Back to the list

ISO 42001:2023 Artificial intelligence - Management system

MD, AI and Cybersecurity

📣 ISO 42001:2023 Artificial intelligence - Management system 🚀

The very first standard for managing Artificial Intelligence within organisations has been published. ISO/IEC 42001:2023. A World premiere my friends!

This document specifies the requirements and provides guidance for establishing, implementing, maintaining and continually improving an AI (artificial intelligence) management system within the context of an organization.

This document is intended for use by an organization providing or using products or services that utilize AI systems. This document is intended to help the organization develop, provide or use AI systems responsibly in pursuing its objectives and meet applicable requirements, obligations related to interested parties and expectations from them. This document is applicable to any organization, regardless of size, type and nature, that provides or uses products or services that utilize AI systems.

In short :

  • 10 chapters including:
  • Organizational context
  • Leadership
  • Schedule
  • Support function (resources, skills, etc.)
  • Operation
  • Performance evaluation
  • Continuous improvement
  • Importance of security, fairness and transparency, and specifies the management of risks associated with AI.
  • Update of the QMS to be planned according to the requirements of the management review and the carrying out of audits.
  • Continuous improvement further than in 13485.


Manufacturers will be able to obtain certification on 42001 in order to comply with part of the requirements of the IA Act. AFNOR offers 42001 certification for those who wish to anticipate the implementation of the IA Act.

The 42001 certification allows:

  • The establishment of AI governance by following ethical rules and strengthening stakeholder trust through responsible use of AI.
  • Traceability of decisions made by AI systems.
  • Anticipation and proactive management of AI-related risks.
  • Commitment to thoughtful, ethical and efficient use of AI.

(source AFNOR)

Other standards concerning AI

ISO/IEC 42001 is the first AI management system standard, but is not the only one aimed at mitigating risks and improving AI systems.

  • ISO/IEC 22989 establishes terminology and describes concepts in the field of AI,
  • ISO/IEC 23053 decides on a framework for AI systems using machine learning,
  • and finally ISO/IEC 23894 provides guidelines on AI risk management for organizations.

Link to AFNOR certification IA Act