Skip to content

Add ISO 42001 AI Management System framework plugin (eucomplyhub)#27

Open
TAIKER656 wants to merge 1 commit into
verifywise-ai:mainfrom
TAIKER656:add-eucomplyhub-iso42001-framework
Open

Add ISO 42001 AI Management System framework plugin (eucomplyhub)#27
TAIKER656 wants to merge 1 commit into
verifywise-ai:mainfrom
TAIKER656:add-eucomplyhub-iso42001-framework

Conversation

@TAIKER656

@TAIKER656 TAIKER656 commented May 20, 2026

Copy link
Copy Markdown

Community-contributed framework plugin implementing ISO/IEC 42001:2023 AI Management System (AIMS) as a starter framework for mid-market SaaS preparing for the August 2, 2026 EU AI Act
Article 50 enforcement deadline.

Marketplace gap filled: ISO 42001 was not previously available. Existing iso27001 plugin covers information security; this adds the AI-specific management system standard.

What's included

Management clauses (4-10): Context, Leadership (Article 14 oversight), Planning (AI risk + impact + FRIA), Support (Article 4 literacy + Annex IV docs), Operation (vendor management +
post-market monitoring), Performance Evaluation (Article 15 + Article 50 metrics), Improvement.

Selected Annex A controls mapped to EU AI Act articles:

  • A.2.2 AI policy
  • A.3.2 AI roles and responsibilities
  • A.6.2.2 AI impact assessment
  • A.7.4 Data quality (↔ Article 10)
  • A.8.2 System documentation
  • A.9.2 Transparency (↔ Article 50)
  • A.9.3 External reporting (↔ Article 73)
  • A.10.2 Human oversight (↔ Article 14)

Files added

  • plugins/eucomplyhub-iso42001/template.json (22 controls, 8 clauses, full triple-framework crosswalk)
  • plugins/eucomplyhub-iso42001/index.ts (createFrameworkPlugin wrapper)
  • plugins/eucomplyhub-iso42001/icon.svg
  • plugins/eucomplyhub-iso42001/README.md
  • plugins.json (registry entry — community plugin, isOfficial: false)

Triple-framework alignment

Designed to coexist with VerifyWise's NIST AI RMF coverage. Controls explicitly crosswalk-tagged to EU AI Act where applicable.

What this plugin is NOT

  • Not a full ISO 42001 certification preparation (24+ months engagement)
  • Not all 38 Annex A controls (representative subset; full SoA covers all)
  • Not legal advice
  • Not affiliated with ISO

Maintainer

eucomplyhub.com — Piotr Reder (EU AI Act + ISO 42001 audit consulting for mid-market SaaS, Mijas Spain). Will maintain plugin (monthly review + Omnibus shift updates Dec 2027 / Aug 2028). MIT
license. piotr@eucomplyhub.com

Happy to iterate on PR review feedback. If maintainers prefer iso42001-starter naming convention to match iso27001-starter, happy to rename.

Community-contributed framework plugin implementing ISO/IEC 42001:2023
AI Management System (AIMS) as a starter framework for mid-market SaaS
preparing for the August 2, 2026 EU AI Act Article 50 enforcement deadline.

Plugin contents:
- Management clauses 4-10 (context, leadership, planning, support,
  operation, performance evaluation, improvement)
- Selected Annex A controls mapped to EU AI Act articles 4, 9, 10, 14,
  15, 26(6), 27, 50, 73
- Triple-framework alignment with EU AI Act + NIST AI RMF
- Auto-import on installation

Maintained by eucomplyhub.com (Piotr Reder) — EU AI Act + ISO 42001
audit consulting for mid-market SaaS. Mijas, Spain. MIT license.

Fills gap in marketplace: ISO 42001 framework was not previously
available (iso27001 exists, but ISO 42001 is AI-specific). EU AI Act
framework also not yet available — separate contribution candidate.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant