ISO 42001 Annex A

Annex A is the core operational component of ISO/IEC 42001. While the clauses of the standard define high-level requirements for governing artificial intelligence, Annex A translates those requirements into concrete, actionable AI controls that organizations can implement, tailor, or formally justify excluding. In simple terms, Annex A answers the question: “What specific controls do we put in place to manage AI risks in practice?” Annex A contains a structured catalogue of AI-specific controls designed to cover the full lifecycle of AI systems. While the exact number may vary slightly depending on interpretation, it is commonly described as around 38 controls grouped into nine thematic areas. Annex A control families: Organizations are expected to select relevant controls from each family, based on risk, and document their decisions in the Statement of Applicability (SoA). 1. AI governance and leadership controls: These controls ensure that AI is governed at an organizational level, not just within technical teams. They focus on leadership involvement, decision authority, and alignment between AI use and business objectives. What organizations are expected to do:

• Define who owns AI governance across the organization
• Establish escalation paths for AI-related issues
• Ensure AI initiatives align with organizational values and strategy

2. AI risk management and assessment controls: These controls focus on identifying, analyzing, and mitigating AI-specific risks throughout the system lifecycle. What organizations are expected to do: 

• Perform AI risk assessments before deployment
• Conduct AI impact assessments for systems affecting people
• Define mitigation actions for identified risks

3. Transparency, documentation, and traceability controls: These controls ensure that AI systems are understandable, explainable, and auditable.
What organizations are expected to do:

• Document AI system purpose, logic, and limitations
• Maintain records of data sources and model versions
• Ensure traceability of AI decisions where feasible

4. Accountability and human oversight controls: This family ensures that humans remain responsible for AI outcomes, even when systems are automated. What organizations are expected to do:

• Define who is accountable for AI decisions
• Ensure humans can intervene or override AI outputs
• Prevent fully autonomous operation where inappropriate

5. AI system design, development, and validation controls: These controls apply during the build phase of AI systems and ensure models are fit for purpose before deployment. What organizations are expected to do:

• Validate AI models before use
• Test performance against defined criteria
• Document assumptions and limitations

6. Data governance, quality, and provenance controls: AI systems depend on data. These controls ensure data used for training and operation is appropriate, accurate, and responsibly sourced. What organizations are expected to do:

• Define data quality standards
• Track data sources and provenance
• Address bias and relevance in datasets

7. Deployment, monitoring, technical robustness, and safety controls: Once AI systems are live, these controls ensure they remain safe, secure, and effective over time. What organizations are expected to do:

• Monitor AI performance continuously
• Detect model drift or unexpected behavior
• Ensure systems are resilient and secure

8. Incident management, complaints, and regulatory engagement controls: This family prepares organizations to respond when AI systems cause harm, generate complaints, or attract regulatory attention. What organizations are expected to do:

• Define AI incident response processes
• Handle complaints related to AI decisions
• Engage regulators when required

9. Continuous improvement and audit controls: These controls ensure AI governance improves over time and does not become static. What organizations are expected to do:

• Conduct internal audits of AI controls
• Review governance effectiveness regularly
• Implement corrective actions