification path. Stage 2 exists specifically to sample for it — fix the gap between what's written and what's running before your certification body finds it for you.

Blueprint 07
Regulatory Crosswalk

ISO/IEC 42001 sits alongside — not inside — the binding regulatory frameworks below. It operationalises many of the obligations these laws impose, but "operationalises" is not the same as "satisfies." Know exactly where the certificate helps and where it doesn't.

Key Dates & Numbers
The regulatory clock CIOs and implementers are both watching
2 Aug 2026
EU AI Act high-risk obligations deadline (subject to Digital Omnibus)
4
NIST AI RMF functions crosswalked to 42001
72
NIST AI RMF subcategories mapped to 42001 clauses & Annex A
1 Jan 2027
Colorado SB 24-205 → SB 189 effective date
Jan 2026
Texas TRAIGA effective
Framework by Framework
What each regime requires, and where 42001 fits
FrameworkStatus & relationship to 42001
EU AI ActISO/IEC 42001 is not harmonised — it confers no Article 40 presumption of conformity. The EU AI Office stated (May 2024) that 42001 is not fully aligned with the final Act. prEN 18286 (a QMS standard for Article 17) was in public enquiry 30 October 2025 – 22 January 2026 and is expected, via CEN-CENELEC, to fulfil what 42001 doesn't. High-risk obligations apply from 2 August 2026 (the Digital Omnibus may adjust this — plan against the current deadline until it changes). 42001 operationalises many Act obligations — risk management, post-market monitoring, Article 73 incident reporting, technical documentation. Net: a credibility lift, not a legal shield.
NIST AI RMFAn official crosswalk exists, mapping the RMF's 4 functions and 72 subcategories to 42001 clauses and Annex A controls. The overlap is substantial; the differences are structural rather than substantive. The RMF itself is voluntary and non-certifiable.
US State LawsColorado SB 24-205 → SB 189 (effective 1 January 2027) and Texas TRAIGA (January 2026) both offer a rebuttable presumption of reasonable care, or an affirmative defence, for organisations aligned to ISO 42001 or the NIST AI RMF.
Global AdoptionAligned or reference-standard status across Singapore, Canada, the UK, Japan, Brazil, and Colombia — detail by jurisdiction below.
Jurisdiction Detail
Global adoption, jurisdiction by jurisdiction
🇸🇬

Singapore

Model AI Governance Framework 2.0 is aligned with 42001 and, as of January 2026, is the first published agentic-AI governance framework anywhere in the world.

🇨🇦

Canada

The Artificial Intelligence and Data Act (AIDA) mirrors the EU's high-risk classification approach.

🇬🇧

United Kingdom

BSI has adopted BS ISO/IEC 42001 and BS ISO/IEC 42006 directly into the national standards catalogue.

🇯🇵

Japan

A key early adopter of the standard within the Asia-Pacific certification market.

🇧🇷

Brazil & Colombia

Brazil's LGPD AI guidance and Colombia both reference ISO/IEC 42001 as a benchmark standard for AI governance maturity.

🏆 Authority Point

ISO 42001 is a credibility lift, not a legal shield — it operationalises the obligations regulators check for, but only OJEU-cited harmonised standards, like the forthcoming prEN 18286, confer the EU AI Act's presumption of conformity. Certify for governance maturity and procurement leverage; don't market it as compliance.

Blueprint 08
Integration with Existing Management Systems

Every organisation building an AIMS from scratch is doing unnecessary work if it already runs ISO 27001, 27701, or 9001. The Annex SL Harmonized Structure means Clauses 4-10 occupy identical positions across all four standards — the integration opportunity is structural, not just convenient.

Where the Overlap Is — and Isn't
Four management systems, one shared backbone

Shared Annex SL Backbone

  • Clauses 4-10 occupy identical positions across ISO/IEC 42001, 27001, 9001, and 27701
  • Same core structure: context, leadership, planning, support, operation, evaluation, improvement
  • Enables a single integrated management system rather than four parallel ones

ISO/IEC 27001

  • Roughly 50% control reuse
  • Extend the existing asset register into an AI inventory
  • Reuse risk methodology, incident response, and supplier controls
  • The remaining ~50% is genuinely AI-specific — bias, drift, impact assessment, training-data quality, responsible use — and must be built fresh

ISO/IEC 27701

  • The privacy extension to 27001
  • Control A.7.5 connects the AIMS directly to GDPR and DPIA processes
  • Only ~30 organisations hold the full 27001+27701+42001 trifecta (October 2025) — a meaningful differentiator while that stays true

ISO 9001

  • Reuse change control, corrective action, and performance-monitoring processes
  • Annex D of 42001 gives explicit integration guidance covering 27001, 27701, 9001, and 22301
⚠️ The Integration Trap

Annex SL gives you a shared management plane, but each standard still demands domain depth. A generic risk register that hasn't been extended with AI-specific fields — bias, drift, provenance, human oversight — won't prove AI-specific control to an auditor, no matter how well it serves ISO 27001.

