How many controls does ISO 42001 Annex A have?

39 controls organised into nine categories (A.2 to A.10). Organisations select which controls apply via the Statement of Applicability; exclusions must be justified.

What is the difference between an AI risk assessment and an AI impact assessment?

The risk assessment under clause 6.1 is the organisation's own view of risks to its AI objectives. The AI system impact assessment under 8.4 and A.5 is the assessment of impacts on individuals, groups and society for each AI system.

Do we need a separate AI policy or can we extend our security policy?

A separate AI policy is typical and auditor-friendly because it makes the AI-specific commitments visible. Extending the security policy is acceptable if AI commitments are clearly marked and reviewed separately.

Is internal audit required?

Yes. Clause 9.2 requires internal audit at planned intervals, conducted by competent and impartial auditors. The auditor cannot audit their own work but can be internal to the organisation.

Does ISO 42001 require a data protection officer?

No. ISO 42001 does not impose specific role titles, but it requires clear allocation of responsibilities for the AIMS. Organisations often combine the AI governance lead with the existing DPO, CISO or compliance function.

Does ISO 42001 cover generative AI specifically?

Yes, generative AI is in scope as an AI system, and Annex A controls on third-party AI (A.10) and use of AI systems (A.9) are particularly relevant for organisations consuming generative AI as a service.

Last reviewed: May 2026 · 12 min read

ISO 42001 Requirements: Clauses, Annex A, and What Auditors Look For

How the standard is structured

ISO 42001 uses the same Harmonized Structure as ISO 27001, 9001 and 14001 — clauses 1-3 are scope, references and definitions; clauses 4-10 are the auditable management system requirements; Annex A is a normative reference list of AI-specific controls; Annex B is implementation guidance; Annexes C-D give context on AI objectives and the AI lifecycle.

Clause 4 — Context of the organization

Identify internal and external issues relevant to the AI management system (AIMS), interested parties (regulators, customers, affected persons, suppliers), and their relevant requirements. Determine the scope of the AIMS: which AI systems, processes, sites and entities are included. Auditors look for a documented scope statement, a stakeholder register, and evidence the scope was reviewed against the organisation's AI portfolio.

Clause 5 — Leadership

Top management must demonstrate leadership and commitment: AI policy, allocation of roles and responsibilities, and integration of AI requirements into business processes. The AI policy must be appropriate to the purpose of the organisation and include commitment to comply with applicable requirements and to continual improvement. Auditors look for a signed and dated policy, role assignments and minutes of leadership reviews of the AIMS.

Clause 6 — Planning

Three planning requirements: actions to address risks and opportunities, AI objectives and planning to achieve them, and planning of changes to the AIMS. The most distinctive ISO 42001 element here is the AI risk assessment linked to the AI system impact assessment (Annex A.5). Auditors look for a defined risk methodology, a risk register covering each AI system in scope, AI objectives that are measurable, and a change-control log.

Clause 7 — Support

Resources, competence, awareness, communication and documented information. Competence evidence is especially scrutinised because AI roles often sit across data science, engineering, product, legal and compliance — a competence matrix that maps each role to AI governance responsibilities is the simplest way to satisfy 7.2 and 7.3. Documented information requirements (7.5) cover creation, control and retention of evidence.

Clause 8 — Operation

Operational planning and control, AI system impact assessment, AI system lifecycle management and management of third-party AI. This clause is where most of the operational evidence lives. It includes:

AI system impact assessment — assessing the impact on individuals, groups and society for each AI system (8.4).
AI system lifecycle — design and development, verification and validation, deployment, operation and monitoring, retirement (8.5-8.7).
Data for AI systems — provenance, quality, preparation (8.3).
Third-party relationships — supplier due diligence for AI providers and integrators (Annex A.10).

Clause 9 — Performance evaluation

Monitoring, measurement, analysis and evaluation. Internal audit must be performed at planned intervals. Management review must address AIMS performance and changes to internal and external issues, including changes to AI risks and opportunities. Auditors look for a defined measurement plan, internal audit programme and reports, and dated management review minutes with decisions and actions.

Clause 10 — Improvement

Nonconformity and corrective action, continual improvement. Every nonconformity (whether raised internally or by the external auditor) needs root-cause analysis and a verified corrective action. The CAPA log is one of the first artefacts auditors review.

Annex A — the 39 controls in 9 categories

Annex A is a reference list of controls organisations should consider; the Statement of Applicability records which controls are applied, which are excluded, and the justification. The nine categories are:

A.2 Policies related to AI — AI policy and supporting policies.
A.3 Internal organisation — roles, responsibilities, segregation of duties for AI activities.
A.4 Resources for AI systems — compute, data, tooling, human resources.
A.5 Assessing impacts of AI systems — AI system impact assessment process.
A.6 AI system life cycle — design, development, verification, validation, deployment, monitoring, retirement.
A.7 Data for AI systems — data quality, provenance, preparation.
A.8 Information for interested parties — system documentation, incident reporting, communication.
A.9 Use of AI systems — intended use, responsible use, human oversight.
A.10 Third-party and customer relationships — supplier and customer obligations.

The AI system impact assessment in detail

Annex A.5 and clause 8.4 together require an impact assessment for each AI system. Auditors look for a documented methodology and a completed assessment for every system covering at minimum: intended purpose, foreseeable misuse, affected individuals and groups, potential harms (fairness, safety, privacy, security, environment), residual risk after mitigations, review schedule and ownership. The assessment must be refreshed when the system changes materially or its context of use changes.

Common nonconformities raised in first audits

Scope mismatch — an AI system in production that wasn't included in the AIMS scope.
Generic AI policy — policy text copied from templates without organisation-specific commitments.
Impact assessments missing dimensions — fairness or environmental impact omitted; foreseeable misuse not analysed.
Third-party AI gap — embedded AI features in SaaS tools not assessed.
Weak management review evidence — AI items merged into a generic security management review without distinct discussion.
Incomplete data provenance records — training and validation datasets without documented sources, licences and quality checks.

How ISO 42001 maps to the EU AI Act

ISO 42001 does not deliver legal compliance with the EU AI Act, but its requirements overlap substantially with the Act's obligations for high-risk systems. The mapping is strongest on risk management, data governance, technical documentation, post-market monitoring and quality management. Many organisations operate one combined evidence base. See our high-risk AI systems guide for the AI Act side of the mapping.