Track updates
iconCreated with Sketch.

AS ISO/IEC 42001:2023


Information technology — Artificial intelligence — Management system

AS ISO/IEC 42001 identically adopts ISO/IEC 42001 which provides requirements for establishing, implementing, maintaining and continually improving an AI management system within the context of an organization
Published: 16/02/2024
Table of contents
Cited references
Content history
Table of contents
About this publication
1 Scope
2 Normative references
3 Terms and definitions
4 Context of the organization
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the AI management system
4.4 AI management system
5 Leadership
5.1 Leadership and commitment
5.2 AI policy
5.3 Roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 General
6.1.2 AI risk assessment
6.1.3 AI risk treatment
6.1.4 AI system impact assessment
6.2 AI objectives and planning to achieve them
6.3 Planning of changes
7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
7.5.1 General
7.5.2 Creating and updating documented information
7.5.3 Control of documented information
8 Operation
8.1 Operational planning and control
8.2 AI risk assessment
8.3 AI risk treatment
8.4 AI system impact assessment
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
9.2.1 General
9.2.2 Internal audit programme
9.3 Management review
9.3.1 General
9.3.2 Management review inputs
9.3.3 Management review results
10 Improvement
10.1 Continual improvement
10.2 Nonconformity and corrective action
Annex A
A.1 General
Annex B
B.1 General
B.2 Policies related to AI
B.2.1 Objective
B.2.2 AI policy
B.2.3 Alignment with other organizational policies
B.2.4 Review of the AI policy
B.3 Internal organization
B.3.1 Objective
B.3.2 AI roles and responsibilities
B.3.3 Reporting of concerns
B.4 Resources for AI systems
B.4.1 Objective
B.4.2 Resource documentation
B.4.3 Data resources
B.4.4 Tooling resources
B.4.5 System and computing resources
B.4.6 Human resources
B.5 Assessing impacts of AI systems
B.5.1 Objective
B.5.2 AI system impact assessment process
B.5.3 Documentation of AI system impact assessments
B.5.4 Assessing AI system impact on individuals or groups of individuals
B.5.5 Assessing societal impacts of AI systems
B.6 AI system life cycle
B.6.1 Management guidance for AI system development
B.6.1.1 Objective
B.6.1.2 Objectives for responsible development of AI system
B.6.1.3 Processes for responsible design and development of AI systems
B.6.2 AI system life cycle
B.6.2.1 Objective
B.6.2.2 AI system requirements and specification
B.6.2.3 Documentation of AI system design and development
B.6.2.4 AI system verification and validation
B.6.2.5 AI system deployment
B.6.2.6 AI system operation and monitoring
B.6.2.7 AI system technical documentation
B.6.2.8 AI system recording of event logs
B.7 Data for AI systems
B.7.1 Objective
B.7.2 Data for development and enhancement of AI system
B.7.3 Acquisition of data
B.7.4 Quality of data for AI systems
B.7.5 Data provenance
B.7.6 Data preparation
B.8 Information for interested parties
B.8.1 Objective
B.8.2 System documentation and information for users
B.8.3 External reporting
B.8.4 Communication of incidents
B.8.5 Information for interested parties
B.9 Use of AI systems
B.9.1 Objective
B.9.2 Processes for responsible use of AI systems
B.9.3 Objectives for responsible use of AI system
B.9.4 Intended use of the AI system
B.10 Third-party and customer relationships
B.10.1 Objective
B.10.2 Allocating responsibilities
B.10.3 Suppliers
B.10.4 Customers
Annex C
C.1 General
C.2 Objectives
C.2.1 Accountability
C.2.2 AI expertise
C.2.3 Availability and quality of training and test data
C.2.4 Environmental impact
C.2.5 Fairness
C.2.6 Maintainability
C.2.7 Privacy
C.2.8 Robustness
C.2.9 Safety
C.2.10 Security
C.2.11 Transparency and explainability
C.3 Risk sources
C.3.1 Complexity of environment
C.3.2 Lack of transparency and explainability
C.3.3 Level of automation
C.3.4 Risk sources related to machine learning
C.3.5 System hardware issues
C.3.6 System life cycle issues
C.3.7 Technology readiness
Annex D
D.1 General
D.2 Integration of AI management system with other management system standards
Cited references in this standard
Information technology - Artificial intelligence - Artificial intelligence concepts and terminology
Content history
DR AS ISO/IEC 42001:2023
Inclusive of GST
Available formats
iconCreated with Sketch.
Available formats
icon_export/16/closeCreated with Sketch.
Web Reader
Instantly view standards in your browser. Search, bookmark, highlight, and comment for anytime access - online and offline.
Web Reader (PDF)
View standards in PDF format in your browser. Search, bookmark, highlight, and comment for anytime access - online and offline.
Web Reader
1 user
Add to cart
visa logo
mastercard logo
amex logo