AIMSS §10.1
Continuous integrity programme
Governance
✓
Full
PDCA-style continual improvement (Clause 10).
← All regulations
International (voluntary) · Published Dec 2023
ISO/IEC 42001:2023 — AI Management System
Scope
Management-system standard for establishing, implementing, maintaining, and continually improving an AI management system.
Who must comply
Any organisation providing or using AI products or services, regardless of size or sector.
AIMSS coverage
61%
Weighted overlap with this regulation
Fully covered clauses9
Partial coverage15
Not addressed here3
Clause map
AIMSS clauses that satisfy ISO/IEC 42001.
AIMSS §10.2
External assurance & independent re-audit
Governance
✓
Full
Designed for accredited third-party certification.
AIMSS §4.1
AI inventory & system register
Governance
✓
Full
Annex A.6 governs the AI system life cycle, including AI system documentation and inventory.
Annex A.6
AIMSS §4.2
Documented AI policy & accountable executive
Governance
✓
Full
Clauses 5.1–5.3 require leadership commitment, AI policy, and assigned roles.
AIMSS §4.3
Risk classification & impact assessment
Governance
✓
Full
Annex A.5 requires an AI system impact assessment process (alongside risk assessment in Clause 6.1).
A.5.2–A.5.4
AIMSS §4.4
Third-party & supply-chain AI obligations
Governance
✓
Full
Annex A.10 covers third-party relationships and customer obligations.
AIMSS §9.1
Post-market monitoring & incident reporting
Lifecycle
✓
Full
Clauses 9 & 10 cover performance evaluation and improvement.
AIMSS §9.2
Cybersecurity & adversarial robustness
Lifecycle
✓
Full
Security controls extended to AI assets (Annex A.7, A.9).
AIMSS §9.4
Audit trail & technical documentation
Lifecycle
✓
Full
Documented information requirements throughout the standard (Clause 7.5).
AIMSS §5.1
Independent ethics review
Ethics
◐
Partial
Encourages ethics consideration but no independent body required.
AIMSS §5.2
Human oversight & meaningful intervention
Ethics
◐
Partial
Annex A.9 addresses human oversight as a control objective.
AIMSS §5.3
Explainability of automated decisions
Ethics
◐
Partial
Transparency to users required as a control objective.
AIMSS §5.4
Disclosure to affected persons
Ethics
◐
Partial
Annex A.8 stakeholder communication required.
AIMSS §6.1
Water & cooling impact disclosure
Climate
◐
Partial
Environmental impact considered within the AI management system scope.
AIMSS §6.2
Training & inference emissions accounting
Climate
◐
Partial
Environmental impact among AI objectives.
AIMSS §6.3
Lifecycle carbon disclosure to buyers
Climate
◐
Partial
Information for interested parties (Annex A.8) can include climate data.
AIMSS §6.4
Emissions reduction targets
Climate
◐
Partial
Continual improvement applies if scoped to emissions.
AIMSS §7.1
Data-worker labour conditions
Labour
◐
Partial
Resource & competence clauses cover staff but not contractors broadly.
AIMSS §7.4
Workforce displacement notice & re-skilling
Labour
◐
Partial
Stakeholder engagement covers affected staff (Annex A.8).
AIMSS §8.1
Bias & disparate-impact testing
Society
◐
Partial
Annex A.7 data quality & bias considerations.
AIMSS §8.2
Demographic-data governance for fairness testing
Society
◐
Partial
Data quality and bias controls referenced (Annex A.7).
AIMSS §8.3
Accessibility for users with disabilities
Society
◐
Partial
Interested-party needs include accessibility considerations.
AIMSS §8.4
Misuse & dual-use assessment
Society
◐
Partial
AI risk assessment may cover misuse.
AIMSS §8.5
Content provenance & synthetic-media labelling
Society
◐
Partial
Information to users covers disclosure of AI involvement.
AIMSS goes further
3 additional AIMSS clauses go beyond what ISO/IEC 42001 requires.
- AIMSS §7.3Red-team psychological safeguardsLabour
- AIMSS §9.3Public complaints registerLifecycle
- AIMSS §7.2Pay-floor & overtime limits for data workersLabour