> For the complete documentation index, see [llms.txt](https://docs.oxfordinfosec.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.oxfordinfosec.com/iso42001-artificial-intelligence.md). # ISO42001 (Artificial Intelligence) ## Introducing the Service If you're building with AI, deploying it into products, or embedding it into operations, enterprise buyers, regulators, and investors are starting to ask how it's governed, not just how it performs. ISO 42001 is the world's first management system standard that answers that question, codifying responsible AI development, deployment, and use. Oxford Infosec takes small, fast-moving companies through ISO 42001 scoping, implementation, and certification, then maintains the AI Management System (AIMS) so you stay certified through surveillance and recertification audits. Our AI governance specialists hold recognised credentials (ISO/IEC 42001 Lead Implementor or Auditor, CIPP/E, CISSP). Our approach is pragmatic and risk-driven, built for small businesses so that every recommended control is proportionate to real-world risk, and aligned with emerging UK and EU AI regulation. We can optionally combine this expertise with a compliance automation platform (explained below), giving you continuous evidence collection, live AIMS dashboards, and automated alerts instead of periodic checklists. ## What Problem Does This Solve? Enterprise buyers, regulators, and investors increasingly ask how AI systems are governed, not just how they perform. ISO 42001 answers that question, but getting certified is only half the job. Customers and partners expect you to stay certified and demonstrate ongoing AI governance rigour. Typical challenges for growing businesses: | Challenge | Consequence | | -------------------------------------------------------------------- | ----------------------------------------------------------- | | **No dedicated AI governance lead** | Slow, fragmented implementation; audit non-conformities | | **Ethical, legal, and societal risks not tracked** | Reputational damage, regulatory sanctions | | **Dynamic data science pipelines** | Evidence gaps, unclear control ownership | | **Rapidly evolving regulations (EU AI Act, UK AI Code of Practice)** | Controls drift away from how the business actually operates | Oxford Infosec provides an experienced implementation consultant and ongoing AIMS maintenance, so you achieve certification quickly and stay continuously compliant. ## Fit for Small Businesses This service is designed for organisations that need a credible ISO 42001 certificate without the overhead of an enterprise-scale programme. Typically that means: * **20 to 200 employees**: large enough to face AI governance demands, small enough that enterprise templates would swamp the business * **Building or deploying AI**: developing models, embedding third-party AI into products, or using AI in regulated decisions * **Operating in the UK or EU**: subject to the EU AI Act, UK AI Code of Practice, or sector-specific AI guidance * **Facing external pressure**: procurement questionnaires asking about AI governance, investor due diligence, or contractual AI obligations Our approach recognises the reality of small, fast-moving teams: tight headcount, aggressive ship dates, and the need to keep data scientists and engineers building rather than writing evidence. It keeps the standard achievable without turning it into a parallel bureaucracy. * **Right-sized controls**: each requirement is mapped to a real business process and justified in the Statement of Applicability. Superfluous clauses are marked *not applicable*. * **Sprint-friendly scheduling**: workshops, risk reviews and evidence uploads dovetail with your existing sprint cadence, so data science and engineering teams avoid day-long side quests. * **Automation first**: The platform's custom framework builder (or your GRC of choice) harvests logs and artefacts automatically, cutting manual effort. * **Risk-based prioritisation**: recommendations are ordered by potential compliance impact and effort required, allowing gradual uplift when resources allow. * **Plain-English advice**: we translate ISO jargon into clear guidance and supply editable policy packs that spell out what's mandatory versus "nice to have." If you're only experimenting with AI, or the use cases are low-stakes internal productivity tools, ISO 42001 might not be the right answer yet. A clear AI acceptable-use policy and a lightweight risk register often does the job until there's a commercial or regulatory reason to go further. ## Outcomes: What You Get ### Certification you can rely on | Outcome | What this means | | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | | **You achieve certification on your target timeline** | Scoping, implementation, and