Skip content

Request a quote

Build trust in artificial intelligence 

ISO/IEC 42001 is the world’s first artificial intelligence (AI) management system standard, designed to build trust in AI through robust ethical guidelines. It addresses critical issues such as data privacy and algorithmic bias, providing a comprehensive framework for responsible AI development and deployment. Achieving ISO/IEC 42001 certification demonstrates your commitment to ethical AI practices, ensuring your AI systems, products and services are efficient and effective. View the frequently asked questions for more information about ISO/IEC 42001 and our range of services. 

Our ISO/IEC 42001 services

Our team of expert auditors is here to support you throughout your ISO/IEC 42001 certification journey. They’ll help you demonstrate your commitment to ethical AI practices through globally recognised certification that establishes credibility with your stakeholders. 

Gap Analysis

An optional service where one of our expert auditors helps you identify any weak areas or non-conformities prior to your formal ISO 42001 audit.

Certification

An independent two-phase approach that provides a clear statement of your compliance – helping you win new business and build trust with stakeholders.

Integrated audits

If you’ve implemented multiple management systems, you could benefit from an integrated audit and surveillance programme which is more efficient and cost-effective.

What is ISO 42001 certification?

ISO/IEC 42001 is a global standard for managing artificial intelligence systems. It helps organisations address AI-related risks, ethics, and data privacy, promoting transparent and trustworthy AI use. Certification to ISO/IEC 42001 shows a commitment to responsible AI management, offering assurance to stakeholders. Training programmes are available to support certification and ensure staff maintain compliance.

Artificial intelligence has brought decision-making to the forefront of technology, and this brings both significant innovation and the need for ethical, transparent systems to manage the inherent risks.

Shirish Bapat, Technical Product Manager – Cyber, LRQA

Benefits of ISO/IEC 42001 certification 

  • Ethical AI usage: Promotes responsible and ethical use of AI technologies, ensuring respect for human rights and adherence to ethical guidelines.
  • Safety and reliability: Ensures AI systems are safe, reliable, and perform as intended through rigorous testing and validation processes.
  • Trust and transparency: Enhances trust in AI systems by requiring transparent and accountable practices, making it easier to audit and verify AI operations.
  • Operational efficiency: Optimises AI deployment and management, leading to improved operational outcomes through streamlined and standardised processes.
  • Compliance with laws and regulations: ISO 42001 aligns with global best practices, making it easier for organisations to meet the requirements of multiple jurisdictions. By adhering to ISO 42001, organisations can proactively address regulatory concerns, thereby avoiding fines, sanctions, or other legal issues.
  • Competitive edge: ISO 42001 certification from LRQA is a clear statement of your capability in AI governance, showing that you adhere to internationally recognised best practices. This not only helps in building trust but also gives you a competitive edge, aiding in the acquisition of new business and strengthening relationships with existing clients. 

Why work with us?

On-the-ground expertise

Our solutions are delivered by a global team of specialists who are dedicated to sharing insights and knowledge that will help solve your business challenges, today and into the future. By blending human intelligence and deep expertise with data-driven insights, we equip your business with the necessary tools to secure a competitive edge.

LRQA auditors having a conversation with a client

Continuous assurance

In the era of Assurance 4.0, organisations need continuous assurance that they are effectively managing the changing risks that their businesses face. Our approach enables real-time risk management with a connected portfolio of solutions that enables the continuous management of risks across your supply chain.

Aerial shot of container ships

Solution-based partnerships

We form deep partnerships with our clients that enable us to gain a comprehensive understanding of their business risks and opportunities. Through our solutions-based approach, we can take you beyond compliance, helping you manage risks, seize opportunities and deliver sustainable growth.

Two people talking in a warehouse with large cable rolls in the background

Data-driven decision making

We invest in digital platforms that give you deep insight into your operations. Our human intelligence is enhanced by extensive analytics capabilities which can be applied to address current and future risks within your operations and supply chain.

