HumanWox
ISO/IEC 42001 Implementation Assurance

The system of record for your AI governance.

HumanWox is an AI governance system of record aligned to ISO/IEC 42001, enabling organisations to implement, evidence, and maintain an audit-ready AI Management System.

Request Early Accesscalendar_monthBook a Walkthrough
No credit card required. Full platform access for 14 days.
HumanWox Dashboard

Clause Progress

72%

AI Systems

0

3 fully governed

Evidence Items

0

2 reviews due

Implementation Progress

Updated today
done
Clause 4: Context of the Organisation
Complete
done
Clause 5: Leadership
Complete
pending
Clause 6: Planning
In Progress
hourglass_empty
Clause 7: Support
Pending

Built for the standards that matter

42001

ISO/IEC 42001

AI Management System

EU AI Act

AI Regulation Alignment

NIST

NIST AI RMF

AI Risk Management Framework

🇬🇧Data hosted in the United KingdomGDPR and UK Data Protection Act 2018 compliant

Governance as a chain of record, not a collection of documents.

Full compliance chains as linked records. Clauses connect to requirements, requirements to controls, controls to evidence, evidence to AI systems. Every link is auditable.

fact_check

Implementation Tracker

Follow the standard step by step with clear guidance on what evidence to produce at each stage.

Learn morearrow_forward
memory

AI System Registry

Register every AI system with purpose, risk classification, data categories, lifecycle stage, and ownership. Serves ISO audits and EU AI Act obligations alike.

Learn morearrow_forward
folder_open

Evidence Lifecycle Management

Evidence has a shelf life. Track review cycles, surface stale artefacts, and ensure every piece links to specific controls and AI systems.

Learn morearrow_forward
bug_report

Issues Tracker (CAPA)

Identify problems, track corrective and preventive actions, and close the loop with full audit history.

Learn morearrow_forward
verified

Readiness Reporting

A real-time readiness score computed from control status, evidence completeness, review currency, and risk treatment. Know exactly where you stand before the auditor arrives.

Learn morearrow_forward
history

Audit Trail

Every action across the platform is logged and tamper-proof. Approvals, version changes, and access events are permanently recorded and available for auditor inspection.

Learn morearrow_forward

Every action. Permanently recorded.

The HumanWox audit trail captures every approval, every version change, and every access event — tamper-proof and available for auditor inspection at any time.

Evidence approved — "AI Risk Assessment Policy v2" — S. Kenning — Clause 6.1.2

Just now

AI system registered — "Customer Churn Predictor" — Lifecycle: Active — Risk: Medium

2 minutes ago

Obligation triggered — Clause 8.4 evidence review overdue — Owner notified

5 minutes ago

CAPA closed — NC-004 — Root cause documented, corrective action verified

8 minutes ago

Evidence version created — "Data Governance Policy v3" — Supersedes v2

12 minutes ago

AI system review due — "Fraud Detection API" — 7 days remaining

15 minutes ago

Evidence submitted for review — "Supplier Risk Assessment" — Pending approval

18 minutes ago

Clause 9.1 — Performance evaluation evidence approved — 3 of 4 requirements met

22 minutes ago

CAPA opened — NC-007 — Severity: Medium — Assigned to J. Smith

25 minutes ago

AI system decommissioned — "Legacy Scoring Model" — Archive period: 30 days

31 minutes ago

Evidence expired — "Third Party AI Policy" — Owner notified for renewal

37 minutes ago

Audit package exported — 47 evidence items — Generated for certification review

42 minutes ago

Evidence approved — "AI Risk Assessment Policy v2" — S. Kenning — Clause 6.1.2

Just now

AI system registered — "Customer Churn Predictor" — Lifecycle: Active — Risk: Medium

2 minutes ago

Obligation triggered — Clause 8.4 evidence review overdue — Owner notified

5 minutes ago

CAPA closed — NC-004 — Root cause documented, corrective action verified

8 minutes ago

Evidence version created — "Data Governance Policy v3" — Supersedes v2

12 minutes ago

AI system review due — "Fraud Detection API" — 7 days remaining

15 minutes ago

Evidence submitted for review — "Supplier Risk Assessment" — Pending approval

18 minutes ago

Clause 9.1 — Performance evaluation evidence approved — 3 of 4 requirements met

22 minutes ago

CAPA opened — NC-007 — Severity: Medium — Assigned to J. Smith

25 minutes ago

AI system decommissioned — "Legacy Scoring Model" — Archive period: 30 days

31 minutes ago

Evidence expired — "Third Party AI Policy" — Owner notified for renewal

37 minutes ago

Audit package exported — 47 evidence items — Generated for certification review

42 minutes ago

Built on a compliance chain, not a document store.

