I continue in the same vein as my article on ISO 27001 controls that do not apply to organizations without software development. Today I tackle the AI version.

ISO/IEC 42001:2023, published in December 2023, governs artificial intelligence management systems. Its Annex A contains 38 controls grouped into 9 objectives (A.2 through A.10).

An SMB that uses only ChatGPT, Claude, or Gemini via their SaaS interfaces, without developing its own models, does not have to apply half of these controls.

That is an important detail for organizations that look at the standard without context and wrongly conclude it is out of reach for a small structure.

The principle: user or provider?

ISO 42001 distinguishes several roles in the AI value chain:

  • The AI provider — the creator of the model (OpenAI, Anthropic, Google).
  • The AI integrator — the one who develops an application on top of a model.
  • The AI user — the one who uses a turnkey tool.

An SMB that tells its employees “use ChatGPT to draft your emails” is strictly a user. Not a provider. Not an integrator.

The standard applies to all three roles, but not with the same intensity. What follows is for the pure user profile, with no model development or training.

A.6: AI lifecycle, largely not applicable

Objective A.6 covers the full lifecycle of an AI system, from design through decommissioning. It divides into two subsections.

A.6.1 Management guidance for AI development:

  • A.6.1.2 Objectives for responsible development of the AI system.
  • A.6.1.3 Responsible design and development processes.

A.6.2 AI system lifecycle:

  • A.6.2.2 AI system requirements and specifications.
  • A.6.2.3 Documentation of AI system design and development.
  • A.6.2.4 AI system verification and validation.
  • A.6.2.5 AI system deployment.
  • A.6.2.6 AI system operation and monitoring.
  • A.6.2.7 AI system technical documentation.

If you write no AI code and train no models, NONE of these controls apply to you directly. OpenAI, Anthropic, or Google applies them on your behalf.

What you must require, however, is proof that your provider applies them. That falls under A.10 (third-party relationships), not A.6.

A.6.2.8 on event logging remains partially applicable. You must record how your employees use the tool — at minimum access and sensitive usage types.

A.7: data for AI, largely not applicable

Objective A.7 covers data used in the development and operation of AI systems. Five controls:

  • A.7.2 Data for AI system development and improvement.
  • A.7.3 Data acquisition.
  • A.7.4 Data quality for AI systems.
  • A.7.5 Data provenance.
  • A.7.6 Data preparation.

You do not provide training data to your provider. You provide questions, prompts, sometimes occasional files. These controls, in their primary intent, do not apply to you.

Watch out, though. If you use the “projects” feature in ChatGPT or Claude to upload internal documents, you enter a grey zone. The provenance and quality of data YOU provide become relevant, especially under Quebec’s Bill 25. At that point, A.7.4 and A.7.5 become applicable again in user mode.

What remains fully applicable

For a pure ChatGPT user SMB, these controls remain at the heart of the programme and CANNOT be removed from the statement of applicability:

A.10 deserves a word. It replaces the controls you just removed. You do not validate the model yourself? Fine. You must contractually require your provider to do so, and obtain a mechanism to verify they actually do. SOC 2 reports, supplier ISO 42001, compliance attestations, audit logs.

You cannot outsource responsibility. You can outsource execution.

How many controls do you have left?

Of the 38 total Annex A controls:

  • About 12 technical controls under A.6 and A.7 do not apply, or only residually (the 8 controls in A.6.1 and A.6.2 related to development, plus 4 of the 5 A.7 controls on data).
  • The other 26 remain applicable, at varying intensity depending on your actual usage.

For an SMB using AI for internal writing, administrative productivity, and a bit of customer support, we are talking about an AI governance programme that is entirely realistic to implement. Not trivial. But realistic.

Two traps to avoid

Trap 1. Do not let a consultant convince you to bill for applying all 38 controls. If you have no development, A.6 and A.7 are largely out of scope. Document the justification in your statement of applicability and move on.

Trap 2. Do not believe that “not doing AI” exempts you from the standard. As soon as an employee asks ChatGPT to draft an email to a client, you are in scope. You are an AI user. And being an AI user comes with responsibilities.

To do this week

If you are in this situation:

  1. Draft an acceptable use policy for AI, even a brief one.
  2. Identify the internal owner.
  3. Read your provider’s terms of use (OpenAI, Anthropic, Google) with particular attention to data processing.
  4. Document which employees use AI and for what purposes.
  5. Train your people on what they can put in it — but especially on what they must NOT put in it.

That represents about 80% of the useful work. The rest is documentation and periodic review.

Sources