Not necessarily. ISO 27001 is not a prerequisite for ISO/IEC 42001, but the two can work well together. ISO 27001 focuses on information security management, while ISO/IEC 42001 focuses on AI governance and management. Organizations with ISO 27001 already in place may find that parts of their governance, risk, supplier, incident, and review structure can support ISO/IEC 42001 implementation, but the AI-specific management system still needs to be defined on its own terms.
Do we need ISO 27001 before pursuing ISO/IEC 42001?
Share This Story, Choose Your Platform!
About the Author: Raj
