What is ISO/IEC 42001?
ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizing AI-based products or services, ensuring responsible development and use of AI systems.
Why is ISO/IEC 42001 important?
ISO/IEC 42001 is the world’s first AI management system standard, providing valuable guidance for this rapidly changing field of technology. It addresses the unique challenges AI poses, such as ethical considerations, transparency, and continuous learning. For organizations, it sets out a structured way to manage risks and opportunities associated with AI, balancing innovation with governance.
Get extra value in your mailbox
Register for related resources and updates!
To learn how your data will be used, please see our privacy notice.
- Framework for managing risk and opportunities
- Demonstrate responsible use of AI
- Traceability, transparency and reliability
- Cost savings and efficiency gains
Organizations of any size involved in developing, providing, or using AI-based products or services. It is applicable across all industries and relevant for public sector agencies as well as companies or non-profits.
Yes, it's designed to be applicable across various AI applications and contexts.
An AI management system, as specified in ISO/IEC 42001, is a set of interrelated or interacting elements of an organization intended to establish policies and objectives, as well as processes to achieve those objectives, in relation to the responsible development, provision or use of AI systems. ISO/IEC 42001 specifies the requirements and provides guidance for establishing, implementing, maintaining and continually improving an AI management system within the context of an organization.
The ISO/IEC 42001 standard offers organizations the comprehensive guidance they need to use AI responsibly and effectively, even as the technology is rapidly evolving. Designed to cover the various aspects of artificial intelligence and the different applications an organization may be running, it provides an integrated approach to managing AI projects, from risk assessment to effective treatment of these risks.
- Responsible AI: ensures ethical and responsible use of artificial intelligence.
- Reputation management: enhances trust in AI applications.
- AI governance: supports compliance with legal and regulatory standards.
- Practical guidance: manages AI-specific risks effectively.
- Identifying opportunities: Encourages innovation within a structured framework.
ISO has a number of standards that help mitigate the risks and maximize the rewards of AI, including ISO/IEC 22989, which establishes terminology for AI and describes concepts in the field of AI; ISO/IEC 23053, which establishes an AI and machine learning (ML) framework for describing a generic AI system using ML technology; and ISO/IEC 23894, which provides guidance on AI-related risk management for organizations.
ISO/IEC 42001 on the other hand is a management system standard (MSS). Implementing this standard means putting in place policies and procedures for the sound governance of an organization in relation to AI, using the Plan‐Do‐Check‐Act methodology. Rather than looking at the details of specific AI applications, it provides a practical way of managing AI-related risks and opportunities across an organization. It therefore provides value for any business or entity.