AI Management Systems
ISO 42001 is the international standard for AI management systems. Published in December 2023, it provides a framework for organisations to establish, implement, maintain, and continually improve their approach to responsible AI. It has rapidly become the de facto governance baseline for organisations operating AI in regulated environments.
Certification against ISO 42001 requires documented, independently verifiable evidence that your AI management system operates as declared. This is where most organisations discover that their existing documentation practices are insufficient. ISO 42001 does not accept self-reported records as evidence of AI system behaviour.
The standard's documentation and audit trail requirements are distributed across several clauses. The operative demands are:
Most organisations seeking ISO 42001 certification already maintain documentation of their AI systems. They have model cards, risk assessments, data governance policies, and change logs. The audit challenge arises not from missing documentation, but from the integrity of that documentation.
ISO 42001 auditors are increasingly trained to distinguish between documentation that describes what a system was intended to do and evidence that demonstrates what it actually did. These are different things, and the gap between them is where certification fails.
Documentation (insufficient)
Evidence (ISO 42001 compliant)
Annex A.6.2 is the most technically demanding clause for most organisations. It requires that AI systems operating in high-risk contexts maintain records sufficient to reconstruct the system's behaviour at the time of any specific decision. This is not a reporting requirement. It is an architectural requirement.
For a credit scoring system, this means: at any subsequent point, a compliance officer must be able to reconstruct exactly what inputs the model received, which model version processed those inputs, what the output was, and what contextual conditions applied at the time. If any of those elements are missing or could have been altered, the record fails the Annex A.6.2 standard.
Organisations operating high-risk AI systems in the EU face overlapping obligations from ISO 42001 and the EU AI Act. The two frameworks align in their requirements for operational records, but with important differences:
Organisations building a single evidence infrastructure that satisfies both frameworks simultaneously are better positioned than those pursuing separate compliance tracks. A cryptographic audit trail built to EU AI Act Article 12 standards will also satisfy ISO 42001 Annex A.6.2 with margin.
Certification auditors are specifically trained to probe the integrity of documented information. The typical audit sequence for AI operational records is:
Organisations that cannot answer steps 2 through 4 without pointing to an internal system or a vendor attestation will receive a nonconformity. The most common gap is step 3: organisations have timestamps, but the timestamps are self-reported and cannot be independently verified.
Clause 9.1 requires that monitoring and measurement results be retained as documented information. For AI systems, this means operational evidence must accumulate continuously, not be assembled for audit purposes. An organisation that produces evidence only when a certification audit is scheduled is not meeting the continuous monitoring requirement.
The practical implication is that ISO 42001-compliant AI evidence infrastructure must be always-on. Evidence must be generated and retained from the first day an AI system is in production, not from the day a certification decision is made. Auditors will check the continuity of records, and gaps in operational coverage are material nonconformities.
When AI systems produce unexpected outputs, exhibit bias, or contribute to harm, ISO 42001 Clause 10.1 requires documented evidence of the corrective action process: what was identified, what was done, and whether the action was effective. This requires being able to point to the original AI decision record that triggered the corrective action and trace the chain from incident to resolution.
Without a tamper-evident audit trail, the corrective action documentation cannot be verified against the original system behaviour. Auditors will ask to see the original record and compare it to the corrective action documentation. If the original record could have been altered, the entire corrective action chain is invalidated.
KairoNull's Umbra Trust Protocol captures AI decision records at the moment of generation, applies RFC3161 timestamping, and chains them with SHA-256 into a tamper-evident ledger. The output is independently verifiable by ISO 42001 auditors and EU AI Act regulators without requiring KairoNull access.
Book a 30-min scoping call