Governance & guardrails
ISO 42001 checklist: every clause and all 38 Annex A controls
ISO 42001 checklist searches mostly return email gates and bare PDFs, so here's the alternative: the full checklist, on this page, in the open. Work through it and you'll know roughly how far you are from certifiable before you pay anyone anything.
How to use this checklist
Two things to know before you start. ISO/IEC 42001:2023 has a mandatory half and a selectable half. Clauses 4 to 10 are the management system itself and every certified organization must meet them. The 38 Annex A controls are a reference set: you choose which apply through your risk treatment and defend each inclusion and exclusion in a Statement of Applicability. So don't treat 38 unchecked boxes as 38 failures; treat each one as a decision you need to be able to justify.
Part 1: the management-system clauses (mandatory)
Clause 4: Context of the organization
- Identify the internal and external issues relevant to your AI use (regulatory exposure, customer expectations, where AI touches decisions).
- List interested parties (customers, regulators, employees, suppliers) and what they require of your AI.
- Define the AIMS scope in writing: which AI systems, teams, and sites are in, and which are out. Auditors read this first.
Clause 5: Leadership
- Get visible top-management commitment: someone senior owns the AIMS by name.
- Establish and communicate an AI policy approved by leadership. Evidence: the signed, dated policy.
- Assign roles, responsibilities, and authorities for AI governance. Evidence: a RACI or equivalent.
Clause 6: Planning
- Define a repeatable AI risk assessment methodology with criteria you can defend.
- Run the risk assessment and write a risk treatment plan.
- Produce a Statement of Applicability: which Annex A controls apply, which don’t, and why. This document anchors the audit.
- Define an AI system impact assessment process (effects on individuals and society, not just the business).
- Set measurable AIMS objectives and plans to reach them.
Clause 7: Support
- Provide the resources the AIMS needs: people, budget, tooling.
- Define competence requirements for AI roles and keep training records.
- Run awareness so staff know the policy exists and what it asks of them.
- Plan internal and external communication about AI use.
- Control AIMS documentation: versioned, approved, findable.
Clause 8: Operation
- Put lifecycle processes into operation: the controls from your Statement of Applicability, actually running.
- Perform risk assessments at planned intervals and when significant changes occur.
- Perform impact assessments per your defined process and keep the records.
- Execute the risk treatment plan and track it to completion.
Clause 9: Performance evaluation
- Monitor and measure AIMS performance against your objectives.
- Run an internal audit program before the certification body shows up. Evidence: audit plan, findings, follow-ups.
- Hold management reviews at planned intervals. Evidence: minutes with decisions, not just attendance.
Clause 10: Improvement
- Record nonconformities and corrective actions, with root cause and closure.
- Show continual improvement of the AIMS over time (updated risks, revised controls, closed findings).
Part 2: the 38 Annex A controls (selected via your Statement of Applicability)
For each control: check it if it's implemented with evidence, or if you've excluded it with a written justification. The note after each name is what auditors typically want to see.
A.2: Policies related to AI (3 controls)
- A.2.2 AI policy. Evidence: a documented policy for developing or using AI systems.
- A.2.3 Alignment with other organizational policies. Evidence: AI policy consistent with security, privacy, and HR policies.
- A.2.4 Review of the AI policy. Evidence: scheduled reviews, plus reviews on major change or incident.
A.3: Internal organization (2 controls)
- A.3.2 AI roles and responsibilities. Evidence: defined, allocated, and known to the people holding them.
- A.3.3 Reporting of concerns. Evidence: a working channel to raise AI concerns, internally and externally.
A.4: Resources for AI systems (5 controls)
- A.4.2 Resource documentation. Evidence: an inventory of what each AI system depends on.
- A.4.3 Data resources. Evidence: the datasets each system uses, documented.
- A.4.4 Tooling resources. Evidence: frameworks, libraries, and platforms in use, documented.
- A.4.5 System and computing resources. Evidence: where models run and on what infrastructure.
- A.4.6 Human resources. Evidence: who builds, operates, and oversees each system, with qualifications.
A.5: Assessing impacts of AI systems (4 controls)
- A.5.2 AI system impact assessment process. Evidence: a defined, repeatable process, not ad hoc judgment.
- A.5.3 Documentation of impact assessments. Evidence: intended use, foreseeable misuse, impacts, mitigations, on file.
- A.5.4 Impact on individuals or groups. Evidence: assessed per system: fairness, safety, rights.
- A.5.5 Societal impacts. Evidence: broader effects assessed where the system warrants it.
