ISO 27001 to ISO 42001
ISO/IEC 27001:2022 and ISO/IEC 42001:2023 are designed to operate together. This map shows where each ISO 42001 Annex A control draws on an information-security control you may already run, and where it adds something specific to AI.
What ISO 42001 adds for AI
The controls an AI management system introduces, where an information-security standard was not written to reach.
- A.5.2AI system impact assessment processSpecific to AI
- A.5.3Documentation of AI system impact assessmentsSpecific to AI
- A.5.4Assessing AI system impact on individuals or groupsSpecific to AI
- A.5.5Assessing societal impacts of AI systemsSpecific to AI
- A.6.1.2Objectives for responsible development of AISpecific to AI
- A.7.4Quality of data for AI systemsSpecific to AI
- A.7.5Data provenanceSpecific to AI
- A.9.3Objectives for responsible use of AI systemsSpecific to AI
- A.9.4Intended use of the AI systemSpecific to AI
Each ISO 42001 Annex A control, grouped by objective, and the ISO 27001 controls it draws on.
- A.2.2AI PolicyCarried over
Relates to
A.5.1 Policies for information security
Add an AI policy as part of the overall InfoSec policy framework.
- A.2.3Alignment with other organizational policiesCarried over
Relates to
A.5.1 Policies for information security
Ensure the AI policy aligns with InfoSec policies and the broader MS.
A.5.4 Management responsibilities
Management must integrate AI responsibilities into overall governance.
- A.2.4Review of the AI policyCarried over
Relates to
A.5.1 Policies for information security
Periodically review the AI policy alongside InfoSec.
A.5.36 Compliance with policies, rules & standards
Integrate AI policy reviews in compliance checks.
- A.3.2AI roles & responsibilitiesCarried over
Relates to
A.5.2 Information security roles & responsibilities
Document AI roles (e.g., AI Ethics Lead, AI Dev) in parallel with InfoSec roles.
- A.3.3Reporting of concernsCarried over
Relates to
A.5.24 InfoSec incident mgmt planning & prep
AI "ethical" or security concerns can follow incident management workflow.
A.6.4 The disciplinary process (partial)
Partial synergy: potential disciplinary steps if AI misuse or unethical practices are reported.
- A.4.2Resource documentationCarried over
Relates to
A.5.9 Inventory of information & other associated assets
Keep AI data/models, computing resources in your asset inventory.
- A.4.3Data resourcesCarried over
Relates to
A.5.9 Inventory of information & other associated assets
Include AI datasets, pipelines, etc.
A.5.14 Information transfer
Manage and secure data flows for AI.
- A.4.4Tooling resourcesCarried over
Relates to
A.5.9 Inventory of information & other associated assets
Also track specialized AI tools or frameworks as assets.
A.8.18 Use of privileged utility programs
Restrict or monitor advanced AI scripts/utilities.
- A.4.5System & computing resourcesCarried over
Relates to
A.8.6 Capacity management
Overlaps in GPU/ML resource management.
A.5.23 InfoSec for use of cloud services
If AI is cloud-based, apply relevant cloud security controls.
- A.4.6Human resourcesCarried over
Relates to
A.6.1 Screening
Screen or verify staff for AI competencies and trustworthiness.
A.6.3 InfoSec awareness, education & training
Extend training to include AI ethics, responsible development, etc.
- A.5.2AI system impact assessment processSpecific to AI
Relates to
Clause 6.1 Risk assessment (ISO 27001 Clause 6.1)
Integrate AI-specific risk and impact into your standard risk approach.
A.5.7 Threat intelligence (partial)
Factor new AI threats (e.g., data poisoning) into risk approach.
A.5.25 Assessment & decision on InfoSec events (partial)
Evaluate AI events in your existing process.
- A.5.3Documentation of AI system impact assessmentsSpecific to AI
Relates to
Clause 6.1 Risk management documentation (ISO 27001 Clause 6.1)
Store AI impact results in your risk register or risk docs.
- A.5.4Assessing AI system impact on individuals or groupsSpecific to AI
Relates to
A.5.34 Privacy & protection of PII
Evaluate potential personal data usage, bias, fairness.
- A.5.5Assessing societal impacts of AI systemsSpecific to AI
Relates to
A.5.34 Privacy & protection of PII (partial)
Goes beyond typical privacy to societal-level impacts, but some overlap remains.
