ISO IEC 42006-2025 PDF

Full title and description

Information technology — Artificial intelligence — Requirements for bodies providing audit and certification of artificial intelligence management systems (ISO/IEC 42006:2025). This international standard specifies additional requirements for certification bodies and other conformity assessment bodies that audit and certify artificial intelligence management systems (AIMS) in accordance with ISO/IEC 42001, building on ISO/IEC 17021-1 to ensure competence, consistency and credibility in AIMS certification.

Abstract

ISO/IEC 42006:2025 defines supplementary requirements for third‑party bodies that perform audits and grant certification of organisations' artificial intelligence management systems. The document complements ISO/IEC 17021‑1 by setting AI‑specific competence, process and evidential requirements so that certification results for AIMS are reliable, consistent and credible. It supports accreditation, peer assessment and confidence for customers and regulators in the certification process for organisations that develop, deploy or use AI systems.

General information

• Status: Published
• Publication date: July 7, 2025
• Publisher: International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) — joint publication
• ICS / categories: 35.020 (Information technology (IT) in general); 03.120.20 (Product and company certification, conformity assessment)
• Edition / version: Edition 1 (2025)
• Number of pages: 31

Scope

This standard specifies additional requirements to ISO/IEC 17021‑1 for bodies performing third‑party certification of artificial intelligence management systems (AIMS) in accordance with ISO/IEC 42001. It applies to certification bodies and provides criteria that support demonstration of competence, consistency and reliability when auditing organisations that provide, develop or use AI systems. The standard can also be used as a basis for accreditation and peer assessment of certification bodies.

Key topics and requirements

• Supplementary requirements to ISO/IEC 17021‑1 specific to AI management system auditing and certification.
• Competence criteria for auditors and technical experts covering AI lifecycle topics (data quality, model development, validation, deployment and monitoring).
• Requirements for audit scope, evidence collection and evaluation of AI‑specific risks (ethical, safety, privacy, bias, transparency).
• Processes for ensuring impartiality, consistency and reproducibility of certification decisions in the context of AI systems.
• Guidance for conformity assessment bodies on handling complex, interdisciplinary evidence and technical artefacts (models, datasets, training pipelines).
• Interaction with accreditation and regulatory frameworks; use as a criteria document for accreditation and peer assessment.
• Interfaces with related conformity assessment standards (for example ISO/IEC 17065 and ISO/IEC 17000 principles) where product or service certification is required.

Typical use and users

Primary users are certification bodies and accreditation bodies responsible for auditing and certifying AI management systems. Secondary users include auditors, technical experts, conformity assessment scheme owners, regulators, organisations seeking AIMS certification, and stakeholders (customers, procurement units, compliance teams) who rely on credible AIMS certification.

Related standards

Closely related standards include ISO/IEC 42001 (requirements for artificial intelligence management systems), ISO/IEC 17021‑1 (requirements for bodies providing audit and certification of management systems), ISO/IEC 17065 (requirements for product, process and service certification), ISO/IEC 17000 (conformity assessment — vocabulary and general principles), and other standards in the ISO/IEC 42000 series addressing AI governance, risk management and technical evaluation.

Keywords

artificial intelligence, AIMS, audit, certification, conformity assessment, accreditation, ISO/IEC 17021, ISO/IEC 42001, competence, data quality, ethics, transparency, risk management, AI governance

FAQ

Q: What is this standard?

A: ISO/IEC 42006:2025 is an international standard that specifies additional requirements for bodies that audit and certify artificial intelligence management systems (AIMS), supplementing ISO/IEC 17021‑1 with AI‑specific criteria.

Q: What does it cover?

A: It covers competence and process requirements for certification bodies, audit scope and evidential practices for AI systems, management of AI‑specific risks (ethics, bias, data quality, transparency), and guidance for consistent, credible AIMS certification and accreditation.

Q: Who typically uses it?

A: Certification bodies and accreditation bodies are the primary users. Auditors, technical experts, organisations seeking AIMS certification, scheme owners and regulators also use it to design, evaluate or rely on AI management system certification.

Q: Is it current or superseded?

A: ISO/IEC 42006:2025 was published as a current international standard (first edition) on July 7, 2025. Users should check for any amendments or future revisions after that date when planning long‑term conformity assessment activities.

Q: Is it part of a series?

A: Yes. It forms part of the ISO/IEC 42000 series related to artificial intelligence management and governance and is intended to work alongside ISO/IEC 42001 (AIMS requirements) and related AI standards.

Q: What are the key keywords?

A: Key keywords include artificial intelligence, AIMS, audit, certification, conformity assessment, accreditation, competence, ethics, data quality, transparency and risk management.