ISO 42001 for AI SaaS
ISO/IEC 42001 is the certifiable AI management system standard, and enterprise buyers have started asking what governs your model, not just your data. Your competitors are already answering with a certificate.
Kellwick turns ISO 42001 preparation into a clear, testable readiness system: a real AI system inventory, an impact assessment that measures the right thing, an Annex A control map, and the ISO 27001 overlap mapped so you build one management system - not two. No AI Act promises we cannot keep.
Can your company prove these 5 things?
This is not theoretical
The world-first accredited ISO 42001 certificate was issued to ORO on 16 July 2024. Since then, companies whose certificates appear on public certification-body directories include AWS, Anthropic (for Claude) and OpenAI - alongside many of the platforms your buyers already run. IBM's certificate covers its Granite models specifically, not the whole company, which is exactly the point: certification has a defined scope, and a serious buyer reads it.
Holders verified against certification-body directories, not marketing claims. A company earns certification; a certification body earns accreditation - we use the words carefully.
Why this becomes expensive late
You can be one enterprise deal away from an AI-governance questionnaire and still have no inventory, no impact assessment and no owner for the AI management system. By then, the fixes look like exactly what they are.
You probably do not have an AI-governance intent problem. You have an evidence problem. You have models in production. You have data flowing into them. But can you show what governs the model, who oversees its decisions, and what its impact is on the people it affects?
If not, you are not ready. You are describing.
The questions behind every AI control
Quick readiness check
Prefer to read first? Start with the ISO 42001 hub - a low-commitment first step before booking a call.
The 42001 gap over your ISMS
42001 shares the Harmonised Structure with ISO 27001, so your existing ISMS spine carries over. The work is the AI-specific additions - and one of them changes the question entirely.
| Dimension | ISO 27001 today | What ISO 42001 adds |
|---|---|---|
| The question it asks | Protects your company's own information. | Asks about the effect on the people and society your AI system touches. |
| New clauses | Clauses 4-10 plus Annex A controls. | Adds clauses 6.1.4 and 8.4 - the AI system impact assessment. |
| Direction of impact | Risk to the organisation. | Impact on third parties and society, not just risk to you. |
| Control set | Annex A information-security controls. | 38 controls across 9 groups (10 objectives) for the AI management system. |
| Management spine | Harmonised Structure management system. | Same Harmonised Structure - your ISMS spine carries most of it over. |
| Data governance | Information classification and handling. | AI-specific governance of training and input data: provenance, quality and use. |
ISO 27001 protects your company's information. ISO 42001 asks about the AI system's impact on third parties and society - the people affected by the model, not the risk to you. That shift, at clauses 6.1.4 and 8.4, is the heart of what you are certifying.
Not ready for a full review?
Start with a 2-day Mini Gap Review.
Scoped and priced on a short call. We hand back your top Stage 1 blockers and the single next step that matters most.
What a buyer actually asks
Enterprise AI due diligence has moved past data security. These are the questions that now stall deals - and a described answer is not an evidenced one.
Before Kellwick
That last line loses deals.
After Kellwick
What you receive
A defined boundary for the AI management system - what you build, buy or embed, and the data that reaches it.
The part 42001 adds over ISO 27001: clauses 6.1.4 and 8.4 - the impact on third parties and society, not just risk to your company.
A control-by-control map across the 38 Annex A controls (9 groups) showing what evidence exists, what is weak and what is missing.
42001 shares the Harmonised Structure with ISO 27001, so an existing ISMS carries most of the management-system spine over. We map exactly what reuses.
An honest read on whether the EU AI Act reaches your product, and where. We are explicit that a 42001 certificate is not AI Act conformity.
A practical list of gaps ranked by certification and buyer impact, with a focused plan to close them.
Evidence map preview
| Control area | Expected evidence | Common gap | Kellwick output |
|---|---|---|---|
| AI system inventory | A register of AI systems and their purpose | No single inventory; shadow AI in the product | Mapped AI system register with owners |
| AI impact assessment | Impact on third parties and society (6.1.4 / 8.4) | Never performed, or seen only as risk to the company | Impact assessment method + first assessment |
| Data governance | Provenance, quality and lawful use of training / input data | Training-data lineage undocumented | Data governance evidence mapped to Annex A |
| Human oversight | Documented oversight of AI decisions | Oversight assumed, not evidenced | Oversight controls with an audit trail |
| Provider register | Foundation-model providers on the register | LLM vendor missing from the sub-processor list | Reviewed provider register + DPAs |
The process
You share what you build, buy or embed, the data that reaches each system, and the providers that touch it. An AI management system needs a defined boundary before anything else is worth doing.
