ISO/IEC 42001:2023, the first international standard for Artificial Intelligence Management Systems (AIMS), was published in December 2023 by the ISO/IEC JTC 1/SC 42 technical committee. Its structure and approach present a concrete opportunity for integration with ISO/IEC 27001:2022, supported by the Harmonized Level Structure (HLS) that both standards share.
This article analyzes the foundations of this synergy, identifies the controls with the highest level of reuse between both standards, highlights the genuinely new elements introduced by ISO/IEC 42001:2023, and proposes a practical integration framework. The entire analysis is based directly on the normative texts of ISO/IEC 27001:2022, ISO/IEC 27002:2022, and ISO/IEC 42001:2023.
Foundations of Both Standards
I022 — Information Security Management System
ISO/IEC 27001:2022 specifies the requirements for establishing, implementing, maintaining, and continually improving an ISMS. Its central objective is the preservation of the confidentiality, integrity, and availability of information through a systematic risk‑management process.
The Annex A of the standard, aligned with ISO/IEC 27002:2022, groups 93 controls into four categories:
▪️Organizational (clause 5): 37 controls
▪️People (clause 6): 8 controls
▪️Physical (clause 7): 14 controls
▪️Technological (clause 8): 34 controls
ISO/IEC 42001:2023 — Artificial Intelligence Management System
ISO/IEC 42001:2023 provides requirements for establishing, implementing, maintaining, and continually improving an AIMS. It is applicable to any organization that provides, develops, deploys, or uses AI systems, regardless of its size or sector (clause 1).
Its Annex A defines the reference controls, grouped into nine sections:
▪️A.2 AI‑related policies (3 controls)
▪️A.3 Internal organization (2 controls)
▪️A.4 Resources for AI systems (5 controls)
▪️A.5 Impact assessment of AI systems (4 controls)
▪️A.6 AI system lifecycle (8 controls)
▪️A.7 Data for AI systems (5 controls)
▪️A.8 Information for stakeholders (4 controls)
▪️A.9 Use of AI systems (3 controls)
▪️A.10 Relationships with third parties and customers (3 controls)
Annex B of ISO/IEC 42001:2023, which is normative in nature, provides implementation guidance for each control in Annex A, in a role analogous to that played by ISO/IEC 27002:2022 with respect to Annex A of ISO/IEC 27001:2022.
The Harmonized Level Structure as the Basis for Integration
Both ISO/IEC 27001:2022 and ISO/IEC 42001:2023 adopt the Harmonized Level Structure (HLS), a common structure that ISO requires for all modern management system standards. This structure comprises clauses 4 to 10 with identical titles, text, and intent, which facilitates integrated implementation.
The following table presents the clauses of ISO/IEC 27001:2022 in parallel with the clauses of ISO/IEC 42001:2023, indicating the points of difference where work is required in order to reuse the existing documentation of an ISMS. The last column provides an estimated value of the degree of alignment.
| § | ISO/IEC 27001:2022 – ISMS | ISO/IEC 42001:2023 – AIMS | Degree of alignment |
|---|---|---|---|
| 4 | Context of the organization, interested parties, scope | Context + determination of AI roles (provider, user, developer) | ~80% |
| 5 | Information security policy, IS roles and responsibilities | AI policy (A.2.2), AI roles and governing body (A.3.2) | ~80% |
| 6 | Information-security risk assessment and treatment, IS objectives | AI risk assessment and treatment + AI impact assessment (6.1.4) | ~75% |
| 7 | Resources, competence, awareness, documented information | Same requirements, with extension to AI-related competencies | ~85% |
| 8 | Operational control, risk assessment and treatment | AI lifecycle controls, operational impact assessments | ~65% |
| 9 | Internal audit, management review, metrics | Internal audit and management review of the AIMS | ~80% |
| 10 | Continual improvement, nonconformities and corrective actions | Continual improvement of the AIMS, AI-related nonconformities | ~80% |
As we can see, clause 8 presents the lowest degree of structural alignment, given that ISO/IEC 42001:2023 introduces in this section the execution of controls specific to the lifecycle of AI systems (section A.6) and the impact assessments on individuals and society (section A.5), elements that have no direct equivalent in the information security standard.
Analysis of Synergies: Controls with High Reuse
The following analysis compares the controls in Annex A of ISO/IEC 42001:2023 with the controls in Annex A of ISO/IEC 27001:2022, using ISO/IEC 27002:2022 as the implementation guide for the first standard and Annex B of ISO/IEC 42001:2023 for the second.
