Should we pursue ISO/IEC 42001 certification or wait for sector-specific mandates?

The two are complementary. ISO/IEC 42001 is the management-system baseline that customers and regulators increasingly expect at the procurement stage. Sector-specific mandates (EU AI Act for European deployments, Fannie Mae LL-2026-04 for mortgage lenders, NIST AI RMF for US federal procurement) operate on top of the management system. The pattern that holds up under scrutiny is to pursue ISO/IEC 42001 as the institution-level baseline and to layer the sector-specific runtime evidence on top. Waiting for sector-specific mandates to mature delays the management-system work that takes the longest to do well.

How long does ISO/IEC 42001 certification take to achieve?

The Stage 1 readiness review through Stage 2 operational audit typically runs six to nine months from kickoff to certificate, depending on the maturity of the existing management system. Institutions with a mature ISO/IEC 27001 program can compress the timeline by extending the existing management system to cover AI. Institutions starting from scratch face a 12-month timeline that includes scoping, policy development, control implementation, internal audit, and the two-stage external audit. The Stage 2 audit cannot be passed until the management system has been operating for a defined period, typically three to six months.

Does ISO/IEC 42001 certification satisfy EU AI Act obligations?

ISO/IEC 42001 certification is evidence of a mature AI management system, which supports the deployer's case under Article 26 of the EU AI Act. The certification does not satisfy the per-decision record-keeping requirements under Articles 12 and 19. Those requirements operate at the runtime layer, which the certification standard does not specify in technical detail. An institution that holds the certification and operates a runtime evidence layer that produces per-decision records is positioned to discharge both obligations.

Which AI governance certification should the CISO or DPO pursue personally?

The IAPP AIGP is the broadest professional credential and is increasingly expected for the role that owns AI governance inside an enterprise. The DPO who already holds the CIPP/E (privacy in Europe) tends to add the AIGP to extend the credential into AI specifically. The CISO whose primary credential is the CISSP tends to add the AIGP for the same reason. The ISACA credentials (CISA, CISM, CGEIT) are alternatives for practitioners whose career has been in the ISACA track.

How do AI governance certifications interact with SOC 2?

SOC 2 covers the trust service criteria (security, availability, processing integrity, confidentiality, privacy) for a service organization. AI-specific risks are partially covered under processing integrity and privacy. SOC 2 is not an AI governance certification. The ISO/IEC 42001 certificate sits alongside SOC 2 and addresses the AI management system specifically. Customers in regulated industries are starting to ask for both: SOC 2 for the general trust criteria, ISO/IEC 42001 for the AI-specific management system. The runtime evidence layer is the layer neither audit currently inspects directly, which is why the regulator's per-decision question is the open exposure.

AI Governance Certification: What ISO 42001 and Adjacent Programs Actually Cover

The AI governance certification landscape has expanded quickly. ISO/IEC 42001 was published in late 2023 and started attracting institutional certifications by mid-2025. The IAPP launched the Artificial Intelligence Governance Professional credential. NIST published the AI Risk Management Framework, which is not a certification but is now referenced in procurement contracts as a baseline. Three certifications operate at different layers, and a procurement evaluator who sees "AI governance certified" on a vendor proposal needs to know which one was earned and what the certification actually covers. The certification answers the question "does this organization have a management system for AI." It does not answer the question "what did the AI system do in this specific decision," which is the question regulators are increasingly asking under the EU AI Act Article 12 record-keeping mandate.

I want to walk through the certifications that matter, what each one covers, and where the certification ends and the runtime evidence requirement begins.

The institutional certifications

ISO/IEC 42001 is the international standard for AI management systems. The certification examines how the organization governs the development, deployment, and operation of AI systems at the management-system level.

ISO/IEC 42001:2023

ISO/IEC 42001 sits in the management-system family alongside ISO/IEC 27001 (information security) and ISO/IEC 27701 (privacy). The standard specifies requirements for establishing, implementing, maintaining, and continually improving an AI management system. The certification is granted by an accredited certification body after a Stage 1 (documentation review) and Stage 2 (operational audit) examination. The certificate is typically valid for three years with annual surveillance audits.

