
Written by:
Editorial Team
DSG.AI
ISO 42001 for Internal Auditors: What the AI Management System Standard Means for Your Audit Plan
ISO 42001 is the international standard for AI management systems (AIMS), published in December 2023. Organizations that develop, provide, or use AI systems are pursuing certification at an accelerating rate, and every certified organization needs internal audits under Clause 9.2. This is new territory for most internal audit functions. The audit criteria, evidence requirements, and testing approach are different from ISO 27001, and applying a cybersecurity audit frame to an AI governance audit produces thin findings and missed risks.
This is a practical guide for internal auditors who need to build an ISO 42001 audit program from scratch or assess whether their organization is ready for third-party certification.
What ISO 42001 Covers (and What It Does Not)
ISO 42001 governs the management system around AI, not AI systems themselves. This is a critical distinction.
What it governs:
- How the organization identifies and scopes the AI systems it develops, provides, or uses
- How it assesses the risks and impacts of those systems (including bias, transparency, accountability, and safety)
- How it manages the AI lifecycle (data governance, model development, deployment, monitoring, decommissioning)
- How it handles AI incidents and non-conformances
- How it documents and demonstrates responsible AI governance to interested parties
What it does not govern:
- The technical performance of specific AI models (accuracy, latency, model architecture)
- Which AI systems an organization builds or buys
- Specific regulatory requirements (EU AI Act compliance, sector-specific AI rules, which may overlap but are distinct)
This distinction matters for internal auditors because it defines what "conformance" means. The audit is assessing whether the management system is operating as required, not whether any individual AI model meets a performance benchmark.
The Clause 9.2 Internal Audit Requirement
ISO 42001 Clause 9.2 follows the Annex SL structure used by ISO 27001, ISO 9001, and ISO 14001. If your team already audits an ISO 27001 ISMS, the Clause 9.2 structure will be familiar. The organization must:
- Establish an internal audit program with defined frequency, methods, and responsibilities
- Audit whether the AIMS conforms to the standard requirements and to the organization's own AIMS policies
- Audit whether the AIMS is effectively implemented and maintained
- Maintain documented information of audit findings and programs
The key difference from ISO 27001 internal audit: the subject matter is governance of AI systems, not security controls over information assets. Auditors who approach ISO 42001 as an IT security audit will audit the wrong things.
Five Areas Internal Auditors Must Cover
1. AI System Inventory and Scope Definition (Clause 4, Annex A.4)
The AIMS scope defines which AI systems are within the management system boundary. Auditors need to verify:
- Is the inventory of AI systems complete? (Common gap: shadow AI, vendor-embedded AI, or departmental tools are excluded without documented rationale.)
- Is scope definition consistent with what the organization actually develops, provides, or uses? Narrowing scope to avoid hard-to-audit systems is a common certification strategy that creates audit risk.
- Is scope documentation current? AI system portfolios change faster than quality management system inventories; stale scope documentation is a conformance finding.
Evidence to request: AIMS scope statement, AI system register with last-updated dates, records of scope change reviews.
2. AI Risk and Impact Assessment (Clauses 6.1, Annex A.5)
ISO 42001 requires organizations to identify and assess AI-specific risks: bias in model outputs, transparency limitations, accountability gaps, and impacts on people affected by AI decisions. Auditors need to verify:
- Is there a documented AI impact assessment process, and has it been applied to systems in scope?
- Are bias and fairness criteria defined for each AI system, with evidence of evaluation?
- Are impact assessments reviewed when systems change, not just at initial deployment?
This is where most organizations are weakest. Impact assessment frameworks get documented for certification but are not updated when model versions change or when new use cases are added. The audit finding is not usually "no impact assessment exists" but "impact assessments are not maintained as living documents."
Evidence to request: impact assessment templates, completed assessments for a sample of in-scope AI systems, records of assessment updates following model changes.
3. AI Lifecycle Controls (Annexes A.6-A.8)
These annexes cover the controls for data governance, AI system development, and AI system operations. For internal auditors, the highest-value areas are:
Data governance (Annex A.6): Are training data sources documented? Are data quality checks applied before use in training? Is there a data lineage record showing how training data was sourced, filtered, and prepared?
Development controls (Annex A.7): Are model development decisions documented (algorithm selection rationale, hyperparameter choices, evaluation criteria)? Is there version control for models and their associated training datasets?
Operational monitoring (Annex A.8): Are deployed models monitored for performance drift and output quality? What are the thresholds that trigger review or retraining? Is there evidence that monitoring is actually happening, not just that a monitoring process is documented?
