ISO/IEC 42001:2023, AI Management System
ISO/IEC 42001:2023 is the international management-system standard for AI, published December 2023. It is certifiable: an accredited body audits an organization's AI management system against the standard's clauses. This page maps Verdifax's manifest hash to the evidence clauses where a sealed, independently-verifiable record is the natural primitive.
What ISO/IEC 42001 actually requires
The standard mirrors the structure of ISO 27001 (information security) and ISO 9001 (quality), a high-level "AI management system" wrapping clauses on context, leadership, planning, support, operation, performance evaluation, and improvement.
The two clauses where a sealed execution record is the load-bearing artifact are:
- Clause 8, Operation. Operational planning and control, AI system impact assessment, AI system lifecycle. Requires recorded evidence that the operator executed the planned controls on the systems in scope.
- Clause 9, Performance evaluation. Monitoring, measurement, analysis, evaluation, internal audit, management review. Requires the operator to produce records sufficient for an internal auditor to verify the management system is working.
Where Verdifax fits
| Clause | Verdifax contribution |
|---|---|
| 8.2 (AI system impact assessment) | Sealed input + output + policy-gate record per run, the impact assessment can cite specific manifest hashes as evidence of which configurations went live |
| 8.3 (AI system lifecycle) | DKEC binds git SHA + container hash + dependency manifest into the lifecycle record automatically |
| 8.4 (data) | DOG seals all external inputs resolved at attestation time; AIVP seals the AI provider's output text |
| 9.1 (monitoring, measurement, analysis, evaluation) | Every run produces a LegalEvidenceArtifact suitable as a sampling unit for performance evaluation |
| 9.2 (internal audit) | The open-source verdifax-verify CLI recomputes any manifest hash offline, internal auditors do not need privileged access to verify execution claims |
| 9.3 (management review) | Aggregated manifest-hash counts + Sigstore Rekor anchoring give management review a tamper-evident substrate to draw from |
What this does not cover
- Clauses 4–7 (context, leadership, planning, support), these are management-system process requirements. Verdifax produces evidence; it is not a management system itself.
- Annex A controls (objectives + control templates), Verdifax satisfies the evidence dimension of relevant controls; the implementation dimension is the operator's responsibility.
- Certification, Verdifax does not certify the operator's management system. Accredited certification bodies do.