The analysis in the table presented below follows a structure similar to the previous table, but in reverse order: it presents the control number from ISO/IEC 42001:2023, the tasks required to complete the alignment based on one or more controls from the annex of ISO/IEC 27001:2022 (shown in the next column), and finally the estimated level of synergy between the controls.
| ISO 42001 Control | Description | ISO 27001 Control | Synergy |
|---|---|---|---|
| A.2.2 | Document policy for the development and use of AI systems | A.5.1 Information security policy framework, approval and periodic review | High |
| A.2.3 | Determine intersection with other organizational policies | A.5.1 Alignment between corporate policies | High |
| A.2.4 | Review the AI policy at planned intervals or when significant changes occur | A.5.1 Periodic review of policies | High |
| A.3.2 | Define and assign AI roles and responsibilities | A.5.2 Information security roles and responsibilities | High |
| A.4.2 | Process to report concerns about the development or operation of AI systems | A.5.6 Reporting information security events | Medium |
| A.4.3 | Identify and document the resources required for the development and life cycle of the AI system | A.5.9 Inventory of information and associated assets | Medium |
| A.4.4 | Document information about the data resources used for the AI system | A.5.9 Inventory of information and associated assets | Medium |
| A.4.5 | Document information about the tool resources used for the AI system | A.5.9 Inventory of information and associated assets | Medium |
| A.4.6 | Document information about the human resources that contribute to the development, operation and maintenance of the AI system | A.7.1 Resources | Medium |
| A.6.1.2 | Objectives for the responsible development of AI systems | A.6.1 Screening; A.6.3 Information security awareness, education and training | High |
| A.6.1.3 | Processes for the secure design and development of AI systems | A.8.27 Secure development life cycle; A.8.28 Security testing in applications | High |
| A.6.2.2 | Requirements and specifications of the AI system | A.8.27 Secure development life cycle; A.8.28 Security testing in applications | High |
| A.6.2.3 | Document design and development of the AI system | A.8.27 Secure development life cycle; A.8.28 Security testing in applications | High |
| A.6.2.4 | Define verification and validation (V&V) measures | A.8.27 Security principles in the secure development life cycle; A.8.28 Security testing in applications | High |
| A.6.2.5 | Document deployment plan and requirements for the AI system | A.8.27 Security principles in the secure development life cycle; A.8.28 Security testing in applications | High |
| A.6.2.6 | Continuous monitoring, repairs and updates of the AI system | A.8.16 Monitoring activities; A.8.17 Technical maintenance activities | High |
| A.6.2.7 | Document information about the AI system for interested parties | A.5.31 Control of documented information; A.5.32 Intellectual property | Medium |
| A.6.2.8 | Define process for the AI system during its operation | A.5.37 Operating procedures; A.5.38 Incident preparedness and response | Medium |
| A.9.3 | Identify objectives for the responsible use of AI systems | A.6.1 Information security objectives | High |
| A.10.4 | Ensure that the AI system is compliant and secure throughout its life cycle | A.5.15 Acceptable use of assets; A.5.16 Return and disposal of assets | High |
| A.10.3 | Document agreements for AI providers' services in the AI policy system | A.5.19 Supplier relationships; A.5.20 Supplier agreements | Medium |
| A.10.4 | Document customers' expectations and needs in the responsible AI approach | A.5.20 Security requirements in supplier agreements; A.5.22 Monitoring and review of supplier services | Medium |
Divergences: Genuinely New Elements in ISO 42001
The following sections of Annex A of ISO/IEC 42001:2023 have no structural equivalent in ISO/IEC 27001:2022 and require the development of new processes within the organization.AI System Impact Assessment (A.5)
Controls A.5.2 to A.5.5 define a formal process to identify, assess, and treat the consequences that an AI system may generate for individuals, groups of individuals, and societies throughout its lifecycle (ISO/IEC 42001:2023, clause 6.1.4). The process includes:
▪️A.5.2: Establishment of the AI impact assessment process.
▪️A.5.3: Documentation and retention of assessment results.
▪️A.5.4: Impact assessment on individuals and groups (fairness, accountability, transparency,
safety, privacy, human rights).
▪️A.5.5: Assessment of societal impacts (environmental sustainability, economy,
government, health).
ISO/IEC 27001:2022 does not include an impact assessment with this scope. The closest concept in the information security ecosystem is the Data Protection Impact Assessment (DPIA) under ISO/IEC 27701:2025, but the scope of A.5 significantly exceeds that of privacy.
It is important to emphasize that the impact assessment cannot be replaced by risk analysis and that its objective is entirely different. Each AI model produced within the organization requires an impact assessment before being released, so that the organization can do so responsibly, taking into account the possible consequences that may arise in the environment due to the model’s characteristics or capabilities.
