ISO/IEC 42001.

The first international management-system standard for AI, published in December 2023, specifying requirements to establish, implement, maintain, and continually improve an AI Management System (AIMS) for organizations that develop or use AI. サイバーセキュリティの コンプライアンスとフレームワーク カテゴリに属します。

The first international management-system standard for AI, published in December 2023, specifying requirements to establish, implement, maintain, and continually improve an AI Management System (AIMS) for organizations that develop or use AI.

ISO/IEC 42001:2023, 'Information technology — Artificial intelligence — Management system,' is the AI counterpart of ISO/IEC 27001. It defines requirements for an AI Management System (AIMS) covering scope, leadership, planning, support, operation, performance evaluation, and improvement, plus Annex A controls organized into governance, AI policies, internal organization, resources, AI-system lifecycle, data for AI, information for interested parties, use of AI, and third-party relationships. Adoption is driven both by regulators (the EU AI Act references ISO management standards as evidence of conformity for some risk-management obligations) and by enterprise customers asking AI vendors for assurance. Independent certification bodies began offering ISO 42001 certification audits in 2024, and several major AI vendors (Anthropic, AWS AI services) achieved certification through 2024–2025. The standard pairs well with ISO 27001 (for the security of the AIMS), ISO 27701 (privacy), and the NIST AI RMF (a non-prescriptive but compatible companion framework).

ISO/IEC 42001 に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

一般的な別名: AIMS, AI Management System standard。