July 7, 2026 By Tim Rice Framework

For years, the honest answer to "how well does this vendor govern its AI?" was a shrug. You could ask, but there was no shared standard to ask against, no certificate to check, and no independent auditor to lean on. ISO/IEC 42001 changes that. Published in December 2023 by ISO and IEC, it is the world's first international AI management system standard, and it is certifiable, which means a third party can audit a vendor against it and issue a certificate you can request and verify. For TPRM teams, that is a meaningful new signal. It is also one that is easy to over-read, so it is worth understanding both what the standard gives you and what a certificate does not prove.

What ISO/IEC 42001 Actually Is

ISO/IEC 42001:2023 specifies the requirements for establishing, implementing, maintaining, and continually improving an AI management system, often abbreviated AIMS. It applies to any organization that develops, provides, or uses AI, regardless of size or industry, which means it spans the whole AI value chain from the model builders to the companies embedding AI in their products to the enterprises deploying it.

If you know ISO/IEC 27001, the information security standard, the shape will feel familiar. ISO 42001 uses the same harmonized management-system structure, with requirement clauses covering organizational context, leadership, planning, support, operation, performance evaluation, and improvement. Like ISO 27001, it pairs those requirements with a reference set of controls, in this case 38 controls organized across nine areas, spanning AI policy, roles and resources, data governance, the AI system lifecycle, transparency to interested parties, responsible use, and third-party relationships. Organizations select which controls apply based on a risk assessment and document their choices in a Statement of Applicability, which an auditor reviews.

One requirement sets ISO 42001 apart from a pure security standard: the AI system impact assessment. Beyond assessing risk to the organization, the standard asks an organization to assess the impact of its AI systems on individuals, groups, and society. That is a governance idea, not just a security one, and it is the clearest sign that ISO 42001 is about responsible AI, not only about protecting data.

ISO 27001 secures the data. ISO 42001 governs the AI. The two are complementary and share the same structural DNA, so many organizations run them together. ISO 27001 is about the confidentiality, integrity, and availability of information. ISO 42001 adds the concerns that are specific to AI: bias and fairness, transparency and explainability, human oversight, safety, and the societal impact of an AI system across its lifecycle. A vendor can be strong on 27001 and still have no real AI governance, which is exactly the gap 42001 is built to close.

Where It Fits With NIST and the EU AI Act

ISO 42001 does not stand alone. It sits alongside two other instruments that TPRM teams increasingly track together, and the relationship is worth getting right.

The EU AI Act is binding law, structured around risk tiers, that imposes obligations based on how an AI system is used. The NIST AI Risk Management Framework is a voluntary operational framework built around the functions of govern, map, measure, and manage. ISO 42001 is the certifiable management system that can operationalize both, letting an organization run one control set and map it to the day-to-day practices of the NIST framework and the legal obligations of the Act. The common shorthand is that the Act is the legal floor, the NIST framework is the operating method, and ISO 42001 is the management system that ties them together and can be independently certified.

An important limit: An ISO 42001 certificate is not proof of EU AI Act compliance. As of 2025, ISO 42001 was not a European harmonized standard, and it did not confer a legal presumption of conformity with the Act. The harmonized standards that grant that presumption are being developed separately by CEN-CENELEC JTC 21 and must be cited in the Official Journal of the EU before they carry legal weight. Treat a vendor's ISO 42001 certificate as strong evidence of mature AI governance and readiness, not as a substitute for the Act's specific requirements. A vendor claiming the certificate makes them "AI Act compliant" is overstating it, and that itself is a diligence signal.

Who Is Actually Certified

Adoption moved quickly among the large AI providers, which matters because those are the fourth parties sitting behind many vendors' AI features. Amazon Web Services announced accredited ISO/IEC 42001 certification in November 2024, initially covering a defined set of AI services including Amazon Bedrock, Amazon Q Business, Amazon Textract, and Amazon Transcribe. Anthropic announced certification in January 2025. Microsoft first certified Microsoft 365 Copilot and Copilot Chat in March 2025 and has since extended certification to additional AI products. Each of these certifications was issued by an accredited certification body.

