Implementation of an AIMS (ISO/IEC 42001:2023)

Artificial Intelligence (AI) has evolved from laboratory experiments to critical business systems, creating a series of associated risks such as bias, security, privacy, misuse, third‑party dependency, and opacity. Organizations that manage their risks in a controlled manner require a reference framework to manage these risks and demonstrate control, accountability, and alignment with regulations (AI Act, GDPR, etc.).

The ISO/IEC 42001 standard emerges as the international framework for systematically managing AI, just as ISO 9001 did for quality or ISO 27001 for security. Like these standards, ISO/IEC 42001 adopts the continuous improvement approach based on the PDCA cycle (Plan, Do, Check, Act), which allows organizations not only to implement controls over their AI systems but also to review and refine them systematically and periodically. This cycle ensures that AI management is not a one‑off effort but a dynamic process that evolves alongside technology and its associated risks.

An AIMS (Artificial Intelligence Management System) is a set of policies, processes, and controls designed to ensure that AI systems are safe, ethical, transparent, and aligned with business purpose.

It is important to note that an AIMS does not regulate the models themselves, but rather how the organization manages AI in general. In other words, the AIMS does not dictate how the model should think, but how the organization should behave when creating or using it.
The implementation of an AIMS is carried out through a risk‑based approach applied across the entire AI system lifecycle:

ISO/IEC 42001:2023 follows Annex SL (formerly ISO Guide 83), which facilitates integration, compatibility, and harmonization with other standards that follow the same annex, such as ISO 9001, 14001, 27001, 27701, 31000, 37001, 45001. This means the standard includes the 10 chapters that enable integration with other management systems: Scope, Normative References, Terms and Definitions, Context of the Organization, Leadership, Planning, Support, Operation, Performance Evaluation, and Improvement.

Below are key aspects to consider when implementing the most important sections.

Context of the Organization

The first step in implementing an AIMS is determining its scope. This begins with identifying where products or services dependent on AI are used or implemented—whether the product or service is an AI system or AI is used to develop or deliver it. This requires creating an inventory and classification of AI systems with relevant information such as owner, criticality, function, type, risk, documentation status, project status, and any other relevant information that enables proper management.

Next, stakeholders must be identified and documented—those who determine how AI is used in the organization and those affected directly or indirectly by its use. At minimum, stakeholders should include: suppliers, AI developers (across the lifecycle), customers or users, employees, AI subjects (those whose data is processed by AI), authorities, legislators, and regulators.

With these elements, the scope of the AIMS can be documented clearly, defining what will be governed by the system and establishing the system’s objectives.

Analysis of Key Sections of the Standard

Leadership

Leadership defines the vision for AI use within the organization, and this vision must be translated into policies that guide employee behavior regarding AI implementation and use.

In addition to defining the vision, top management must ensure that necessary resources are allocated and must monitor compliance with AIMS requirements through management reviews.

To translate leadership’s vision into operational tasks, a policy must be defined and communicated to all affected parties. Roles and responsibilities must also be documented. 
 ▪️ CEO: Strategic commitment and direction
 ▪️ CIO/CDO: Leadership in data and AI governance
 ▪️ AI Manager: Coordination of the AIMS, oversight of compliance
 ▪️ Risk Team: Identification and assessment of risks
 ▪️ Technical Teams: Implementation of controls
 ▪️ Operational Teams: Execution of controls and incident response
 ▪️ Internal Audit: Compliance evaluation

Planning
Planning involves identifying the risks the organization faces when implementing AI, whether as a support mechanism or as a core component of a product or service.

A risk analysis methodology must be defined, considering that AI introduces new risks unfamiliar to many teams.

After defining how risks will be identified, the evaluation mechanism must be established—how to determine the impact on the organization if a risk materializes—and the acceptable risk level must be defined.

For unacceptable risks, treatment strategies must be planned, typically involving the implementation of controls.

The AIMS also requires assessing the impact of AI on individuals or entities affected by the systems and ensuring this assessment influences the risk analysis.

Finally, objectives aligned with the initial vision and business goals must be defined.

 Support 
Management systems require resources to function. This includes financial, technological, and human resources. The organization must ensure competencies and training in AI, given its rapid evolution.

Awareness and training must align with assigned responsibilities, ensuring everyone understands the policy and their role in the system.

Communication responsibilities must be clearly defined, including who is authorized to communicate internally and externally.

Processes must be documented and version‑controlled, and records must be preserved to support decisions and internal evaluations.

Operation
The operation phase is where all the controls and processes defined during the planning stage are put into practice. It is in this section that the AIMS comes to life through the systematic execution of risk analysis, the implementation of technical and operational controls, and the establishment of continuous monitoring mechanisms.

Risk Assessment and Management
Risk assessment must be carried out in accordance with the methodology defined during the planning phase. This assessment must be a continuous process that accompanies the entire lifecycle of the AI system, rather than a one‑time event conducted at the beginning of the project.