The gap between "we have a monitoring process" and "monitoring happened and findings were addressed" is where most ISO 42001 audits surface findings. Request monitoring logs and incident records, not just process documentation.
4. Transparency and Explainability (Annex A.9)
ISO 42001 requires organizations to be able to explain AI system behavior to relevant parties. This is auditable. The question is not whether the organization believes in transparency; it is whether explainability is operationalized.
For each in-scope AI system where decisions affect people or organizations, auditors should verify:
- Is there a documented approach to explaining model outputs? (Not "we use SHAP values" as a general statement; the approach should be specified for each system.)
- Can the organization provide a coherent explanation of a specific model output on request? Test this for a sample decision.
- Are there documented cases where explanations were actually provided to affected parties?
Explainability is the ISO 42001 requirement most often treated as aspirational rather than operational. Treat it as a control with evidence, not a principle.
5. AI Incident Management (Clause 10.2, Annex A.10)
The standard requires a documented process for identifying, recording, and responding to AI incidents: cases where AI systems behave unexpectedly, produce harmful outputs, or fail to perform as specified.
Auditors should verify:
- Is there a definition of what constitutes an "AI incident" for this organization? (Without a definition, the incident log will be empty by default.)
- Are incidents recorded, and is there evidence of investigation and corrective action?
- Is the incident process connected to the model monitoring process? (If monitoring detects a drift event but the incident process does not capture it, the connection is not operational.)
Evidence to request: AI incident log, incident response records for a sample of recorded incidents, evidence of post-incident analysis and corrective action.
Common Gaps That Create Audit Findings
Based on the first wave of ISO 42001 implementations in 2024-2026, the recurring gap categories are:
Static documentation. The AIMS documentation was built for certification, not maintained as operational records. AI system inventories are out of date. Impact assessments reference model versions that have been superseded. This is a systemic finding that affects multiple clauses.
Governance-technology disconnect. The governance documents describe an oversight process that is not connected to how AI teams actually work. Model versions are deployed without the documented review steps occurring. Monitoring dashboards exist but alert thresholds were never configured.
Scope avoidance. AI systems built by third-party vendors embedded in enterprise software (CRM AI features, HR platform scoring tools, financial system anomaly detection) are excluded from AIMS scope without documented rationale. This creates a blind spot where consequential AI decisions are outside the management system.
Explainability treated as theoretical. The standard's explainability requirement is documented as a principle but tested against no specific system. Ask auditors to request an explanation for a specific model output and watch whether the organization can produce one.
The Certification Timeline Reality
According to ISACA's 2026 guidance on ISO 42001 implementation, organizations starting a gap assessment now should plan for 9-14 months to first certification, depending on the maturity of existing AI governance infrastructure. Organizations with ISO 27001 ISMS in place move faster because the management system structure is familiar.
Internal audit functions that build ISO 42001 audit programs now, before certification, serve two purposes: they identify gaps that need remediation before third-party assessment, and they establish the internal audit evidence that demonstrating ongoing conformance requires.
How AI Governance Tools Support ISO 42001 Audits
Auditing an AI management system requires different tools than auditing a traditional management system. The evidence is not in document repositories and email threads; it is in model version control systems, data pipelines, monitoring dashboards, and AI system configuration records.
assessAI, DSG's AI risk and literacy assessment platform, maps directly to Annex A.5 impact assessment requirements: it structures AI risk evaluations, documents bias and fairness criteria per system, and maintains assessment records through model lifecycle changes. The output functions as the Annex A.5 documented information that auditors need to request.
assureIQ, the audit execution platform, provides the Clause 9.2 audit program infrastructure: evidence collection from AI system documentation sources, control testing against defined criteria, and audit workpapers that satisfy the documented information requirements. For organizations auditing AI systems at scale across a portfolio, manual audit workpaper management creates the static documentation problem that becomes a finding in the next cycle.
For the broader AI governance and agentic audit context in which ISO 42001 sits, see AI Agents for Internal Audit: What Actually Works in Production. For the compliance management infrastructure that an AI management system audit feeds into, see What Compliance-as-a-Service Actually Includes (and What Vendors Leave Out).
Organizations preparing for ISO 42001 certification or refreshing their internal audit programs to include AI governance should start with a clause 9.2 gap assessment. The five areas above define what the assessment covers. Contact DSG's audit services team for a structured gap assessment mapped to Clause 9.2 and the Annex A controls applicable to your AI portfolio.
<!-- related-links:start (auto-managed by seo/sync-internal-links.mjs) -->

