At some point a procurement questionnaire, an audit committee or a customer's assurance team puts the question directly: are we doing ISO 42001 or NIST? Most of what ranks for that comparison is written by compliance-software vendors for compliance managers, and it treats the two as rival products with a winner. If you are the director or risk lead who has to make the call and then defend it — to the board, to a customer, to an auditor — that framing will steer you wrong.
The honest starting point is that they are not the same category of thing. ISO/IEC 42001 is a certifiable management system standard; the NIST AI RMF is a voluntary risk framework. One produces a certificate a third party can verify; the other produces a risk practice your teams can run. Which you need depends on who is asking, and the mature answer is increasingly both, arranged in a particular way.
Key takeaways
- ISO/IEC 42001 and the NIST AI RMF are different categories of instrument — a certifiable management system standard versus a voluntary risk framework — so "which is better" is the wrong question; "who needs the evidence" is the right one.
- Choose ISO/IEC 42001 when someone external needs proof: procurement frameworks, enterprise customers, regulated UK sectors. Only a UKAS-accredited certification body can certify you — BSI was the first, accredited in November 2025 — and a consultancy can only prepare you.
- Choose the NIST AI RMF when you need a working internal risk practice: Govern, Map, Measure and Manage are free to adopt, carry a generative-AI profile, and are the default vocabulary with US counterparties.
- Mature organisations run both: the RMF's four functions slot into a 42001 AIMS's Plan-Do-Check-Act cycle, and NIST publishes a crosswalk between the two so the work is done once.
- Neither gives you working controls. Both produce paperwork that still has to become enforcement in code — the gap where AI governance most often fails.
Two different categories of instrument, not two competitors
ISO/IEC 42001:2023 is the first international management system standard for AI, published by ISO and IEC in December 2023. It specifies an AI management system — an AIMS — in the same Plan-Do-Check-Act shape as ISO 27001 and ISO 9001: clause requirements (4 to 10) that put scope, leadership, risk assessment and management review on named owners, plus Annex A controls selected through a Statement of Applicability. The defining property of a management system standard is that it is written to be audited: an accredited third party can examine your evidence and issue a certificate. We walk through what the clauses ask of a board in a companion piece.
Published by the US National Institute of Standards and Technology in January 2023, the NIST AI Risk Management Framework 1.0 is explicitly voluntary — there is no such thing as NIST AI RMF certification, and no body issues one. It organises AI risk into four functions — Govern, Map, Measure, Manage — supported by seven characteristics of trustworthy AI and tailored through profiles, including the July 2024 Generative AI Profile (NIST AI 600-1). It tells you how to think about and operate AI risk across the lifecycle; it does not define what an auditor must find.
So one is a standard you can be certified against; the other is a framework you use. Asking which is better is like asking whether ISO 27001 is better than a risk methodology. The useful question is which pressure you are answering.
Side by side
| ISO/IEC 42001:2023 | NIST AI RMF 1.0 | |
|---|---|---|
| Origin | ISO and IEC, December 2023 | US NIST, January 2023 |
| Category | Certifiable management system standard | Voluntary risk management framework |
| Structure | Plan-Do-Check-Act: clauses 4–10 plus Annex A controls | Four functions — Govern, Map, Measure, Manage — plus profiles |
| Certifiable? | Yes, by an accredited certification body only (UKAS-accredited in the UK) | No; no certification scheme exists |
| Written for | Top management and the assurance chain | Practitioners: risk, engineering and product teams |
| Artefacts produced | Scope, AI policy, risk and impact assessments, Statement of Applicability, management-review minutes, certificate | Risk maps, measurement plans, documented treatments, a profile mapped to your use cases |
| Main cost driver | Scope — sites, headcount, number and risk of AI systems — which sets the internal build and the accredited audit days | Internal time from risk and engineering teams; the framework itself is free |
| Recognition | UK: strong procurement signal. EU: useful evidence; no presumption of conformity under the AI Act. US: recognised; ANAB-accredited bodies certify | US: the reference point, including federal supply chains. UK/EU: respected practice, but no certificate to show |
A word on cost. Certification cost depends on your scope and on the certification body — the number of sites, the people in scope, the number and risk profile of your AI systems, and whether you are a developer, provider or deployer all change the audit days. Anyone quoting a flat price before scoping is guessing.
When ISO/IEC 42001 is the answer
ISO/IEC 42001 earns its cost when an external party needs to rely on your governance without taking your word for it.
- Procurement and assurance pressure. Enterprise customers and framework buyers are starting to ask "are you ISO 42001 certified or aligned?" in security questionnaires, the same way ISO 27001 became a tender gate. A certificate answers that question in one line; a bespoke description of your practice does not.
- The certification signal. In regulated UK sectors — financial services, housing, suppliers to local authorities — boards and their regulators want assurance that is independent of management. A management system audited by an accredited body is exactly that.