The specific risks to evaluate in AI systems include:
 ▪️ BIAS AND DISCRIMINATION: The risk that the model or training data generates outcomes that favor or penalize specific groups. This includes demographic, gender‑based, socioeconomic, or any other type of bias.
 ▪️ LACK OF TRANSPARENCY: The inability to explain or justify the decisions made by the AI system. This is especially critical in contexts where individual rights may be affected.
 ▪️ PRIVACY: The risk of exposure, loss, or misuse of personal or sensitive data during collection, training, validation, or operation phases.
 ▪️ SECURITY: System vulnerabilities to adversarial attacks, manipulation of input data, model poisoning, or unauthorized access.
 ▪️ PERFORMANCE: Degradation or variability in the model’s accuracy and quality when exposed to data not seen during training.
 ▪️ ACCOUNTABILITY: Ambiguity regarding who is responsible when the system makes mistakes or causes harm.
 ▪️ ROBUSTNESS: The system’s ability to maintain acceptable performance when facing unexpected inputs, out‑of‑distribution data, or contextual changes.
 ▪️ OVERFITTING OR UNDERFITTING: An incorrect balance between model complexity and data quality.
 ▪️ DEPLOYMENT OF UNSAFE OR UNFAIR SYSTEMS: The operational risk of deploying systems that have not been fully validated.

For each identified risk, the following must be documented: a detailed description, root causes, estimated probability and impact, resulting risk level, existing controls, and additional controls required.

Operational Planning of the AI System Lifecycle
The AIMS must establish documented procedures for each stage of the AI system lifecycle. These procedures act as guiding rails that ensure every technical decision is aligned with governance objectives and regulatory compliance requirements.

Design and Architecture  
In the design phase, the fundamental parameters of the AI system are defined:
▪️ Clear definition of the AI system’s objectives and success metrics
▪️ Identification of functional and non‑functional requirements with a focus on safety and fairness
▪️ Well‑grounded architectural selection with documentation of the alternatives considered
▪️ Data entity mapping: source, transformations, destination
▪️ Definition of system boundaries and interfaces with other systems
▪️ Documentation of technical assumptions and known limitations
▪️ Assessment of potential impact on affected individuals and groups
▪️ Planning of technical security: authentication, authorization, encryption

Data Management  
Data quality is essential for the safety and fairness of AI systems. The AI Governance System must establish rigorous standards:
▪️ DATA PROVENANCE: Documentation of origin, authorization for use, licenses, and copyright. Full traceability from the source.
▪️ REPRESENTATIVENESS: Bias analysis in the composition of the dataset. Evaluation of whether the data adequately represents the affected populations.
▪️ CLEANING AND TRANSFORMATION: Documented procedures for handling missing data, outliers, and preparation for training.
▪️ DATA GOVERNANCE: Version control, change documentation, access auditing, and secure storage.
▪️ REGULATORY COMPLIANCE: Validation that data use complies with GDPR, CCPA, and local regulations. Consent evaluation.
▪️ LABELING AND ANNOTATION: Quality processes to ensure that labeled data is accurate and consistent.

Development and Training  
During development, the AI model is implemented with multiple layers of validation:
▪️ Well‑grounded selection of algorithms and technology frameworks based on requirements
▪️ Code implementation following documented quality and security standards  
▪️ Technical validation: evaluation of accuracy, precision, recall, and F1‑score according to context
▪️ Ethical validation: bias analysis, fairness metrics, and evaluation across demographic groups
▪️ Legal validation: review of data and model copyright, and contractual restrictions
▪️ Robustness testing: evaluation against adversarial examples and out‑of‑distribution data
▪️ Documentation of hyperparameters, training configuration, and technical decisions 
▪️ Model version control and traceability of changes

Third‑Party Vendor and External Model Control  
Many organizations use pre‑trained models, third‑party APIs, or cloud‑based AI services. The AI Governance System must establish rigorous controls:
▪️ Risk assessment of vendors prior to integration into operational systems
▪️ Audit of terms of service, licenses, and permitted‑use restrictions  
▪️ Validation that external models/services meet security, privacy, and fairness requirements  
▪️ Establishment of SLAs (Service Level Agreements) with guarantees of availability and security
▪️ Continuous monitoring of external service performance and periodic review of terms
▪️ Contingency plans in case of provider unavailability or changes
▪️ Validation of regulatory compliance of vendors and their data‑handling procedures

Deployment and Monitoring  
Production deployment must be controlled and continuously monitored:
▪️ Documented deployment plan with entry criteria (gates) that must be met before release
▪️ Access control: restricting system access to authorized users through robust authentication mechanisms
▪️ Environment segregation: clear differentiation between development, testing, and production environments with distinct controls
▪️ Rollback procedures: ability to quickly revert changes if issues are identified in production
▪️ Continuous oversight: monitoring of performance metrics, data drift, and anomalies in inputs and outputs
▪️ Automated alerts: threshold‑based alerts triggered when deviations are detected
▪️ Maintenance and updates: procedures for applying security patches and performance improvements
▪️ Access auditing: logging who accesses the system, when, and what actions they perform