A.6: AI system life cycle (9 controls)
- A.6.1.2 Objectives for responsible development. Evidence: written objectives guiding how you build.
- A.6.1.3 Processes for responsible design and development. Evidence: the development process itself, documented.
- A.6.2.2 AI system requirements and specification. Evidence: requirements written down before building.
- A.6.2.3 Documentation of design and development. Evidence: design decisions traceable after the fact.
- A.6.2.4 Verification and validation. Evidence: test plans and results, including against defined criteria.
- A.6.2.5 Deployment. Evidence: a controlled release process with sign-off.
- A.6.2.6 Operation and monitoring. Evidence: production monitoring, drift and performance checks.
- A.6.2.7 Technical documentation. Evidence: current documentation an auditor or customer can be shown.
- A.6.2.8 Recording of event logs. Evidence: logs kept for tracing what the system did and when.
A.7: Data for AI systems (5 controls)
- A.7.2 Data for development and enhancement. Evidence: defined processes for the data used to build and improve.
- A.7.3 Acquisition of data. Evidence: sources, categories, and selection criteria recorded.
- A.7.4 Quality of data. Evidence: quality requirements defined and checked.
- A.7.5 Data provenance. Evidence: where data came from, traceable through the lifecycle.
- A.7.6 Data preparation. Evidence: cleaning, labeling, and transformation methods documented.
A.8: Information for interested parties (4 controls)
- A.8.2 System documentation and information for users. Evidence: users can learn purpose, limits, and instructions.
- A.8.3 External reporting. Evidence: a route for outsiders to report adverse impacts.
- A.8.4 Communication of incidents. Evidence: a documented plan for telling users when things go wrong.
- A.8.5 Information for interested parties. Evidence: obligations to regulators and customers identified and met.
A.9: Use of AI systems (3 controls)
- A.9.2 Processes for responsible use. Evidence: documented rules for how AI is used, not just built.
- A.9.3 Objectives for responsible use. Evidence: written objectives for use, mirroring the development ones.
- A.9.4 Intended use of the AI system. Evidence: systems used per their intended purpose; misuse watched for.
A.10: Third-party and customer relationships (3 controls)
- A.10.2 Allocating responsibilities. Evidence: who is responsible for what across you, vendors, and customers.
- A.10.3 Suppliers. Evidence: AI suppliers vetted against your requirements, in contracts.
- A.10.4 Customers. Evidence: customer expectations and responsible-use needs addressed.
What to do with the result
If most boxes are unchecked, that's normal; almost nobody starts certifiable. The real decisions are whether the certificate is worth pursuing at all (our certification cost guide gives the honest version, including when it isn't) and how ISO 42001 fits alongside the NIST AI RMF and the EU AI Act, which our framework crosswalk maps row by row. If you'd rather have the gap analysis done for you, that's our fixed-scope AI risk assessment, and the remediation work after it is AI governance consulting. We're not a certification body, so we have no stake in which way your decision goes.
This checklist is general information, not legal advice or a substitute for the standard itself; certification decisions rest with your accredited auditor.
Questions people ask
- How many controls does ISO 42001 have?
- 38 Annex A controls across 9 domains (A.2 through A.10), on top of the mandatory management-system clauses 4 through 10. You'll see "39" in some vendor content, usually from counting a draft or a domain heading; the enumeration above matches the published ISO/IEC 42001:2023 structure control by control.
- Are all Annex A controls mandatory?
- No. Annex A is a reference set: you select controls through risk treatment (clause 6.1.3) and justify inclusions and exclusions in your Statement of Applicability. Clauses 4 to 10 are the mandatory part. Auditors care less about implementing all 38 than about defending why each one is in or out.
- What documentation does ISO 42001 require?
- At minimum: the AIMS scope, the AI policy, the risk assessment methodology and results, the Statement of Applicability, impact assessment records, evidence for each applicable control, internal audit results, and management review minutes. Most of this checklist's evidence notes point at exactly these documents.
- Is there a PDF or spreadsheet version of this checklist?
- Not yet; the page itself is the artifact, and it copies cleanly into a spreadsheet or tracker. We kept it in HTML on purpose so you can read it before anyone asks for your email address.
- What should we do after running this checklist?
- Count the unchecked boxes and read our ISO 42001 certification cost guide to decide whether closing them is worth it for your situation. If you want the gap analysis run for you, with a stated price, that's our fixed-scope assessment.
Tell us about the work.
A few lines is enough. We read every enquiry ourselves and reply within one business day.