- An existing ISO estate. If you already operate ISO 27001 or ISO 9001, the clause machinery — document control, internal audit, management review — is already running, and extending it to an AIMS costs far less than starting cold.
One line of discipline: you can align to ISO/IEC 42001 yourself, but you cannot certify yourself, and neither can your consultancy. Certification is issued only by an accredited certification body — in the UK, UKAS granted the first ISO/IEC 42001 accreditation to BSI in November 2025. A consultancy prepares you; the accredited body audits and certifies, then keeps you honest with surveillance audits. A well-run aligned AIMS, without the certificate, is still real governance and is often enough for a regulator or an internal assurance function.
When the NIST AI RMF is the answer
The RMF wins where the problem is practice, not proof.
- You need an engineering risk discipline now. The four functions give product and risk teams a working method — map the system and its context, measure what can be measured, manage what the measurements show — without standing up a certification project first.
- Your counterparties are American. For US federal supply chains and many US enterprises, the RMF is the shared vocabulary; a UK certificate adds less there than fluency in Govern-Map-Measure-Manage.
- Nobody is asking for a certificate. If no customer, framework or regulator requires independent assurance, paying for an audit buys you a signal nobody is reading. The RMF costs your time, not a registrar's.
Its limit is the mirror image of its strength: everything under the RMF is self-asserted. The moment a procurement team needs evidence it can verify without trusting you, you are back in management-system territory.
The mature pattern: run the RMF inside a 42001 AIMS
Past the first year of serious AI use, this is rarely either/or: the pattern we see — and recommend — is the NIST RMF as the risk engine inside an ISO/IEC 42001 management system. The fit is close to mechanical: Govern lines up with clauses 4 and 5 (context and leadership), Map with clause 6's risk and impact assessments, Measure with clause 9's monitoring and management review, and Manage with clauses 8 and 10 (operation and improvement). NIST maintains an official crosswalk between the AI RMF and ISO/IEC 42001, so the mapping is done once and the same evidence serves both.
Both also map onto the regimes a UK board actually answers to. The UK has no single AI statute; regulators apply five cross-cutting principles within their existing remits, and a 42001 AIMS with an RMF risk practice inside it is the most concrete evidence you can offer against them — particularly accountability and governance, where both instruments demand named owners and dated records. We map the wider field in our guide to choosing an AI governance framework in the UK, and the regulatory backdrop in our UK briefing.
The EU AI Act deserves a harder-edged note. It is binding and extraterritorial, and neither instrument discharges it. ISO/IEC 42001 is not a harmonised standard under Article 40 of the Act, so certification carries no presumption of conformity; the harmonised standards are being drafted by CEN-CENELEC's JTC 21 under a Commission standardisation request, with the AI-Act-specific quality management standard (prEN 18286) still in development as of mid-2026. Treat 42001 as scaffolding for EU compliance, not a shield.
A decision flow you can defend in the minutes
- Is an external party demanding independent assurance? If a customer, framework or regulator wants certification or a third-party audit, that points to ISO/IEC 42001, with a UKAS-accredited body as the destination.
- Are your counterparties mostly in the US? Then the NIST AI RMF is the language they expect, and a certificate may add little until a contract says otherwise.
- Do you already hold ISO 27001 or 9001? Extend the management system to 42001 and run the RMF as the risk method inside it; the marginal cost is far lower than the headline suggests.
- Is the urgent problem internal — teams shipping AI without risk discipline? Start with the RMF's four functions this quarter; do not park the risk work behind a certification project.
- No external pressure yet, but you expect it? Build a 42001-aligned AIMS now, run the RMF inside it, and buy the audit when procurement starts asking. Alignment converts to certification; improvisation does not.
One caveat belongs in the same minute: neither instrument gives you working controls. A policy that says a model must not write to production data is a sentence; a database account that physically cannot write is a control. Risk maps, Statements of Applicability and management reviews are necessary, but they remain paperwork until someone enforces them in code — read-only-by-construction access, append-only decision ledgers, human approval gates before anything leaves the building. That enforcement layer is the part both frameworks assume and neither supplies; it is also the layer we publish for our own systems.
The answer that survives scrutiny, then, is rarely a brand name. It is a sentence like: we run a NIST-shaped risk practice inside an ISO 42001-aligned management system, and we will take certification from a UKAS-accredited body when a counterparty needs it. That is a position a director can defend — because it names the category of each instrument, the pressure each one answers, and the gap that neither closes.
Last reviewed: 12 June 2026.
To see where you stand against either framework today, start with our free Board AI Scorecard, or commission an AI governance diagnostic (from £3,950) for a gap analysis mapped to ISO/IEC 42001 and the NIST AI RMF — and see the controls we build into our own systems.