🏆 Authority Point

Annex D gives you the mapping — the discipline is doing the roughly 50% integration work with 27001 properly and still building the other half fresh, not stretching one generic risk register across four standards and calling it done.

Blueprint 09
Honest Assessment: Criticisms & Limitations

A practitioner reference that only sells the standard isn't useful in an audit. These are the limitations worth knowing before you commit budget and credibility to certification.

What ISO/IEC 42001 Doesn't Do
Five honest limitations
🎯

Management System ≠ Product Safety

Certification proves your governance process operates — not that your model is safe, accurate, or fair. The academic "CEDAR-42001" framework has quantified this as a documented "conformity-assurance gap."

☑️

Box-Ticking Risk

Documentation can describe controls that don't actually operate. Stage 2 operational sampling mitigates this risk — it doesn't eliminate it. "Certificate-in-two-weeks" vendors are selling documentation, not a running system.

🇪🇺

Not EU-Harmonised

No presumption of conformity means the full evidentiary burden remains yours if a market-surveillance authority challenges your AI system.

📄

Non-Prescriptive

Principle-based flexibility is a feature and a limitation — the standard offers little technical specification, in contrast to prEN 18286 and emerging sector-specific rules. Technical depth has to be imported from the supporting standards (Tab 05).

🌱

Immature Market

Auditor experience is still building. Unaccredited certificates circulated early in the market's life — including one "first certified" claim that predated the standard's own publication. Pricing is less predictable than the mature ISO 27001 market.

📌 Data Caveats & Methodology

The ~350 certified organisations figure is a lower bound assembled from certification-body and company announcements — no official public register exists. Costs cited throughout this wiki are industry-reported ranges, not vendor quotes. Annex A sub-numbering varies across secondary sources; treat the purchased ISO/IEC 42001:2023 text as authoritative. One claim was deliberately excluded as unverifiable: "83% of Fortune 500 procurement teams will require ISO 42001 by 2027," attributed to Gartner in trade press but unsubstantiated in any primary source. Regulatory timelines — the Digital Omnibus, US state laws — remain in flux; verify before making date-specific commitments to stakeholders.

🏆 Authority Point

The conformity-assurance gap is real: 42001 audits whether your governance process runs, not whether your model is safe, accurate, or fair. Buy the technical depth — 24029 robustness, 24027 bias, 25059 quality — to close that gap. Don't expect the certificate to close it for you.

Blueprint 10
Implementation Checklist & Maturity Ladder

Twenty-three checkpoints across six groups, plus the five-level maturity ladder that tells you honestly where your organisation sits today. Checkbox state is saved locally in your browser.

Readiness Checklist
Foundations through assurance
Foundations
Governance
Risk & Impact
Lifecycle
Third Party
Assurance
Maturity Ladder
Five levels — from ad hoc to regulator-ready
1

Ad Hoc

Informal policies, no clear ownership. AI governance exists as intent, not practice.

2

Documented / Compliance-Only

The AIMS is built — policies, risk methodology, SoA all exist — but it has not yet been certified by an accredited third party.

3

Certified

An accredited third-party certification body has issued the certificate — Stage 1 and Stage 2 both passed.

4

Integrated

The AIMS operates as one system with ISO 27001, 27701, and/or 9001 — shared risk register, shared internal audit, shared management review.

5

Continuously Improved & Regulator-Ready

Living controls, mapped once to the EU AI Act, NIST AI RMF, and relevant state laws — ready to pivot the moment a new regulation lands, because the mapping work is already done.

🏆 Authority Point

Map controls once to all frameworks — using the NIST crosswalk as the bridge — so that new regulations become mapping exercises, not rebuilds. Watch two triggers that should force a re-plan: an OJEU citation of prEN 18286, or a confirmed change to the 2 August 2026 high-risk deadline.