# ISO 42001 > ISO/IEC 42001 is the international standard for AI management systems, specifying requirements for establishing, implementing, maintaining, and continually improving an AI governance programme. Category: Regulation Source: https://impetora.com/glossary/iso-42001 Part of: Impetora AI consulting glossary (https://impetora.com/glossary) ## What is ISO 42001? ISO/IEC 42001 was published in late 2023 and provides a Plan-Do-Check-Act framework familiar from ISO 27001 and ISO 9001. It covers AI policy, leadership, risk assessment, controls, training, supplier relationships, and management review. Certification is performed by accredited bodies. The standard is voluntary but increasingly used by enterprise buyers as a procurement signal and as evidence of EU AI Act conformity. ## How does ISO 42001 apply to enterprise AI? Enterprises with multiple AI systems benefit from ISO 42001 because it puts AI under the same management-system discipline as security and quality. Vendors selling into regulated buyers should expect to be asked about it. ## Related terms - [AI Risk Management](https://impetora.com/glossary/ai-risk-management) - AI risk management is the discipline of identifying, assessing, mitigating, and monitoring the harms an AI system can cause across its lifecycle. - [NIST AI RMF](https://impetora.com/glossary/nist-ai-rmf) - The NIST AI Risk Management Framework is a voluntary US framework for managing risks of AI systems across the lifecycle, organised around the functions Govern, Map, Measure, and Manage. - [EU AI Act](https://impetora.com/glossary/eu-ai-act) - The EU AI Act (Regulation (EU) 2024/1689) is the European Union's horizontal regulation for AI, classifying systems by risk and imposing obligations on providers, deployers, importers, and distributors. - [Conformity Assessment](https://impetora.com/glossary/conformity-assessment) - Conformity assessment is the formal process of demonstrating that a high-risk AI system meets the requirements of the EU AI Act before being placed on the market or put into service. ## External references - [ISO/IEC 42001:2023](https://www.iso.org/standard/81230.html) --- Impetora is a custom AI consultancy and solutions partner for enterprises in regulated industries. Submit a project at https://impetora.com/intake.