The 38 Controls of ISO 42001 Annex A: A Practical Guide for Auditors

ISO 42001 Annex A contains 38 distinct controls that organizations must consider when implementing their AI Management System. Unlike ISO 27001's 93 controls, these are specifically designed to address AI-unique risks including bias, transparency, accountability, and lifecycle management.

Understanding Annex A Structure

The 38 controls are organized into several domains that cover the complete AI governance landscape. Each control has corresponding implementation guidance in Annex B, making it easier for organizations to understand practical application.

For auditors, Annex A serves as the primary reference for assessing control implementation during Stage 2 audits. Understanding what evidence to request for each control category is essential for effective auditing.

Control Domain A.5: AI Policies

These controls establish the governance foundation for AI activities within the organization.

Key Controls:

• A.5.1 - AI Policy: Comprehensive policy aligned with business strategy, organizational values, and risk tolerance
• A.5.2 - AI Guiding Principles: Documented ethical principles and values governing AI activities

Audit Evidence to Request:

• Approved AI policy document with executive signatures
• Evidence of policy communication to relevant personnel
• Records of policy review and updates
• Alignment documentation showing connection to business objectives

Common Gaps:

• Policies that lack specificity about AI-related activities
• Missing stakeholder involvement in policy development
• No defined review cycle for policy updates

Control Domain A.6: Internal Organization

These controls address organizational structure, roles, and responsibilities for AI governance.

Key Controls:

• A.6.1 - Roles and Responsibilities: Clear assignment of AI-related duties
• A.6.2 - Resources for AI Systems: Allocation of appropriate resources including data, tools, and human expertise

Audit Evidence to Request:

• RACI matrices for AI projects
• Job descriptions with AI responsibilities
• Resource allocation records
• Training and competence records for AI personnel

Common Gaps:

• Unclear ownership of AI systems across departments
• Insufficient technical resources for AI governance
• Missing documentation of role transitions

Control Domain A.7: Data Governance

Critical controls for ensuring data quality, provenance, and protection throughout the AI lifecycle.

Key Controls:

• A.7.1 - Data Quality: Processes for ensuring training and operational data meet quality standards
• A.7.2 - Data Provenance: Documentation of data sources, transformations, and lineage
• A.7.3 - Data Protection: Safeguards for sensitive data used in AI systems

Audit Evidence to Request:

• Data quality metrics and monitoring reports
• Data lineage documentation
• Data transformation logs with approval records
• Privacy impact assessments for AI training data
• Data retention and disposal procedures

Common Gaps:

• No formal data quality gates before model training
• Incomplete data provenance records
• Missing documentation of data cleaning transformations
• Inadequate controls for personal data in training sets

Control Domain A.8: Transparency and Explainability

Controls ensuring AI systems can be understood and their decisions explained.

Key Controls:

• A.8.1 - Transparency: Clear communication about AI system capabilities and limitations
• A.8.2 - Explainability: Ability to explain AI decisions to appropriate stakeholders

Audit Evidence to Request:

• Model cards or capability statements
• User-facing documentation about AI involvement
• Explainability reports or dashboards
• Records of explanation requests and responses

Common Gaps:

• Black box models without explainability mechanisms
• Missing user notifications about AI-driven decisions
• Technical explanations that lack business context

Control Domain A.9: Human Oversight

Controls ensuring appropriate human involvement in AI system operation.

Key Controls:

• A.9.1 - Human-in-the-Loop: Defined triggers for human intervention
• A.9.2 - Override Capabilities: Ability to override AI decisions when necessary

Audit Evidence to Request:

• Documented escalation triggers (confidence thresholds, drift percentages)
• Override procedure documentation
• Logs of human interventions and overrides
• Training records for personnel with override authority

Common Gaps:

• No defined confidence thresholds for human review
• Override capabilities exist but are not documented
• Missing records of when and why overrides occurred

Control Domain A.10: Third-Party Management

Controls for managing AI-related risks in the supply chain.

Key Controls:

• A.10.1 - Supplier Due Diligence: Assessment of third-party AI components and services
• A.10.2 - Contractual Requirements: AI-specific terms in vendor agreements

Audit Evidence to Request:

• Vendor assessment questionnaires and results
• Contract clauses addressing AI governance requirements
• Evidence of ongoing vendor monitoring
• Incident notification procedures with vendors

Common Gaps:

• Using pre-trained models without vendor due diligence
• Missing AI-specific clauses in existing contracts
• No ongoing monitoring of third-party AI components

Control Domain: AI System Lifecycle

Controls addressing the complete AI development and deployment lifecycle.

Key Controls:

• Design Controls: Architectural decisions and governance approvals
• Development Controls: Code changes, security implementations, testing
• Deployment Controls: Release management and production safeguards
• Monitoring Controls: Post-deployment performance and drift detection

Audit Evidence to Request:

• Design review records with approval signatures
• Development logs including version control history
• Test results (functional, bias, robustness)
• Deployment checklists and approval records
• Production monitoring dashboards and alerts

Common Gaps:

• Informal design decisions without documentation
• Testing limited to functional accuracy without bias assessment
• Missing post-deployment monitoring procedures

Creating Your Audit Checklist

When building an ISO 42001 audit checklist, ensure each control includes:

1. Control Objective: What the control aims to achieve
2. Evidence Requirements: Specific documents, records, or demonstrations needed
3. Interview Questions: Key questions for control owners
4. Testing Procedures: How to verify control effectiveness
5. Common Findings: Typical issues to look for

Statement of Applicability Considerations

Organizations must document their Statement of Applicability (SoA) explaining which controls are implemented and which are excluded with justification. Auditors should verify:

• All 38 controls are addressed in the SoA
• Exclusions have valid business justification
• Implemented controls align with identified risks
• The SoA is maintained and version-controlled

Conclusion

The 38 controls of ISO 42001 Annex A provide a comprehensive framework for AI governance. For auditors, understanding each control domain, knowing what evidence to request, and recognizing common gaps enables effective assessment of organizational AI management maturity.

As you develop your ISO 42001 audit capabilities, building detailed checklists for each control category will significantly improve audit efficiency and thoroughness.