Data Management for AI Systems (A.7)
ISO/IEC 27001:2022 treats data as information assets to be protected from the perspective of confidentiality, integrity, and availability. ISO/IEC 42001:2023 introduces a more granular level of management, oriented toward the validity and representativeness of the data used throughout the model lifecycle:
▪️A.7.2: Define, document, and implement data‑management processes for the development of AI systems, covering implications for privacy, security, transparency, and representativeness of training data, which may have some correspondence with A.5.34 Privacy and protection of PII depending on the context.
▪️A.7.3: Acquisition and selection of data — categories, sources, potential biases, data rights.
▪️A.7.4: Quality of training, validation, and production data, with explicit bias management.
▪️A.7.5: Data provenance throughout the AI system lifecycle.
▪️A.7.6: Data preparation criteria (cleaning, normalization, labeling, encoding).
A model trained with biased data or with undocumented provenance generates operational and legal risks that ISO/IEC 27001:2022 does not address. The management required by A.7 is a native requirement of AI governance and demands effort, as these topics have not been addressed in other instances of data governance within organizations and may pose significant challenges for them.
Information for AI System Stakeholders (A.8)
This set of controls introduces transparency and communication obligations specific to AI systems that go beyond the scope of ISO/IEC 27001:2022 control 5.37 (documented operating procedures):
▪️A.8.2: Inform the user that they are interacting with an AI system, including its purpose,
limitations, human‑oversight needs, and relevant information about impacts.
▪️A.8.3: Provide mechanisms for external parties to report adverse impacts of the AI system.
▪️A.8.4: Documented communication plan for AI system incidents, considering legal
obligations and types of incidents.
▪️A.8.5: Determination of reporting obligations to authorities and stakeholders
(technical documentation, impact‑assessment results, risks).
Synthesis: Level of Synergy by Section
The following table summarizes the estimated level of reuse for each section of Annex A of ISO/IEC 42001:2023 with respect to the existing controls of ISO/IEC 27001:2022 and ISO/IEC 27002:2022, ordered by level of synergy.
| ISO 42001 Section | Most relevant ISO 27001 controls | Synergy level |
|---|---|---|
| A.2 – AI policies | 5.1 Information security policies | High (~90%) |
| A.3 – Internal organization | 5.2 Information security roles and responsibilities | High (~80%) |
| A.9 – Use of AI systems | 5.37 Operational procedures / 6.2 Information security objectives | High (~80%) |
| A.10 – Third parties and customers | 5.19, 5.20, 5.21, 5.22 Supplier management | High (~80%) |
| A.6 – AI system lifecycle | 8.25, 8.26, 8.27, 8.29, 8.32 Secure development / monitoring | Medium (~55%) |
| A.4.4 – Resources for AI | 5.9 Asset inventory / 6.1, 6.3 Personnel and training | Medium (~55%) |
| A.8 – Information for interested parties | 5.37 Procedures / 5.24–5.26 Incident management | Low (~15%) |
| A.5 – AI impact assessment | No direct structural equivalent | Low (~15%) |
| A.7 – Data for AI | No direct structural equivalent | Low (~15%) |
Integration Strategies
Based on the previous analysis, an organization with an active ISO/IEC 27001:2022 ISMS can adopt one of three strategies to implement ISO/IEC 42001:2023:
Fully Integrated System
A single management system that simultaneously satisfies the requirements of both standards: one policy, a single context analysis, an integrated audit cycle, and a joint management review. This strategy maximizes operational efficiency and minimizes documentation duplication, but it requires a mature ISMS (at least three years of operation) and compatible scopes for both systems.
Coordinated Separate Systems
The ISMS and the AIMS operate with independent documentation but share defined interfaces in key processes: risk management, supplier management, internal audit, and management review. This option carries lower implementation risk and allows the AIMS scope to be adjusted independently.
ISMS Extension (ISO 27001+)
ISO/IEC 42001:2023 is implemented as an extension module of the existing ISMS, reusing as much of the available documentation and process infrastructure as possible. It is the option with the lowest initial investment and enables a gradual transition. However, it may not fully meet the requirements of a formal certification audit if the unique elements of ISO/IEC 42001:2023 are not developed with sufficient depth.
Implementation Roadmap
Regardless of the chosen strategy, the implementation of ISO/IEC 42001:2023 in an organization with an active ISO/IEC 27001:2022 ISMS can be structured into four phases:
Phase 1 — Diagnosis and Gap Analysis (1–2 months)
▪️Assess the maturity of the existing ISMS.
▪️Map the AI systems in use or under development and determine the organization’s
role (provider, user, developer).
▪️Perform a clause‑by‑clause gap analysis (4–10) between the ISMS and the requirements
of ISO/IEC 42001:2023.
