~ / directory / iso-iec-42001
II
Generative · AI Governance & Standards · reviewed 2026-04

ISO/IEC 42001

The global standard for AI Management Systems.

Visit www.iso.org/standard/56641.html
01

What it does

The global standard for AI Management Systems, published by ISO/IEC. Specifies requirements for establishing, implementing, maintaining, and continually improving an AI management system within organisations.

02

Security relevance

ISO 42001 is becoming the gold standard for demonstrating AI governance maturity. It provides a structured framework for managing AI risks, similar to how ISO 27001 frames information security. Certification demonstrates to customers, regulators, and partners that your AI practices meet international standards.

03

When to use it

Pursue when your organisation needs to demonstrate AI governance maturity to enterprise customers, regulators, or partners. This is an organisational commitment requiring cross-functional implementation, internal audit capability, and ongoing maintenance. Plan for 6-12 months minimum.

04

OWASP coverage

Risks addressed — mapped to both OWASP Top 10 standards. 0 in LLM, 0 in Agentic.

LLM Top 10 · 2025 · 0/10 covered
01
02
03
04
05
06
07
08
09
10
Agentic Top 10 · 2026 · 0/10 covered
01
02
03
04
05
06
07
08
09
10
05

The raw record

What Yuntona stores. Single source of truth — fork it on GitHub.

name: ISO/IEC 42001
slug: iso-iec-42001
type: Generative
category: AI Governance & Standards
url: https://www.iso.org/standard/56641.html

reviewed:   2026-04
added:      2026-04
updated:    2026-04

risks:
  llm:  []
  asi:  []

complexity:    Enterprise Only
pricing:       —
audience:      Blue Team
lifecycle:     [govern]

tags: [Compliance, ISO, Standard]