Group of people having a discussion about data

Frequently Asked Questions

Who can implement ISO/IEC 42001?

Any organisation that develops or uses AI technologies can implement ISO/IEC 42001. This includes tech companies, healthcare providers, financial institutions, manufacturing firms, and government agencies.

How does ISO/IEC 42001 work?

ISO 42001 provides a systematic approach to AI management, which involves:

  • Establishing AI governance structures and policies
  • Identifying and assessing risks associated with AI technologies
  • Implementing controls to mitigate AI-related risks
  • Monitoring and evaluating AI system performance
  • Ensuring continual improvement of AI management practices
How does ISO 42001 integrate with other management systems?

Through Annex SL, ISO/IEC 42001 can be easily integrated with other management systems. Annex SL provides a common structure and terminology, facilitating alignment with standards such as ISO 9001 and ISO/IEC 27001. This integration supports a unified approach to managing various organisational aspects, enhancing efficiency and consistency.

  • ISO 9001 (Quality Management): Aligns AI technologies with quality objectives, ensuring high performance and reliability. This integration supports continuous improvement and customer satisfaction.
  • ISO/IEC 27001 (Information Security Management): Secures AI systems by protecting sensitive information and mitigating cyber threats. While ISO 27001 certification is not mandatory, it provides a strong foundation for information security, which enhances the ISO 42001 standard by ensuring data protection and compliance with security protocols.
  • ISO 31000 (Risk Management): Manages AI-related risks effectively, promoting a safer operational environment. This standard helps identify, assess, and mitigate risks associated with AI deployment.

Integration streamlines processes, enhances compliance, and provides a holistic view of organisational performance, ensuring ethical, secure, and efficient use of AI technologies.

What is the process for getting ISO/IEC 42001 certified?

The certification process for ISO/IEC 42001 involves several key steps:

  1. Develop and implement your AI management system: The first step is to develop and implement an AI management system that aligns with ISO/IEC 42001 requirements. This involves creating policies, procedures, and controls to govern the ethical use, safety, reliability, and transparency of AI technologies. The system should be designed to manage AI risks effectively and ensure regulatory compliance.
  2. Conduct a Gap Analysis: Once the AI management system is in place, you can conduct a gap analysis to identify areas that need improvement to meet ISO/IEC 42001 requirements. This involves reviewing your current AI management practices, identifying gaps, and developing a plan to address them. This step helps understand where your organisation stands and what changes are necessary to achieve compliance. LRQA provide an optional Gap Analysis service delivered by our expert team of auditors.
  3. Carry out internal audits: Internal audits are essential to ensure the AI management system meets the standard's requirements. These audits help identify any deficiencies and ensure continuous improvement. Internal audits verify that all processes and controls are functioning as intended and that the organisation is ready for the external audit.
  4. Complete your LRQA audit: The next step is to undergo an external audit conducted by LRQA. We will conduct a thorough assessment of your AI management system to ensure it complies with ISO/IEC 42001. This audit typically involves document reviews, interviews with staff, and on-site assessments to verify the effectiveness of your AI management practices.
  5. Address non-conformities: If any non-conformities are identified during the external audit, they must be addressed promptly. This involves implementing corrective actions to resolve any issues and prevent their recurrence. Addressing non-conformities is critical to achieving certification and demonstrating your commitment to continuous improvement.
  6. Promote your ISO/IEC 42001 certification: Upon successful completion of the external audit and resolution of any non-conformities, your organisation will receive ISO/IEC 42001 certification. This certification demonstrates that your AI management system meets internationally recognised standards for ethical AI usage, safety, reliability, transparency, and regulatory compliance. It provides a competitive advantage and builds trust with clients and stakeholders.
How can organisations maintain ISO/IEC 42001 certification?

Certification is not a one-time event but an ongoing process. To maintain ISO/IEC 42001 certification, organisations must continually monitor and improve their AI management system. This includes conducting regular internal audits, staying updated with regulatory changes, and undergoing periodic surveillance audits by LRQA to ensure continued compliance