HumanWox
ISO/IEC 42001 Implementation Assurance

The governance infrastructure your AI systems deserve

HumanWox is the system of record for ISO/IEC 42001 implementation. Map clauses to controls, link evidence to AI systems, and demonstrate audit-ready governance through full compliance chains.

Start Your 30-Day Trialcalendar_monthBook a Walkthrough
No credit card required. Full platform access for 30 days.
HumanWox Dashboard

Clause Progress

72%

AI Systems

0

3 fully governed

Evidence Items

0

2 reviews due

Implementation Progress

Updated today
done
Clause 4: Context of the Organisation
Complete
done
Clause 5: Leadership
Complete
pending
Clause 6: Planning
In Progress
hourglass_empty
Clause 7: Support
Pending

Built for the standards that matter

ISO/IEC 42001
EU AI Act
NIST AI RMF

Not Another Checklist. A Governance System of Record.

Full compliance chains as linked records. Clauses connect to requirements, requirements to controls, controls to evidence, evidence to AI systems. Every link is auditable.

fact_check

Clause-by-Clause Implementation

Follow the standard from Clause 4 through Clause 10. Each clause surfaces affected AI systems, required evidence, and remaining gaps.

Learn morearrow_forward
memory

AI System Registry

Register every AI system with purpose, risk classification, data categories, lifecycle stage, and ownership. Serves ISO audits and EU AI Act obligations alike.

Learn morearrow_forward
folder_open

Evidence Lifecycle Management

Evidence has a shelf life. Track review cycles, surface stale artefacts, and ensure every piece links to specific controls and AI systems.

Learn morearrow_forward
verified

Readiness Reporting

A real-time readiness score computed from control status, evidence completeness, review currency, and risk treatment. Know exactly where you stand before the auditor arrives.

Learn morearrow_forward

Every Artefact Traceable. Every Link Auditable.

Auditors want to trace a compliance chain: from the requirement, through your control, to the evidence, tied to the specific AI system it governs. HumanWox makes this the default.

  • check_circle

    Three-Layer Compliance Model

    Organisational governance, system-level controls, and evidence management, all connected.

  • check_circle

    System-First Data Architecture

    AI systems are the primary object. Clause compliance is computed from system governance state.

  • check_circle

    Framework Extensibility

    ISO 42001 is the first overlay. EU AI Act and NIST AI RMF map onto the same registry.

Full Compliance Chain
Clause

Clause 6: Planning

Risk assessment and treatment planning

arrow_downward
Requirement

6.1.2 AI Risk Assessment

Organisation shall assess AI-related risks

arrow_downward
Control

Risk Assessment Procedure

Applied to: Customer Chatbot, Fraud Detection Model

arrow_downward
Evidence

Risk_Assessment_Q1_2026.pdf

Reviewed 14 Feb 2026 · Approved by J. Hartley

check_circle

Built for Organisations That Take AI Governance Seriously

Whether pursuing certification or preparing for the EU AI Act, the question is the same: can you demonstrate responsible AI governance?

business

Compliance and Risk Leaders

Structured implementation without spreadsheets and shared drives. Audit-ready infrastructure from day one.

engineering

AI Project and Technical Leads

Connect your AI systems to governance requirements without adding overhead to your development workflow.

groups

Implementers and Consultants

We partner with implementers, not compete. The structured environment your clients need, freeing you to focus on advisory.

shield_person

Board and Leadership

Demonstrable, defensible AI governance posture. Readiness visibility that gives assurance with confidence.

Straightforward Pricing for AI Governance

One plan. Full platform access. No feature gating, no per-seat surprises. Implementation assurance should not require enterprise negotiations.

30-Day Free Trial

Professional

Everything you need to implement and maintain ISO/IEC 42001.

£199/month

Billed monthly. Cancel anytime.

  • check_circleFull ISO/IEC 42001 clause and requirement mapping
  • check_circleUnlimited AI systems in the registry
  • check_circleEvidence upload, versioning, and lifecycle tracking
  • check_circleApproval workflows with role-based access
  • check_circleReadiness scoring and audit reporting
  • check_circleImmutable audit trail with full export
  • check_circleUp to 10 team members
  • check_circle50 GB encrypted evidence storage
Start Your 30-Day Trial

No credit card required

ISO/IEC 42001 consultancy engagements typically cost £15,000 to £50,000. HumanWox provides the implementation infrastructure for a fraction of that investment.

Frequently Asked Questions

Everything you need to know about ISO/IEC 42001 and the HumanWox platform.

What is ISO/IEC 42001?expand_more
ISO/IEC 42001 is the international standard for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS). It provides the framework for organisations to govern their use of AI responsibly, covering leadership commitment, risk assessment, operational controls, performance evaluation, and continuous improvement.
How long does implementation typically take?expand_more
Typically 3 to 9 months depending on organisational maturity. Organisations with existing management systems such as ISO 27001 often progress faster. HumanWox accelerates the process by removing ambiguity about what is required at each stage.
Does HumanWox replace the need for a consultant?expand_more
No, and it is not designed to. HumanWox provides structured infrastructure for implementation, but your organisation still needs to make governance decisions, write policies, and conduct risk assessments. We partner with implementers rather than competing with them.
What happens after we achieve certification?expand_more
Certification is a milestone, not a destination. Annual surveillance audits and triennial recertification mean the governance cycle never ends. HumanWox provides ongoing value through evidence lifecycle tracking, readiness monitoring, management review support, and change management when AI systems evolve.
Does HumanWox use AI to generate compliance documents?expand_more
No. Certification bodies rightly question AI-generated compliance documents. AI features within HumanWox are optional and assistive: gap analysis, evidence scanning, and smart search. Your organisation writes the content. HumanWox manages the governance infrastructure around it.
How does HumanWox relate to the EU AI Act?expand_more
The AI System Registry captures risk classification, system type, deployment environment, and data categories, all of which map to EU AI Act obligations. The system-first architecture means EU AI Act requirements can be layered onto the same governance data without rebuilding anything.
Is my data secure?expand_more
Enterprise-grade encryption at rest and in transit. Row-level security ensures organisations only access their own data. Evidence files are stored in isolated, encrypted buckets. We take security seriously because governance records are by definition sensitive.

Your AI Governance Starts Here

30 days to explore the full platform. No credit card, no sales calls, no feature restrictions. Just the infrastructure your AI management system needs.

Start Your 30-Day TrialBook a Walkthrough

No credit card required. Full platform access for 30 days.