Auditors want to trace a compliance chain: from the requirement, through your control, to the evidence, tied to the specific AI system it governs. HumanWox makes this the default.

  • check_circle

    Three-Layer Compliance Model

    Organisational governance, system-level controls, and evidence management, all connected.

  • check_circle

    System-First Data Architecture

    AI systems are the primary object. Clause compliance is computed from system governance state.

  • check_circle

    Framework Extensibility

    ISO 42001 is the first overlay. EU AI Act and NIST AI RMF map onto the same registry.

Full Compliance Chain
Clause

Clause 6: Planning

Risk assessment and treatment planning

arrow_downward
Requirement

6.1.2 AI Risk Assessment

Organisation shall assess AI-related risks

arrow_downward
Control

Risk Assessment Procedure

Applied to: Customer Chatbot, Fraud Detection Model

arrow_downward
Evidence

Risk_Assessment_Q1_2026.pdf

Reviewed 14 Feb 2026 · Approved by J. Hartley

check_circle

Built for Organisations That Take AI Governance Seriously

Whether pursuing certification or preparing for the EU AI Act, the question is the same: can you demonstrate responsible AI governance?

business

Compliance and Risk Leaders

Structured implementation without spreadsheets and shared drives. Audit-ready infrastructure from day one.

engineering

AI Project and Technical Leads

Connect your AI systems to governance requirements without adding overhead to your development workflow.

groups

Implementers and Consultants

We partner with implementers, not compete. The structured environment your clients need, freeing you to focus on advisory.

shield_person

Board and Leadership

Demonstrable, defensible AI governance posture. Readiness visibility that gives assurance with confidence.

Straightforward Pricing for AI Governance

One plan. Full platform access. No feature gating, no per-seat surprises. Implementation assurance should not require enterprise negotiations.

14-Day Free Trial

Founding Member

Everything you need to implement and maintain ISO/IEC 42001.

£249/month

Billed monthly. Cancel anytime.

  • check_circleFull ISO/IEC 42001 clause and requirement mapping
  • check_circleUnlimited AI systems in the registry
  • check_circleEvidence upload, versioning, and lifecycle tracking
  • check_circleApproval workflows with role-based access
  • check_circleReadiness scoring and audit reporting
  • check_circleImmutable audit trail with full export
  • check_circleUp to 10 team members
  • check_circle50 GB encrypted evidence storage
Request Early Access

No credit card required

ISO/IEC 42001 consultancy engagements typically cost £15,000 to £50,000. HumanWox provides the implementation infrastructure for a fraction of that investment.

Frequently Asked Questions

Everything you need to know about ISO/IEC 42001 and the HumanWox platform.

What is ISO/IEC 42001?expand_more
ISO/IEC 42001 is the international standard for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS). It provides the framework for organisations to govern their use of AI responsibly, covering leadership commitment, risk assessment, operational controls, performance evaluation, and continuous improvement.
How long does implementation typically take?expand_more
Typically 3 to 9 months depending on organisational maturity. Organisations with existing management systems such as ISO 27001 often progress faster. HumanWox accelerates the process by removing ambiguity about what is required at each stage.
Does HumanWox replace the need for a consultant?expand_more
No, and it is not designed to. HumanWox provides structured infrastructure for implementation, but your organisation still needs to make governance decisions, write policies, and conduct risk assessments. We partner with implementers rather than competing with them.
What happens after we achieve certification?expand_more
Certification is a milestone, not a destination. Annual surveillance audits and triennial recertification mean the governance cycle never ends. HumanWox provides ongoing value through evidence lifecycle tracking, readiness monitoring, management review support, and change management when AI systems evolve.
Does HumanWox use AI to generate compliance documents?expand_more
No. Certification bodies rightly question AI-generated compliance documents. AI features within HumanWox are optional and assistive: gap analysis, evidence scanning, and smart search. Your organisation writes the content. HumanWox manages the governance infrastructure around it.
How does HumanWox relate to the EU AI Act?expand_more
The AI System Registry captures risk classification, system type, deployment environment, and data categories, all of which map to EU AI Act obligations. The system-first architecture means EU AI Act requirements can be layered onto the same governance data without rebuilding anything.
Is my data secure?expand_more
Enterprise-grade encryption at rest and in transit. Row-level security ensures organisations only access their own data. Evidence files are stored in isolated, encrypted buckets. We take security seriously because governance records are by definition sensitive.

The record your AI governance needs.

14 days to explore the full platform. No credit card, no sales calls, no feature restrictions. Just the infrastructure your AI management system needs.

Request Early AccessBook a Walkthrough

No credit card required. Full platform access for 14 days.