Hael
Sign inRequest a demo
ISO/IEC 42001 · Learn

ISO/IEC 42001: plain-English guides for the people who operate it.

ISO/IEC 42001, explained. ISO/IEC 42001 is the world's first international, certifiable standard for an Artificial Intelligence Management System (AIMS). Published in December 2023, it gives organisations a structured framework for governing AI responsibly across its lifecycle, and uniquely it can be independently audited and certified by an accredited body. The standard is built on the familiar Plan-Do-Check-Act cycle and the same high-level management-system shape as ISO 27001 and ISO 9001, so teams with existing governance recognise it immediately. It defines what an AI management system contains, leadership and policy, planning and risk assessment, support, operation, performance evaluation, and improvement, and pairs those clauses with a set of AI-specific controls in Annex A covering AI policy, the AI lifecycle, data for AI, transparency, and responsible use. Organisations adopt ISO 42001 for different reasons. AI vendors use it as a procurement signal, the equivalent of ISO 27001 for AI governance, that shortens enterprise sales cycles. Enterprises running many AI systems use it to bring consistency and a defensible governance posture across the business. Organisations in regulated sectors and those preparing for binding laws like the EU AI Act adopt it because the substance of the work overlaps and the certificate gives them independent proof. These guides are written for the people who have to operate the management system, not just describe it. The hub is organised into six sections: Introduction (what the standard is, who needs it, what an AIMS contains), Requirements (clauses and Annex A controls), Certification (process, cost, time, audit preparation), For vendors, For enterprise, and Comparisons against SOC 2 and the wider regulatory landscape.

Guides

What to read first.

ISO/IEC 42001 · Introduction
What is ISO 42001?
A plain-English explainer of ISO/IEC 42001, the first certifiable AI management system standard, covering what it is, its structure, and why it matters.
6 min readRead guide →
ISO/IEC 42001 · Introduction
Who needs ISO 42001 certification?
A guide to who benefits from ISO 42001 certification, from AI vendors and enterprises to regulated sectors, and when it is worth pursuing.
6 min readRead guide →
ISO/IEC 42001 · Introduction
What is an AI management system (AIMS)?
An explanation of what an AI management system (AIMS) is, the concept at the heart of ISO 42001, and how it governs AI across an organisation.
6 min readRead guide →
ISO/IEC 42001 · Requirements
ISO 42001 requirements explained
A guide to the requirements of ISO 42001, walking through the management-system clauses and the AI-specific Annex A controls.
7 min readRead guide →
ISO/IEC 42001 · Requirements
A guide to the ISO 42001 Annex A controls
A guide to the AI-specific controls in ISO 42001's Annex A, explaining the main control areas and how organisations select and apply them.
7 min readRead guide →
ISO/IEC 42001 · Certification
The ISO 42001 certification process: a step-by-step roadmap
A step-by-step roadmap to ISO 42001 certification, from building the management system through the two-stage audit and ongoing surveillance.
7 min readRead guide →
ISO/IEC 42001 · Certification
How much does ISO 42001 certification cost?
An explanation of what drives the cost of ISO 42001 certification, the main expense categories, and how readiness affects the total.
6 min readRead guide →
ISO/IEC 42001 · Certification
How long does ISO 42001 certification take?
An explanation of how long ISO 42001 certification takes, the phases that consume the time, and what makes the timeline shorter or longer.
6 min readRead guide →
ISO/IEC 42001 · Certification
ISO 42001 compliance checklist
A step-by-step ISO 42001 compliance checklist covering scope, policy, risk assessment, controls, evidence, internal audit, and certification.
6 min readRead guide →
ISO/IEC 42001 · Certification
How to prepare for an ISO 42001 audit
A practical guide to preparing for an ISO 42001 certification audit, covering documentation, evidence, internal audit, and readiness.
6 min readRead guide →
ISO/IEC 42001 · Certification
The ISO 42001 audit: internal and external audits explained
An explanation of the audits in ISO 42001: the internal audits an organisation runs and the external two-stage certification and surveillance audits.
6 min readRead guide →
ISO/IEC 42001 · Introduction
5 benefits of ISO 42001 certification
The five main benefits of ISO 42001 certification, from verifiable proof of responsible AI to faster sales and regulatory readiness.
5 min readRead guide →
ISO/IEC 42001 · Comparisons
ISO 42001 vs SOC 2: what is the difference?
A clear comparison of ISO 42001 and SOC 2, covering what each assesses, certification versus attestation, AI versus security focus, and how they fit together.
6 min readRead guide →
ISO/IEC 42001 · For vendors
ISO 42001 for AI vendors: turning certification into deals
A guide for AI vendors on how ISO 42001 certification accelerates enterprise sales by providing independent proof of responsible AI governance.
5 min readRead guide →
ISO/IEC 42001 · For enterprise
ISO 42001 for enterprises: governing AI at scale
A guide for enterprises on using ISO 42001 to govern AI consistently across the organisation and to evidence responsible AI to regulators and customers.
6 min readRead guide →
Free check

See where you stand on ISO/IEC 42001, free.

Answer a few questions and get an indicative view of what ISO/IEC 42001 expects of your AI systems and where you stand today — no sign-up to see your result.

Indicative, not legal advice.
ISO/IEC 42001 · indicative readiness
HAEL FREE TOOL
Applicability
Applies to your AI use
What's expected
Risk classification · governance · documentation · oversight
Where you stand
Banded result · pointed to the gaps that matter most
Result
On-screen, free · optional PDF
Pre-scoped to ISO/IEC 42001~ 5 MIN