Continuous Monitoring and Maintenance  
Once in operation, the AI system requires constant oversight to detect degradation, changes in the operational context, or the emergence of new risks:
▪️ PERFORMANCE MONITORING: Continuous tracking of technical metrics (accuracy, precision, latency) on real operational data.
▪️ DRIFT DETECTION: Identification of changes in the distribution of input data (data drift) or in model performance (model drift).
▪️ FAIRNESS MONITORING: Periodic evaluation to ensure fairness metrics remain stable across demographic groups during operation.
▪️ ANOMALY ANALYSIS: Detection of unusual behaviors in predictions that may indicate attacks or system failures.
▪️ RETRAINING AND UPDATING: Procedures for retraining the model with new data, validating fairness characteristics.
▪️ INCIDENT AUDITING: Detailed analysis of AI‑related incidents, including documentation of root cause and impact.
▪️ USER FEEDBACK: Mechanisms to capture feedback from end users and stakeholders.

Performance Evaluation  
Performance evaluation of the AI Governance System (AIGS) is the mechanism through which the organization verifies that the system is meeting its objectives, that controls are being effectively implemented, and that progress is being made toward the expected level of maturity.

Continuous monitoring provides real‑time visibility into the status and behavior of operational AI systems. Examples of mechanisms used for monitoring include: monitoring dashboards that provide real‑time visibility into system status; technical metrics (accuracy, latency, availability, error rate, rejection rate); business metrics (impact on organizational objectives, cost savings, efficiency improvements); compliance metrics (adherence to AI policies, compliance with applicable regulations); automated alerts configured for rapid escalation when anomalies or deviations are detected; and trend analysis that enables the identification of degradation or improvement patterns over time.

Internal audits are independent evaluations of the AIGS’s conformity with its policies, procedures, and the requirements of the ISO/IEC 42001 standard. These audits should be conducted annually and cover all components of the management system.

Performance indicators must measure both the effectiveness of the AIGS and the performance of the AI systems under its governance. Key elements to measure include coverage, compliance, incidents, fairness, maturity, and training.

Management reviews are sessions in which leadership examines the overall effectiveness of the AIGS, resource allocation, strategic alignment, and the need for changes. These reviews are recommended at least annually.

Improvement  
Continuous improvement is the cycle that closes the AIGS, enabling the organization to evolve its AI governance capabilities in response to lessons learned, environmental changes, or new regulations. This process must be systematic and embedded within the organizational culture. Its implementation follows the same principles used in other management systems; however, special attention is required regarding updates driven by changes in the environment and regulatory landscape.

Regulatory Compliance

The implementation of systems that handle data—often external data and frequently classified as personal data or protected by copyright—requires establishing a legally, regulatory, and contractually compliant environment. This exposes the organization to multiple frameworks that the system’s behavior must align with. Below are examples of regulations and standards that must be considered during implementation:
▪️ GDPR: Data protection and individual rights
▪️ EU AI Act: Requirements based on risk level
▪️ CCPA: Privacy regulation in California
▪️ Sector‑specific standards: Finance, healthcare, public safety
▪️ International standards: ISO/IEC 27001, ISO/IEC 27701
▪️ Emerging local regulations

Ethical Principles for AI

Finally, because working with artificial intelligence can influence user expectations, the AIGS must operate according to ethical principles that guide its actions. The following are suggested ethical principles:
▪️ TRANSPARENCY: Users are aware they are interacting with AI
▪️ FAIRNESS: No discrimination based on protected characteristics
▪️ ACCOUNTABILITY: Clear definition of responsibilities
▪️ PRIVACY: Protection of personal data
▪️ SECURITY: Robustness against attacks and manipulation
▪️ SOCIAL BENEFIT: AI that creates value without causing harm

How to Implement an AIGS Step by Step

Conclusions

Artificial intelligence continues to advance at an unprecedented pace. Increasingly sophisticated models, multimodal systems, and emerging applications pose governance challenges that we are only beginning to understand. In this context of uncertainty, an AIGS provides:

▪️ FLEXIBLE FRAMEWORK: Although ISO/IEC 42001 is a standard, a well‑designed AIGS allows organizations to adapt processes and controls to their specific context. It is not rigidity, but structured flexibility.
▪️ ANTICIPATION, NOT REACTIVITY: An AIGS based on continuous risk assessment enables organizations to anticipate problems rather than merely react to incidents or regulatory changes.

Looking ahead, the question for organizations is not “Do we need an AIGS?” but rather “How mature do we want our AI governance to be, and in what timeframe?” Beginning implementation today determines the organization’s ability to answer that question satisfactorily in the years to come.

References
• UNE‑ISO/IEC 42001:2025, Information technology — Artificial intelligence — Management system
• ISO/IEC 27001:2022, Information security management systems
• ISO/IEC 27701:2019, Privacy information management – Extension to ISO/IEC 27001 and ISO/IEC 27002
• Regulation (EU) 2024/1689 – AI Act, Artificial Intelligence Act
• GDPR (General Data Protection Regulation, 2018)  
• California Consumer Privacy Act (CCPA)