42001
The Standard Your Firm Needs Next
ISO 42001:
AI Management Systems
Published in 2023, ISO 42001 is the world's first international standard for AI management systems. For professional services firms already using AI in document review, research, client communications, and risk assessment — this is the framework that turns ad hoc AI use into governed, defensible practice.
Why It Matters
AI is already in your firm
The question isn't whether your firm uses AI. It's whether you can demonstrate to clients, regulators, and insurers that you govern it properly.
Client Confidence
Demonstrate Responsible AI Use
Clients — especially in regulated sectors — increasingly ask how their data is handled by AI tools. ISO 42001 gives you a certifiable answer, not a reassurance.
Regulatory Readiness
Stay Ahead of Legislation
The EU AI Act is live. UK regulation is evolving. SRA expectations are tightening. ISO 42001 positions your firm ahead of mandatory requirements, not scrambling to catch up.
Risk Management
Govern AI, Don't Just Use It
From bias in AI-assisted decisions to data leakage through language models — the risks are real and specific. ISO 42001 provides the framework to identify, assess, and control them systematically.
9001
Quality Management -
processes, continual improvement
27001
Information Security -
data protection, access controls
42001
AI Management -
governance, risk, responsible use
31000
Risk Management -
unifying framework across all standards
Integrated Management
Stronger Together
ISO 42001 doesn't stand alone. It integrates with ISO 9001 (quality), ISO 27001 (information security), and ISO 31000 (risk management) to create a unified management system. WJW33 builds integrated implementations from the ground up — so your AI governance connects to your quality and security framework rather than sitting in a separate silo.
Already have ISO 9001 or 27001? Adding 42001 to an existing IMS is significantly more efficient than a standalone implementation. Already have CQS or Lexcel? There's more overlap than you might think.
What WJW33 Offers
Full ISO 42001 Journey
From initial assessment to certification readiness and ongoing audit — WJW33 supports the complete ISO 42001 lifecycle.
step 1
Gap Analysis
Understand your current position against ISO 42001 requirements. AI system inventory, risk landscape, governance maturity — assessed clause by clause with a clear roadmap forward. £2,500 – £3,500.
step 2
Implementation
Documentation, AI risk frameworks, impact assessments, governance structures, and operational controls — built specifically for professional services firms. £2,500 – £5,000.
step 3
Audit & Assurance
Internal audit, pre-certification readiness, and ongoing surveillance support. Independent assurance that your AIMS works — not just exists. £800 – £2,500.
Thought Leadership
ISO 42001 Blog Series
Eight-part deep dive into ISO 42001 for professional services — from clause-by-clause breakdown to certification readiness. Written on Fika Friday.
01
Clause-by-Clause Breakdown
published
02
Building Your AI System Inventory
published
03
AI Risk Assessment
Coming soon
04
AI Impact Assessment
Coming soon
05
Governance Structures
Coming soon
06
Operational Controls (Clause 8)
Coming soon
07
Performance Evaluation (Clause 9)
Coming soon
08
Continual Improvement & Certification
Coming soon
