Mapping against ISO 42001:2023 and/or the EU Artificial Intelligence (AI) Act
The AI Act & ISO 42001 Gap Analysis Tool will help your organisation easily map its current measures for AI use against legal requirements and internationally recognised best practices such as ISO 42001 and the EU AI Act. This two-in-one tool can perform a gap analysis against ISO 42001 and/or the EU AI Act, depending on your organisational requirements.
The tool is designed to support your organisation in its initial project planning by providing clear feedback on current compliance gaps that you can use to determine areas for action and set priorities. The EU AI Act came into force on 1 August 2024, and since 2 February 2025 it has prohibited organisations within the EU from having AI systems that pose unacceptable risk. Therefore, it is more important than ever to implementing appropriate measures. Other international expectations and requirements are also prompting organisations to implement an AIMS (AI management system), which can be certified against the ISO/IEC 42001:2023 standard, to reduce the risk they face from AI systems and tools.
As AI continues to develop in scale and integrates further into your systems, performing a gap analysis is a crucial step in developing an efficient AI strategy and ensuring good processes are in place.
What does the tool provide?
- Split into two sections, EU AI Act and ISO 42001, so you can perform analyses for both or an individual analysis.
- The EU AI Act section is divided into six sets of questions: general requirements, entity requirements, assessment and registration, general-purpose AI, measures to support innovation and post-market monitoring.
- Identify which requirements and sections of the AI Act are applicable by completing the provided screening questions. The tool will automatically remove any non-applicable questions.
- The ISO 42001 section is divided into two sets of questions: ISO 42001 six clauses and ISO 42001 controls as outlined in Annex A.
- Executive summary pages for both analyses, including by section or clause/control, the number of requirements met and compliance percentage totals.
- A clear indication of strong and weak areas through colour-coded analysis graphs and tables to highlight key areas of development and set project priorities.
The tool is designed to work in any Microsoft environment; it does not need to be installed like software, and does not depend on complex databases. It is reliant on human involvement.
The tool is not designed for conducting a detailed gap analysis or audit, which require a granular compliance assessment. If you require specialist help in this area, please contact us.
For more information, read our FAQ.