Read those announcements carefully, because scope is everything. In every case, the certificate covers specific named products and their management system, not the entire company. A vendor may hold ISO 42001 certification for one AI product while the product you are actually buying sits outside the certified scope. Confirming that the certificate covers the specific service you are procuring is the single most important check, and the one most often skipped.

Using ISO 42001 in Vendor Assurance

The standard becomes useful the moment you turn it into questions and evidence requests. Here is how to put it to work in a third-party AI assessment.

Action What it gives you
Require or prefer accredited certification Independent, audited evidence of AI governance, not vendor self-attestation
Verify the certificate scope Confirmation that the certified AIMS covers the specific product you are buying
Request the Statement of Applicability Visibility into which controls the vendor applied, and which they excluded and why
Map your questionnaire to the controls Targeted questions on impact assessment, data governance, bias, oversight, and transparency
Ask for surveillance audit results Evidence the program is maintained over time, since ISO certification includes periodic surveillance

The Statement of Applicability deserves particular attention. Because the standard lets organizations exclude controls with justification, the excluded list tells you where a vendor decided a control did not apply. Sometimes that is reasonable. Sometimes it is a gap worth questioning. Either way, it is far more informative than a checkbox on a questionnaire, and it is the kind of evidence-based diligence that goes well beyond what a form can capture.

For regulated organizations, ISO 42001 also slots neatly into existing third-party governance obligations. If you already assess critical vendors under regimes like DORA or manage AI vendors as part of your shadow AI program, a certification requirement gives you a clean, auditable bar to hold vendors to, and a way to compare them against one another on AI governance rather than marketing claims.

A Realistic Take

ISO 42001 is young, and certification is still far from universal, so requiring it outright would rule out many capable vendors today. The pragmatic approach is to treat it as a strong positive signal and a clear direction of travel: prefer certified vendors where they exist, ask uncertified vendors about their roadmap toward it, and use the standard's control set as the backbone of your AI questionnaire even when a vendor is not yet certified. As the large model providers and major SaaS vendors continue to certify, a portfolio-wide expectation becomes realistic. Starting now, with your highest-risk AI vendors, puts you ahead of that curve.

TPRM Lesson Learned: ISO/IEC 42001 gives third-party risk teams their first certifiable benchmark for vendor AI governance, covering the responsible-AI concerns that security standards like ISO 27001 leave out, including the AI system impact assessment. Used well, it means requesting accredited certification, verifying that the certificate scope covers the product you are buying, reviewing the Statement of Applicability for excluded controls, and mapping your questionnaire to the standard's controls. Just as important is knowing its limit: a certificate signals mature governance, not automatic EU AI Act compliance. Platforms like Fair TPRM include AI governance standards alongside frameworks like NIST CSF, ISO 27001, and the NIST AI RMF, so teams can assess vendor AI maturity against a recognized bar as part of the standard vendor workflow.

Protect Your Organization from Third-Party Risk

Fair TPRM is a free, open-source platform for vendor risk management, GRC compliance, and FAIR risk quantification.

Free Demo Download Source

Sources & References

  1. ISO/IEC 42001:2023 Information technology, Artificial intelligence, Management system - International Organization for Standardization, December 2023
  2. AWS achieves ISO/IEC 42001:2023 accredited certification - Amazon Web Services, November 2024
  3. Anthropic achieves ISO 42001 certification for responsible AI - Anthropic, January 2025
  4. Microsoft 365 Copilot achieves ISO/IEC 42001:2023 certification - Microsoft, 2025
  5. How ISO/IEC 42001 and NIST AI RMF help comply with the EU AI Act - Cloud Security Alliance, January 29, 2025
  6. Artificial Intelligence standardization (JTC 21) - CEN-CENELEC
  7. ISO 42001 vs ISO 27001: how the standards differ - ISMS.online