audit prep aligned to your deal, investor, or contractual deadline | | **The certificate reflects the business** | Controls match how you actually develop and deploy AI, not a generic template that auditors see through | | **You stay certified year after year** | Surveillance and recertification audits pass without last-minute firefighting | ### Credibility with customers, investors, and regulators | Outcome | What this means | | --------------------------------------------------------- | ---------------------------------------------------------------------------- | | **You can answer AI governance questionnaires quickly** | Evidence is ready, mapped to common frameworks and what buyers typically ask | | **Due diligence goes smoothly** | Investors and enterprise buyers can see you've taken AI governance seriously | | **You're ready for the EU AI Act and related regulation** | Your AIMS covers most of what regulators are now asking for | ### A programme that runs itself | Outcome | What this means | | ----------------------------------------- | ------------------------------------------------------------------------------- | | **You know where you stand** | Live view of control status, evidence coverage and open actions | | **AI risks surface early** | Drift, bias, and ethical concerns are flagged through governance, not incidents | | **The standard fits around the business** | Controls and cadence calibrated to small teams, not enterprise templates | ## Compliance Automation Platform Before diving into the detail, it's worth explaining the compliance automation platform we recommend, since it underpins much of how we work. A cloud-based compliance automation platform, configured with a custom ISO 42001 control library, serves as the "engine room" for day-to-day AIMS housekeeping. Once connected to your existing tools (for example, Azure ML, AWS SageMaker, GitHub, Slack), it continuously collects evidence (model cards, data provenance logs, bias test reports), maintains your AIMS policy suite and displays progress on a live readiness dashboard. The platform automatically raises tasks (policy reviews, model impact re-assessments, supplier attestations), assigns them to the right people with due dates, and preserves an auditable trail. We can work with whichever compliance automation platform you already have in place. ## Scope of Activities This service is split into the initial implementation, which takes you all the way to full certification, and then the subsequent maintenance of the controls and evidence to ensure you retain ISO 42001 through surveillance and recertification audits. ### Phase 1: Implementation | Category | Activity | | ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Kick-off and Context** | Establish project charter, confirm AIMS scope and boundaries, agree success criteria with executive sponsor | | **Compliance Platform Implementation and Gap Analysis** | Map existing controls and documentation against ISO 42001:2023 requirements; prioritise remediation tasks | | **AI Risk Assessment and Statement of Applicability** | Identify AI assets, stakeholders, impacts, and harms; run likelihood and impact workshops; draft risk treatment plan and SoA | | **Documentation** | Create or refine policies and procedures (Responsible AI, Data Governance, Model Lifecycle, Human Oversight, Incident Handling) aligned to Annex A | | **Control Implementation Support** | Guide technical and organisational control deployment (data quality checks, bias and robustness testing, model registers, and explainability tooling) and validate effectiveness | | **Internal Audit and Management Review** | Conduct first-cycle internal audit and facilitate inaugural management review meeting with leadership | | **Certification Preparation** | Run Stage 1 readiness check, coordinate corrective actions, rehearse auditor Q\&A and logistics for Stage 2 audit | ### Phase 2: Maintenance | Category | Activity | | ------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Continuous Monitoring** | Operate compliance automation integrations to harvest evidence (pipeline logs, policy attestations), track control SLAs and surface alerts for out-of-tolerance items | | **AI Risk Management** | Maintain rolling AI risk register; review emerging threats (for example, model inversion, prompt injection) and update treatment actions quarterly | | **Internal Audit Programme** | Plan and execute thematic spot checks and full-scope audits on a quarterly cycle, logging findings and corrective actions | | **Policy and Procedure Upkeep** | Schedule reviews, update documents for regulatory or business changes, manage version control | | **Management Review** | Prepare KPI dashboard and chair semi-annual management review sessions, capturing decisions