The standard covers context of the organization, leadership, planning, support, operation, performance evaluation, and improvement. The operation clause includes AI system impact assessment, risk treatment, and the resources, processes, and controls applied to AI systems. The standard does not specify the technical controls. It specifies that the organization must have controls and must operate them under a management system.

ISO/IEC 27001 with AI extensions

Many organizations approach AI governance through their existing ISO/IEC 27001 information security management system, extended to cover AI-specific risks. The extension is acceptable but is not a substitute for ISO/IEC 42001. The two standards have different scopes. ISO/IEC 27001 governs information security. ISO/IEC 42001 governs the AI lifecycle, including the use of AI in ways that do not raise traditional information security concerns.

NIST AI RMF (a framework, not a certification)

The NIST AI Risk Management Framework is a voluntary framework, not a certification. There is no NIST AI RMF certificate. Organizations can attest to alignment with the framework, and US federal procurement increasingly references it as a baseline. The framework organizes around Govern, Map, Measure, and Manage functions. Each function has sub-categories the organization can implement and report against. The absence of a formal certification means alignment is self-attested, which is a different evidentiary stance than ISO/IEC 42001 certification by an accredited body.

The professional certifications

The professional certifications credential individuals, not institutions. They matter for procurement when the customer asks who inside the vendor is responsible for AI governance.

IAPP Artificial Intelligence Governance Professional (AIGP)

The AIGP credential is offered by the International Association of Privacy Professionals. It covers the foundations of AI, the AI ecosystem, AI governance frameworks, risk management, and regulatory landscape. The credential establishes baseline literacy across the topics an AI governance practitioner needs. Holders of the AIGP are the right people to put on the institution's AI governance committee. The credential does not, by itself, satisfy any regulatory requirement.

ISACA AI Governance certifications

ISACA has been developing AI governance content within its existing certification portfolio (CISA, CISM, CGEIT). The CGEIT credential, which has long covered enterprise IT governance, now includes AI governance topics. ISACA's positioning is that AI governance is an extension of enterprise IT governance rather than a separate discipline, which is a different stance than the IAPP's framing.

Where certification ends and runtime evidence begins

An institution can hold an ISO/IEC 42001 certification and still be unable to answer a regulator's question about a specific AI decision. The certification verifies that the management system exists and operates. It does not verify that the per-decision audit records the regulator asks for are produced, retained, and disclosable on demand.

The certification examines the system

The ISO/IEC 42001 audit examines policy documents, roles and responsibilities, risk assessments, and the design and operation of controls. The auditor samples the management-system artifacts. The auditor does not sample 100 individual model decisions and ask the organization to reconstruct each one.

The regulator examines the decisions

Article 12 of the EU AI Act asks for per-decision evidence. Article 19 specifies the contents: identity of natural persons, input data, period of use. The Fannie Mae mandate uses different vocabulary for the same requirement. The regulator's sampling is per-decision, not per-control. The institution that holds an ISO/IEC 42001 certificate still has to produce the per-decision records on demand.

The gap between the two

The gap is not a deficiency in the certification standards. The certification standards govern the management system. The regulators are asking for evidence at a different layer. The institution needs both: the management system that the certification verifies and the runtime evidence layer that the regulators ask for. A certification program without a runtime evidence layer leaves the regulatory exposure open.

DeepInspect

This is the runtime layer DeepInspect provides for institutions that hold or are pursuing ISO/IEC 42001 certification. DeepInspect sits at the AI request boundary as a stateless proxy between the application and any LLM. Every request is evaluated against per-route and per-role policies. Every decision produces a per-decision audit record containing identity, role, policy version, data classification, decision outcome, and timestamp. The record is signed and committed before the application receives the model's response.

For the ISO/IEC 42001 management system, the proxy is the operational control that produces evidence of the policy in action. The certification continues to verify the management system. The proxy produces the per-decision records that the regulators ask for under their own statutes. The two layers cover different evidentiary requirements and operate together.