▪️Compare Annex A of ISO/IEC 42001:2023 with Annex A of ISO/IEC 27001:2022 to
identify controls that can be reused, extended, or newly developed.
▪️Define the integration strategy.
Phase 2 — Design and Planning (2–3 months)
▪️Define or extend the AI policy (A.2.2), referencing the existing information security policy.
▪️Assign AI roles and responsibilities (A.3.2), integrating them with the security governance structure.
▪️Design the AI risk‑assessment process, extending the existing methodology.
▪️Design the AI system impact‑assessment process (A.5.2).
▪️Plan data management for AI (A.7).
Phase 3 — Implementation (3–6 months)
▪️Implement the AI system lifecycle controls (A.6).
▪️Implement the management of training, validation, and production data (A.7.3–A.7.6).
▪️Develop the technical documentation for the AI systems in scope (A.6.2.7).
▪️Implement human‑oversight mechanisms for automated decisions.
▪️Train teams in responsible AI concepts, impact assessment, and data management.
Phase 4 — Audit and Certification (2–3 months)
▪️Conduct a combined ISMS + AIMS internal audit.
▪️Carry out a joint management review.
▪️Implement corrective actions derived from the internal audit.
▪️Certification process in two stages: document review and on‑site assessment.
ISO 42001 in the Regulatory Context
ISO/IEC 42001:2023 is a voluntary management‑system standard, but its implementation can generate the documentary evidence that demonstrates compliance with mandatory AI regulations. The three most relevant frameworks referenced in the bibliography of ISO/IEC 42001:2023 are:
▪️EU AI Act (Regulation EU 2024/1689): A binding regulation in force that classifies AI systems into four risk levels (unacceptable, high, limited, and minimal). For high‑risk systems, it requires conformity assessment, documented risk management, transparency, and human oversight. The implementation of ISO/IEC 42001:2023 can provide evidence of compliance with these requirements.
▪️ISO/IEC 23894:2023 — Guidance on AI Risk Management: Explicitly referenced in ISO/IEC 42001:2023 (notes 3 and 4 of clause 6.1.1). It provides detailed guidance for managing AI‑specific risks and complements the AIMS risk‑assessment process.
▪️ISO/IEC 38507:2022 — Governance Implications of the Use of AI by Organizations: Referenced in clause 5.2 (AI Policy) and in 6.1.1. It provides guidance to governing bodies on their oversight obligations regarding the use of AI systems.
Conclusions
The comparative analysis between ISO/IEC 27001:2022 and ISO/IEC 42001:2023 leads to four operational conclusions:
▪️The Harmonized Level Structure enables integration. Clauses 4 to 10 are structurally identical across both standards. Approximately 80% of the documentation and process infrastructure of an ISMS can be reused or adapted for the AIMS, generating significant savings in time and resources.
▪️Synergies are quantifiable. Sections A.2, A.3, A.9, and A.10 of ISO/IEC 42001:2023 show synergy levels above 80% with existing ISO/IEC 27001:2022 controls, particularly in policy management, roles, suppliers, and objectives.
▪️Divergences require specific investment. Sections A.5 (Impact Assessment), A.7 (Data for AI), and A.8 (Information for Stakeholders) are genuinely new elements with no structural equivalent in ISO/IEC 27001:2022 and require the development of new organizational capabilities.
▪️The right strategy depends on context. The maturity of the existing ISMS, the level of AI adoption in the organization, and certification objectives determine whether the organization should opt for a fully integrated system, coordinated systems, or an ISMS extension.
The convergence between information security governance and AI governance is not only a technical opportunity: it is a strategic necessity for organizations seeking to manage their technological risks in a coherent, efficient, and certifiable manner.
Normative References
🔗ISO/IEC 27001:2022 — Information security, cybersecurity and privacy protection — Information security management systems — Requirements. Tercera edición, octubre 2022.
🔗ISO/IEC 27002:2022 — Information security, cybersecurity and privacy protection — Information security controls. Primera edición, febrero 2022.
🔗ISO/IEC 42001:2023 — Information technology — Artificial intelligence — Management system. Primera edición, diciembre 2023.
🔗ISO/IEC 23894:2023 — Information technology — Artificial intelligence — Guidance on risk management.
🔗ISO/IEC 38507:2022 — Information technology — Governance of IT — Governance implications of the use of artificial intelligence by organizations.
🔗ISO/IEC 27701:2025 — Information security, cybersecurity and privacy protection — Privacy information management systems — Requirements and guidance.
🔗Reglamento (UE) 2024/1689 del Parlamento Europeo y del Consejo, relativo a la inteligencia artificial (AI Act). Diario Oficial de la Unión Europea, julio 2024.