- A.6.1.2Objectives for responsible development of AISpecific to AI
Relates to
A.5.4 Management responsibilities
Leadership sets AI dev goals as part of broader management system.
- A.6.1.3Processes for responsible AI system design & developmentCarried over
Relates to
A.8.25 Secure development life cycle
Integrate AI-lifecycle steps (data quality, bias checks) into secure DevOps.
A.5.8 InfoSec in project management (partial)
Incorporate AI-lifecycle steps in general project planning.
- A.6.2.2AI system requirements & specificationCarried over
Relates to
A.8.26 Application security requirements
Overlaps with specifying security needs for AI solutions.
A.5.8 InfoSec in project management (partial)
Document AI specs as part of the project scope.
A.8.9 Configuration management (partial)
Initial system specs feed into configuration management.
- A.6.2.3Documentation of AI system design & developmentCarried over
Relates to
A.5.37 Documented operating procedures
Keep AI design/dev docs with your standard documented procedures.
A.8.9 Configuration management (partial)
Track changes to design docs as part of configuration management.
- A.6.2.4AI system verification & validationCarried over
Relates to
A.8.29 Security testing in development & acceptance
Incorporate fairness, bias, and model vulnerability testing.
A.8.28 Secure coding (partial)
Overlaps with verifying code security and correctness.
- A.6.2.5AI system deploymentCarried over
Relates to
A.8.19 Installation of software on operational systems
Align AI deployment with standard release procedures.
A.8.31 Separation of dev, test & production
Keep AI dev/test separate from production.
- A.6.2.6AI system operation & monitoringCarried over
Relates to
A.8.16 Monitoring activities
Monitor AI performance, detect drift, anomalies.
A.8.32 Change management (partial)
Oversee updates or retraining in production.
- A.6.2.7AI system technical documentationCarried over
Relates to
A.5.37 Documented operating procedures
Maintain detailed AI system docs.
- A.6.2.8AI system recording of event logsCarried over
Relates to
A.8.15 Logging
Log model inputs/outputs, performance, etc.
- A.7.2Data for development & enhancement of AI systemCarried over
Relates to
A.5.9 Inventory of info & other assets
Include training/validation datasets in the asset register.
A.5.12 Classification of information (partial)
Consider confidentiality or compliance constraints.
A.8.25 Secure development life cycle (partial)
Integrate data usage in dev/test phases.
- A.7.3Acquisition of dataCarried over
Relates to
A.5.14 Information transfer
Securely transfer external data for AI.
A.5.19-A.5.22 Supplier mgmt (partial)
If data is purchased or obtained from external suppliers.
- A.7.4Quality of data for AI systemsSpecific to AI
Relates to
A.5.12 Classification of information (partial)
Data classification can incorporate data quality/bias checks.
A.8.11 Data masking (partial)
Use masking/anonymization to maintain data quality & privacy.
A.8.12 Data leakage prevention (partial)
Ensuring data integrity also helps prevent leakage or unauthorized use.
- A.7.5Data provenanceSpecific to AI
Relates to
A.5.9 Inventory of info & other assets
Keep data lineage as part of your asset inventory approach.
A.5.14 Information transfer (partial)
Track origin/destination of datasets.
- A.7.6Data preparationCarried over
Relates to
A.8.10 Information deletion (partial)
Removing/sanitizing data used for AI.
A.8.33 Test information
Overlaps in how test/training data is prepared or anonymized.
- A.8.2System documentation & information for usersCarried over
Relates to
A.5.37 Documented operating procedures
Provide AI usage documentation within standard operating procedures.
- A.8.3External reportingCarried over
Relates to
A.5.31 Legal, statutory, regulatory & contractual requirements
If AI is regulated, you may need external disclosures.
- A.8.4Communication of incidentsCarried over
Relates to
A.5.24 InfoSec incident mgmt planning & prep
Integrate AI incidents with overall incident response.
A.6.8 InfoSec event reporting
Extend event reporting channels to AI issues.
- A.8.5Information for interested partiesCarried over
Relates to
A.5.31 Legal, statutory, regulatory & contractual (partial)
If laws require stakeholder transparency about AI.
- A.9.2Processes for responsible use of AI systemsCarried over
Relates to
A.5.15 Access control
Limit who can use or train AI models.
A.5.18 Access rights
Tie specific AI usage rights to user roles.
A.8.2 Privileged access rights
Overlaps in controlling privileged AI usage.
