How many controls does ISO 42001 Annex A have?

39 controls organised in 9 categories from A.2 to A.10. Annex A is normative; each control must be addressed in the Statement of Applicability.

Do I have to apply every Annex A control?

No. You select controls based on your AI risk assessment. Exclusions are allowed when justified — for example a pure deployer of third-party AI can legitimately exclude development-only controls in A.6.

What is the Statement of Applicability?

A document that lists every Annex A control with status (applied or excluded), justification, and a reference to the implementing evidence. It is the auditor's primary navigation aid into the AIMS.

Which category is hardest to evidence?

A.5 (impact assessment) and A.10 (third-party AI). Impact assessment because it requires substantive analysis that cannot be templated, and A.10 because most organisations under-document the AI they consume from vendors.

Does ISO 42001 require model cards?

Annex A.6 and A.8 effectively require model documentation that covers intended purpose, performance, known limitations and data. Model cards or system cards are the most common format auditors see, but the standard does not mandate a specific template.

Last reviewed: May 2026 · 14 min read

ISO 42001 Annex A Controls: All 39 Explained

How Annex A works

Annex A is a reference list of organisational, process and technical controls relevant to responsible AI. Clause 6.1.3 of the standard requires you to compare the Annex A list with the controls you have selected from your AI risk assessment, and produce a Statement of Applicability (SoA) listing each control as applied or excluded with justification. Annex B of the standard provides non-binding implementation guidance for each control.

A.2 — Policies related to AI (2 controls)

A.2.2 AI policy. The organisation must define, approve, publish and review an AI policy. Evidence: signed policy, distribution record, scheduled review cycle.
A.2.3 Alignment with other organisational policies. The AI policy must align with existing policies (security, privacy, HR, procurement). Evidence: policy cross-reference table or one consolidated policy framework.

A.3 — Internal organisation (3 controls)

A.3.2 AI roles and responsibilities. Define accountabilities across the AI lifecycle. Evidence: RACI matrix, job descriptions referencing AI duties.
A.3.3 Reporting of concerns. A mechanism for staff and external parties to raise concerns about AI systems. Evidence: whistleblower channel covering AI, escalation log.

A.4 — Resources for AI systems (6 controls)

Covers human resources, data resources, tooling and computing resources, and system and computing resources. The standard expects an inventory of each, with documented assessment of sufficiency for the AI systems in scope. Evidence: resource register, capacity plans, competence matrix mapped to AI roles.

A.5 — Assessing impacts of AI systems (4 controls)

The most distinctive ISO 42001 area. Controls require an AI system impact assessment process and the documented assessment of impacts on individuals, groups and society for each AI system. The assessment must consider intended use, foreseeable misuse, fairness, safety, privacy, security, environment and human oversight, and must be refreshed when the system or its context of use changes materially. See our deep dive on AI system impact assessment.

A.6 — AI system life cycle (7 controls)

Covers objectives, design and development, verification and validation, deployment, operation and monitoring, technical documentation, and event logging. Evidence is wide: model cards, test reports, deployment checklists, monitoring dashboards, technical documentation packages, and audit logs of AI-relevant events.

A.7 — Data for AI systems (5 controls)

Provenance, quality, preparation, and information about training data. Each dataset used to train, validate or operate an AI system in scope must have documented source, licence, quality checks, preparation steps and known limitations. Evidence: dataset registry, data sheets, data quality reports.

OneTrust homepage describing AI governance and ISO 42001 framework support — OneTrust positions its AI Governance module against ISO 42001 Annex A categories — particularly impact assessment (A.5) and AI lifecycle (A.6). Source: onetrust.com (captured May 2026)

A.8 — Information for interested parties (4 controls)

System documentation, information for users, external reporting and incident communication. For deployers using third-party AI, this is where evidence of vendor documentation (model cards, system cards, terms of use, intended-purpose statements) is collected and reviewed.

A.9 — Use of AI systems (3 controls)

Processes for responsible use, objectives for use, and intended use of AI systems. Evidence: user guidance documents, acceptable-use policies, training records demonstrating users understand intended purpose and limitations.

A.10 — Third-party and customer relationships (5 controls)

Allocation of responsibilities, supplier processes, customer obligations, and the impact of customer use. This is the most under-evidenced category in 2026 — most organisations consume more AI than they build, and Annex A.10 controls cover that surface area.

The Statement of Applicability

For every Annex A control, the SoA records: control reference, statement of whether the control is applied, justification for inclusion or exclusion, and a pointer to the implementation evidence. Auditors review the SoA first and trace control-by-control through evidence. A clean SoA is the single most efficient preparation artefact for a Stage 2 audit. See our ISO 42001 templates for an SoA starter.

Justified exclusions

Exclusions are legitimate. A pure deployer of third-party AI may exclude A.6 controls that apply only to organisations developing AI systems. A research lab not yet productionising models may scope out some A.7 controls. What auditors will not accept is exclusion without justification or evidence that the underlying risk is otherwise managed.