and action items | | **Audit Liaison** | Coordinate with the Certification Body for surveillance and recertification audits; track evidence requests and responses | | **Training and Awareness** | Deliver onboarding modules, annual refreshers and targeted campaigns; monitor completion metrics | | **Supplier and Model Marketplace Security** | Perform supplier risk assessments, maintain contract AI clauses, monitor attestations | | **Incident and Change Advisory** | Provide guidance for AI incidents (for example, drift, ethical breaches) and major architectural or process changes | | **Standards and Regulatory Watch** | Monitor ISO, NCSC, ICO, EU AI Office and sector-specific updates; advise on required control adjustments | ## Service Governance Cadence Maintaining ISO 42001 isn't a one-off effort. The standard requires regular reviews, audits, and updates. The table below shows a typical rhythm of activities. For smaller organisations, several of these can be combined into single sessions. | Category | Activity | Frequency | | -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | | **Operational Oversight** | AIMS working group. Track open actions, new risks, control SLA breaches, platform alerts. | Monthly | | **Risk Management** | Quarterly risk review. Refresh asset list, re-score top risks, verify treatment progress, log emerging threats. | Quarterly | | **Management Review** | Present KPI deck (objectives, incidents, audit results, corrective actions, supplier performance). | Semi-annual (minimum) | | **Internal Audit Governance** | Approve annual internal audit plan; track execution and close-out of non-conformities. | Annual plan; progress check at each leadership meeting | | **Policy and Procedure Governance** | Systematic review of policy suite; capture regulatory or business-driven changes; publish updated versions in the platform. | Quarterly | | **Improvement and Non-conformity Log** | Evaluate open corrective and preventive actions, recurring incident themes, lessons learned; prioritise improvement initiatives. | Monthly | | **Supplier and Model Marketplace Oversight** | Reassess critical third-party suppliers; review attestations and contract clauses; update supplier risk register. | Quarterly | | **External Audit Liaison** | Prepare auditor access, evidence sampling plan and logistics for surveillance or recertification audits; debrief outcomes and action plans. | Annually (surveillance) / every 3 years (recertification) | | **Training and Awareness Governance** | Track AI ethics awareness completion, role-based training needs, prompt-injection simulation results; plan next campaign. | Quarterly | ## Who Delivers the Service You'll work with a named Lead Consultant who holds recognised ISO 42001 implementation and audit credentials, typically ISO/IEC 42001 Lead Implementor or Auditor, alongside CISSP or CIPP/E. They act as your single point of accountability, reporting to whoever you nominate as executive sponsor (often the founder, CTO, or Head of Data). You'll work with the same named consultant throughout. They learn your business once, so you don't have to explain it each time. ## What's Not Included The following items are not included in this service. Where relevant, we can recommend specialists or help you procure these services separately. | Category | What's not included | | ------------------------------------------ | ------------------------------------------------------------------------------- | | **Deep ML engineering** | Model architecture redesign, hyper-parameter tuning, dataset labelling | | **Other compliance frameworks** | PCI-DSS, SOC 2, ISO 27001, GDPR RoPA (unless in a combined engagement) | | **Penetration testing and red team** | External or internal penetration tests, red-teaming of AI systems | | **Physical security build-outs** | Door-access systems, CCTV, server-room fit-outs | | **Dedicated incident response retainer** | 24×7 crisis hotline, on-site forensics, e-discovery | | **Business continuity and DR engineering** | Designing alternate data centres, hot/hot fail-over, full DR run-books | | **Tooling costs** | GRC platform, bias-testing or explainability tooling licences | | **Travel and on-site expenses** | Consultant travel, accommodation, per diem | | **Legal drafting** | Negotiating DPAs, model licences, supplier AI clauses | | **Custom software development** | Building custom dashboards, scripts or automations beyond standard integrations | | **Audit fees** | Certification body costs are procured directly by you | ## Assumptions | Assumption | Why this matters | | ------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | | **Executive sponsorship is active and visible** | A named senior leader approves scope, risk appetite and resource allocations; without this, key