We review clauses 4-10 and the 38 Annex A controls, and design the AI system impact assessment at 6.1.4 and 8.4 - the duty to assess impact on third parties and society, which is what 42001 adds over ISO 27001.
An AI system register, an impact assessment method, an Annex A control map, the ISO 27001 overlap and an honest AI Act position - so you build one management system, not two, and know exactly what to fix.
What usually breaks in AI-governance prep
Book this if
Led by a CQI/IRCA-trained ISO 27001 Lead Auditor
CQI/IRCA ISO/IEC 27001:2022 Lead Auditor trained. IRCA Associate Auditor - ISMS. CQI Practitioner Member - PCQI. 18 years in IT, SaaS, fintech, product and operations.
Kellwick is an independent advisory practice, not a certification body.
Typical starting points
Final pricing is confirmed after a scoping call.
Scoped on a call
A fast external read on where your AI management system stands before committing to a full readiness push.
Scoped on a call
AI SaaS companies preparing for ISO 42001 certification or facing enterprise AI-governance due diligence.
Scoped on a call
Teams that need structured support keeping the AI management system operating between audits.
Where we draw the line
ISO 42001 can never be an AI Act harmonised standard: those must be European standards adopted from CEN, CENELEC or ETSI, and the Commission's standardisation FAQ (10 March 2026) states that 42001's goals and definitions are not aligned with the AI Act's quality-management-system requirement. A 42001 certificate is powerful AI-governance evidence. We scope AI Act applicability honestly and never sell one as the other.
This is for you if
This is not for you if
Why Kellwick
Kellwick is built around practical management-system readiness for technology companies. The work is led by a CQI/IRCA-trained ISO/IEC 27001 Lead Auditor with deep experience across SaaS, fintech, product operations and risk-heavy environments - the same management-system discipline ISO 42001 is built on.
That matters because ISO 42001 is not a policy exercise. It touches how you inventory AI systems, assess their impact on third parties, govern data, oversee decisions and evidence that controls operate. A good readiness review understands the system behind the certificate - and reuses your ISMS rather than rebuilding it.
FAQ
Yes. ISO/IEC 42001 is a certifiable AI management system standard, and accredited certification is real. ANAB lists 18 accredited certification bodies as of 17 July 2026; UKAS granted its first accreditation (to BSI) on 15 January 2026; and ISO/IEC 42006:2025, the criteria certification bodies are accredited against, was published on 7 July 2025. The world-first accredited certificate went to ORO on 16 July 2024.
No. ISO 42001 is strong AI-governance evidence, but it is not AI Act conformity - and it can never be an AI Act harmonised standard, because those must be European standards from CEN, CENELEC or ETSI. The European Commission's standardisation FAQ (10 March 2026) states that 42001's goals and definitions are not aligned with the AI Act's quality-management-system requirement. We scope AI Act applicability honestly and never sell 42001 as a substitute for it.
42001 shares the Harmonised Structure with ISO 27001, so your existing ISMS carries most of the management-system spine over. What is genuinely new is clauses 6.1.4 and 8.4 - the AI system impact assessment - and a shift in the question being asked. ISO 27001 protects your company's information; ISO 42001 asks about the AI system's impact on the third parties and society it affects.
Annex A has 38 controls across 9 control groups (10 control objectives, since A.6 splits into A.6.1 and A.6.2). Both framings are defensible. We map each control to real, current evidence rather than treating the list as a checkbox.
No. A company earns certification; a certification body earns accreditation. Kellwick is an independent advisory practice, not a certification body. We prepare you and improve your evidence and AI management system; the certificate is issued only by an accredited certification body after their audit.
No. That is not a management system. ISO 42001 governs how you run AI - the inventory, the impact assessment, the controls and the evidence. It does not test model behaviour, and neither engagement is a substitute for the other.
No credible advisor should. The goal is to reduce avoidable audit risk, expose weak areas early, and help your team prepare evidence properly. The certification decision stays with the accredited body.
From the blog
AI features have quietly expanded your subprocessor list. Here is how to track, disclose, and govern them before a customer security review does it for you.
Read →FX & Trading GRCMT4 and MT5 admin credentials are among the highest-risk access points in any FX broker. Here is the ISO 27001 evidence gap that appears in almost every readiness review.
Read →SaaS Security GovernanceEveryone agrees with least privilege in principle. The hard part is running it in a fast-moving SaaS company without grinding engineering to a halt.
Read →Before the next enterprise buyer asks what governs your model.
Kellwick is an independent advisory practice. We are not a certification body and do not issue ISO certifications. Certification decisions are made only by accredited certification bodies.