Skip to main contentChat with us
Chat with us

ISO/IEC 42001 · Risk & Impact Assessment

AI Risk & Impact Assessment
under Annex A.5

ISO 42001 asks two questions about every AI system: what could go wrong for you, and how could it affect the people around it. This guide covers both assessments — the AI-specific risk categories, the methodology, and the register that records it all.

2Assessments required
9AI-specific risk categories
A.5Impact-assessment objective

ISO/IEC 42001:2023 · AI Management System · Last reviewed July 2026

Two Assessments

Risk looks inward. Impact looks outward

The single most common ISO 42001 mistake is collapsing two different assessments into one. They are related, but they answer different questions — and the standard requires both.

AI risk assessment

Question: what could go wrong for the organization and its objectives?

Internal lens. Likelihood × consequence to your operations, finances, reputation, and compliance. Lives in clauses 6 and 8.

AI system impact assessment

Question: how could this system affect individuals, groups, and society?

External lens. Rights, fairness, safety, autonomy. This is Annex A.5 — and the artifact auditors scrutinize most.

What to Look For

The AI-specific risk categories

Classic IT risk assessment misses most of these. An AI risk assessment has to go looking for them deliberately.

Bias & fairness

Discriminatory or skewed outcomes across protected groups, from training data or model design.

Transparency & explainability

Decisions that cannot be explained to users, auditors, or affected people.

Robustness & accuracy

Errors, hallucinations, and degradation under edge cases or distribution shift.

Security

Adversarial inputs, prompt injection, data poisoning, and model extraction or theft.

Privacy & data protection

Exposure of personal data in training data, prompts, or outputs (DPDP Act, GDPR).

Human oversight & autonomy

Systems acting beyond intended scope with no effective human intervention.

Model drift

Silent performance decay as the world changes away from the training distribution.

Third-party & foundation models

Inherited risk from vendors, APIs, and foundation models you do not control.

Societal & environmental

Broader harms — misinformation, labor impact, and compute footprint.

The Methodology

Six steps, ISO 31000 in shape

ISO 42001 does not prescribe one method — it requires a defined, repeatable process with documented results. This is the shape most teams use, drawn from ISO 31000 and ISO/IEC 23894 for risk — and ISO/IEC 42005:2025 for the impact assessment.

Scope & context

Define the AI system, its intended purpose, stakeholders, and the criteria you will judge risk against.

Identify

Enumerate risks across the categories above, and the parties each could affect.

Analyze

Estimate likelihood and consequence for each risk, using consistent, documented scales.

Evaluate

Compare against your risk-acceptance criteria to decide what needs treatment.

Treat

Avoid, reduce, transfer, or accept — and map each treatment to an Annex A control.

Monitor & review

Re-assess on a schedule and on triggers: new data, model changes, incidents, drift.

The Artifact

The AI risk register

The register is where the methodology becomes evidence. These columns capture what an auditor needs to trace a risk from identification through to the control that treats it — and the residual you accepted.

IDAI systemRisk & categoryAffected partiesLikelihood × impactTreatment / controlOwnerResidual
R-01Resume-screening modelBias against protected groups (Fairness)ApplicantsHigh × HighBias testing + human review (A.5, A.9)Talent leadMedium
R-02Support chatbot (LLM)Prompt injection (Security)Customers, brandMedium × HighInput filtering + output guardrails (A.6.2)Eng ownerLow
R-03Credit-scoring modelUnexplainable denials (Transparency)Applicants, regulatorMedium × HighExplainability + adverse-action notices (A.8)Risk leadMedium

Illustrative rows for structure only — your register reflects your own AI systems and risk criteria.

A pre-built AI risk register, impact-assessment template, and Statement of Applicability come in our template pack. Each treatment maps to a control in the Annex A catalog, and the EU AI Act mapping shows how this satisfies the Act's Article 9 risk-management duty.

Frequently Asked Questions

What teams ask when they sit down to assess an AI system for the first time.

What is the difference between an AI risk assessment and an AI impact assessment?

They answer different questions. An AI risk assessment looks inward: what could go wrong for the organization and its objectives, how likely is it, and how bad would it be? An AI system impact assessment (ISO 42001 Annex A.5) looks outward: how could this AI system affect individuals, groups, and society — fairness, rights, safety, autonomy? ISO 42001 requires both. They feed each other: impacts on people are often the most serious risks to the organization, and the impact assessment frequently surfaces risks a purely internal view would miss.

What does ISO 42001 Annex A.5 require?

Annex A.5 ("Assessing impacts of AI systems") requires a documented process for assessing the potential consequences of AI systems for individuals and groups of individuals (A.5.4) and for society (A.5.5), with the results documented (A.5.3) using a defined process (A.5.2). In practice that means: for each AI system, identify who could be affected and how, assess the severity and likelihood of those impacts, define mitigations, and record the residual position. ISO/IEC 42005:2025 — the AI system impact assessment standard published in May 2025 — provides the step-by-step methodology most organizations now follow to satisfy A.5. It is one of the objectives auditors examine most closely at Stage 2.

What AI-specific risks should the assessment cover?

Beyond classic security and availability, an AI risk assessment should cover bias and fairness, transparency and explainability, robustness and accuracy (including hallucination and edge-case failure), AI-specific security (adversarial inputs, prompt injection, data poisoning, model extraction), privacy and data protection, human oversight and autonomy, model drift over time, and third-party or foundation-model dependency. For generative and agentic systems, prompt injection and unbounded autonomy deserve particular attention.

Is there a standard methodology for AI risk assessment?

Yes. The shape follows ISO 31000 — establish context, identify, analyze, evaluate, treat, monitor and review — applied to AI-specific risks. ISO/IEC 23894 gives guidance on AI risk management specifically, ISO/IEC 42005:2025 gives the methodology for AI system impact assessments, and the NIST AI Risk Management Framework offers a complementary function-based approach (Govern, Map, Measure, Manage). ISO 42001 does not mandate one method; it requires that you have a defined, repeatable process and that you document the results, which is what the risk register and impact-assessment templates capture.

How often should AI risk assessments be repeated?

Treat them as living documents, not one-time exercises. Re-assess on a regular cadence (annually is common) and on triggers: a material model change or retraining, a new data source, a new deployment context, a relevant incident, or detected drift. Because AI systems change behavior as their data and environment change, a risk assessment that is never revisited is one of the more common audit findings.

Written By Expert Auditors

Surendra Pal Singh
Surendra Pal Singh
Chief Information Security Officer & Data Protection Officer
CISODPOCISAMCSEITILISO 27001 Lead AuditorISO 27701 Lead AuditorISO 42001 Lead Auditor
Saundhi Chauhan
Saundhi Chauhan
Lead Auditor
ISO 27001 Lead AuditorISO 27701 Lead Auditor
Last reviewed: July 2026Content verified by certified lead auditors

Get in touch

Book a free consultation or send us your requirements. We respond within 24 hours.

Quick Call

Pick a time slot

Send Requirements

Get a custom quote in 24 hours

We're Online

⚠️ Business inquiries only. Personal email addresses will be rejected.

24hr Response
Free Consultation
No Obligations