A.8.3 Information access restriction
Determine which data/models a user can access.
A.8.18 Use of privileged utility programs
Restrict advanced AI debugging or development tools.
- A.9.3Objectives for responsible use of AI systemsSpecific to AI
Relates to
A.5.4 Management responsibilities
Management sets usage objectives (e.g., ethical usage).
- A.9.4Intended use of the AI systemSpecific to AI
Relates to
No direct ISO 27001 equivalent
27001 does not require "intended use" documentation.
- A.10.2Allocating responsibilitiesCarried over
Relates to
A.5.2 Information security roles & responsibilities (partial)
Clarify cross-organizational responsibilities for AI.
A.5.31 Legal, statutory, regulatory & contractual requirements (partial)
Include AI roles in contracts if needed.
- A.10.3SuppliersCarried over
Relates to
A.5.19 Information security in supplier relationships
Oversee AI suppliers with your standard supplier management approach.
A.5.20 Addressing InfoSec within supplier agreements
Add AI-specific clauses in supplier contracts.
A.5.21 Managing InfoSec in the ICT supply chain
Extend supply chain security to AI model/data providers.
A.5.22 Monitoring, review & change mgmt of supplier services
Continual oversight of AI suppliers.
A.8.30 Outsourced development (partial)
If outsourcing AI development, apply the same supplier dev controls.
- A.10.4CustomersCarried over
Relates to
A.5.19 Information security in supplier relationships (partial)
Reverse relationship if you deliver AI solutions to clients.
A.5.31 Legal, statutory, regulatory & contractual requirements (partial)
Contracts for AI solutions to customers.
Each ISO 27001:2022 Annex A control and its place in an AI management system.
Click to sort rows by Control header in ascending order | Click to sort rows by Relates to header in ascending order | Click to sort rows by Relationship header in ascending order | |
|---|---|---|---|
| A.5.1 Policies for information security | A.2.2 AI Policy +2 more | Carried over | |
| A.5.2 Information security roles & responsibilities | A.3.2 AI roles and responsibilities | Carried over | |
| A.5.3 Segregation of duties | No distinct ISO 42001 equivalent | Security-only | |
| A.5.4 Management responsibilities | A.2.3 Alignment with other organizational policies +2 more | Carried over | |
| A.5.5 Contact with authorities | No distinct ISO 42001 equivalent | Security-only | |
| A.5.6 Contact with special interest groups | No distinct ISO 42001 equivalent | Security-only | |
| A.5.7 Threat intelligence | A.5.2 AI system impact assessment process | Carried over | |
| A.5.8 Information security in project management | A.6.1.3 Processes for responsible AI system design & development +1 more | Carried over | |
| A.5.9 Inventory of information & other associated assets | A.4.2 Resource documentation +1 more | Carried over | |
| A.5.10 Acceptable use of information & other associated assets | No distinct ISO 42001 equivalent | Security-only | |
| A.5.11 Return of assets | No distinct ISO 42001 equivalent | Security-only | |
| A.5.12 Classification of information | A.7.4 Quality of data for AI systems | Carried over | |
| A.5.13 Labelling of information | No distinct ISO 42001 equivalent | Security-only | |
| A.5.14 Information transfer | A.4.3 Data resources +1 more | Carried over | |
| A.5.15 Access control | A.9.2 Processes for responsible use of AI systems | Carried over | |
| A.5.16 Identity management | No distinct ISO 42001 equivalent | Security-only | |
| A.5.17 Authentication information | No distinct ISO 42001 equivalent | Security-only | |
| A.5.18 Access rights | A.9.2 Processes for responsible use of AI systems | Carried over | |
| A.5.19 Information security in supplier relationships | A.10.3 Suppliers | Carried over | |
| A.5.20 Addressing InfoSec within supplier agreements | A.10.2 Allocating responsibilities +1 more | Carried over | |
| A.5.21 Managing InfoSec in the ICT supply chain | A.10.3 Suppliers | Carried over | |
| A.5.22 Monitoring, review & change mgmt of supplier services | A.10.3 Suppliers | Carried over | |
| A.5.23 InfoSec for use of cloud services | A.4.5 System & computing resources | Carried over | |
| A.5.24 InfoSec incident mgmt planning & preparation | A.8.4 Communication of incidents | Carried over | |
| A.5.25 Assessment & decision on InfoSec events | A.5.2 AI system impact assessment process | Carried over |