Governance, Risk Management and Compliance
|
Artificial Intelligence
|
ISO 42001
|
ISO 42001
FAQ
FAQ

Does an AIIA replace the need for a risk assessment?

No – for conformance to ISO 42001, you will need to conduct both an artificial intelligence impact assessment (AIIA) and a risk assessment.  When conducting your risk assessment, you will need to identify the AI systems covered, any activities prohibited by applicable and relevant regulations and legislation, and high-risk AI systems that have been produced or utilised by your organisation.  In terms of approach, the AI risk assessment will be similar to risk assessments conducted for other management system standards, such as ISO 27001, however some different inputs, threats and risks will need to be considered.

I have been very impressed with the delivery of both the ISO 42001 webinar and last week’s ISO 27001 webinar, and will certainly keep URM in mind with regard to any services in the future.
Contact ISO 42001 Experts Today
Developing or reviewing your AI management framework?
Whether you are at an early planning stage or preparing for audit and assurance activities, we offer a free introductory call to help you assess risks, responsibilities, and the most proportionate route forward.
Find out more
related BLog
Governance, Risk Management and Compliance
|
Artificial Intelligence
|
ISO 42001

Artificial Intelligence Frameworks and Regulations: ISO 42001, the NIST AI RMF and the EU AI Act

Published on
8 May
2026

URM’s blog explores 3 leading AI governance frameworks and regulations, how they complement and differ & what they mean for organisations working with AI.

Read more
Thumbnail of the Blog Illustration
Other Standards
Published on
28/11/2024
ISO 42001 and AI Perspectives

URM’s blog explores ISO 42001, its intentions and structure, and the AI perspectives that will need to be considered by organisations implementing the Standard.

Read more
Thumbnail of the Blog Illustration
Other Standards
Published on
28/11/2024
ISO 42001 Artificial Intelligence Impact Assessments (AIIAs)

URM’s blog explores artificial intelligence impact assessments (AIIAs) and offers advice on how to conduct these assessments in full conformance with ISO 42001.

Read more
Thumbnail of the Blog Illustration
Artificial Intelligence
Published on
27/11/2024
Establishing Organisational Control Over Artificial Intelligence

URM’s blog discusses the need for policy in relation to the use of AI, real-world cases where AI has caused organisations issues & how to create an AI policy.

Read more
No items found.
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.