ISO/IEC 42001:2023 Information Technology Artificial Intelligence Management Systems
Increased consumer expectations of information technology now extends to establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organisations.
Who is ISO/IEC 42001 for?
Organizations of any size involved in developing, providing, or using AI-based products or services. It is applicable across all industries and relevant for public sector agencies as well as companies or non-profits.
Framework for managing risk and opportunities
Demonstrate responsible use of AI
Traceability, transparency and reliability
Reach out to find out more about ISO/IEC 42001:2023
Frequently Asked Questions
Yes, it’s designed to be applicable across various AI applications and contexts.
An AI management system, as specified in ISO/IEC 42001, is a set of interrelated or interacting elements of an organization intended to establish policies and objectives, as well as processes to achieve those objectives, in relation to the responsible development, provision or use of AI systems. ISO/IEC 42001 specifies the requirements and provides guidance for establishing, implementing, maintaining and continually improving an AI management system within the context of an organisation.
The ISO/IEC 42001 standard offers organizations the comprehensive guidance they need to use AI responsibly and effectively, even as the technology is rapidly evolving. Designed to cover the various aspects of artificial intelligence and the different applications an organization may be running, it provides an integrated approach to managing AI projects, from risk assessment to effective treatment of these risks.
- Responsible AI: ensures ethical and responsible use of artificial intelligence.
- Reputation management: enhances trust in AI applications.
- AI governance: supports compliance with legal and regulatory standards.
- Practical guidance: manages AI-specific risks effectively.
- Identifying opportunities: Encourages innovation within a structured framework.
ISO has a number of standards that help mitigate the risks and maximize the rewards of AI, including ISO/IEC 22989, which establishes terminology for AI and describes concepts in the field of AI; ISO/IEC 23053, which establishes an AI and machine learning (ML) framework for describing a generic AI system using ML technology; and ISO/IEC 23894, which provides guidance on AI-related risk management for organizations.
ISO/IEC 42001 on the other hand is a management system standard (MSS). Implementing this standard means putting in place policies and procedures for the sound governance of an organization in relation to AI, using the Plan‐Do‐Check‐Act methodology. Rather than looking at the details of specific AI applications, it provides a practical way of managing AI-related risks and opportunities across an organization. It therefore provides value for any business or entity.
As a leading provider of education and training, SAI Global Assurance Learning offers a wide range of training courses to help you learn, plan, implement, assess and improve your management system.
Foundation and Implementing an ISMS ISO/IEC 27001:2022
An opportunity to learn the necessary skills to develop, implement and monitor an Information Security Management System within your organisation.
Foundation ISO/IEC 27001:2022
Dispel the mystery surrounding the terminology of the internationally recognised ISO/IEC 27001:2022 Standard, providing a sure foundation for your information security management system.
Implementing an ISMS ISO/IEC 27001:2022
Learn how to assess and protect your business against cyber security risks. Participants will learn how to evaluate their organisation’s information assets and implement a cost effective information security strategy.