decisions stall. | | **You provide timely access to people, systems, and sites** | Interviews, evidence collection, and control validation depend on access to the right people, pipelines, logs, and (if applicable) premises. | | **Baseline security controls already exist** | Implementation effort focuses on AI-specific governance, not foundational security hardening. | | **Business processes stay reasonably stable for six months** | Major reorganisations, M\&A activity or product pivots can alter risk context and AIMS scope, potentially impacting fees and timelines. | | **You implement remediation actions you own by agreed due dates** | Oxford Infosec guides and validates; hands-on engineering work (for example, configuring fairness metrics) remains your responsibility. | | **Third-party suppliers will cooperate with security and ethics questionnaires** | Delays caused by non-responsive vendors are outside our control. | | **Engagement is delivered remotely unless on-site days are mutually scheduled and pre-approved** | Travel costs and lead times are excluded unless explicitly agreed. | ## Term and Review Phase 1 (implementation) is a fixed fee. Phase 2 (maintenance) has a minimum engagement term of twelve months, renewable annually, which begins after the first ISO 42001 audit is completed. Scope and fees are reviewed at each renewal to ensure the service continues to meet statutory and organisational requirements. ## RACI Matrix: Who is Responsible for What? R = Responsible (executes the work). A = Accountable (ultimate decision and compliance owner). C = Consulted (provides expertise or review). I = Informed (kept aware of status). | Activity | Customer | Oxford Infosec | | --------------------------------------------------------------- | --------- | -------------- | | Approve project charter, objectives, and AIMS scope | **A / R** | C | | Draft initial project plan and success criteria | I | **A / R** | | Define Responsible AI policy and measurable objectives | **A** | **R** | | Conduct context and stakeholder analysis | C | **A / R** | | Perform AI risk assessment workshops and produce risk report | C | **A / R** | | Approve risk treatment plan and Statement of Applicability | **A / R** | C | | Create or refine policy and procedure suite | C | **A / R** | | Implement technical and organisational controls | **A / R** | C | | Populate the platform with evidence, mappings, and task owners | C | **A / R** | | Internal audit (initial cycle) and report | I | **A / R** | | Facilitate Management Review meetings | I | **A / R** | | Certification body liaison and audit preparation | I | **A / R** | | Continuous monitoring of control SLAs in the platform | I | **A / R** | | Maintain and update AI risk register | C | **A / R** | | Execute quarterly risk review workshops | **A / R** | C | | Deliver internal audit programme | I | **A / R** | | Schedule and chair AIMS working group (monthly) | I | **A / R** | | Prepare KPI deck and facilitate Management Review (semi-annual) | C | **A / R** | | Maintain policy and procedure suite (quarterly review) | C | **A / R** | | Supplier security and ethics assessments | I | **A / R** | | Incident and change advisory (as needed) | **A / R** | C | | Surveillance and recertification audit support | I | **A / R** | | Manage non-conformity and continual improvement log | C | **A / R** | | Provide AI ethics awareness content and completion metrics | I | **A / R** | | Report governance metrics to AIMS Steering Committee | I | **A / R** | ## Combining with Other Services The ISO 42001 service works well alongside Oxford Infosec's other services: * **ISO 27001**: ISO 42001 builds on the management system approach of ISO 27001. If you hold or are pursuing ISO 27001, much of the governance, policy, and audit machinery carries over. Running both together is usually considerably less work than either on its own. * **vCISO**: your vCISO provides ongoing strategic oversight while this service handles the implementation and maintenance work. For AI-heavy businesses, having a vCISO who engages with the AIMS keeps governance aligned with how the business actually builds and deploys models. * **DPO as a Service**: many ISO 42001 controls touch personal data, particularly around training data and automated decision-making. Having a DPO in place covers the privacy side properly and demonstrates a clear commitment to data protection. * **Security Foundations**: ISO 42001 assumes baseline security controls are in place. If they aren't yet, Security Foundations gets the fundamentals right first so the AIMS doesn't have to carry work it wasn't designed for. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.oxfordinfosec.com/iso42001-artificial-intelligence.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.