MetincTrust
All sample reports
Aisha OkonkwoAI-generated
ISO/IEC 42001 Readiness Report

Aisha Okonkwo

VP, Customer Experience · Northwind Support Cloud
Software & SaaS
Role
developer, deployer
Complexity
medium
Confidence
100 · High
AIMS scope
product line

As a developer, deployer with a medium-complexity AIMS, your self-attested readiness is "Substantially ready" (81/100). You are strongest in context & aims scope; the most material gap is in data & model controls.

Report saved

Your results are available through this secure link.

Unlock detailed reportRequest verified review
Full report · 40 pages

This is the free report. The full report is a 40-page comprehensive deep-dive — clause-by-clause gap matrix, Statement-of-Applicability mapping and a 30/60/90-day certification-prep roadmap.

Executive summary
Readiness score
81/ 100
Substantially ready
Domain average
81raw

No foundational caps — the headline equals the weighted domain average.

Confidence
100High

Reflects how complete and consistent your scope and current-state answers are. Reported separately — it never changes readiness.

Foundational caps
0binding

Foundational AIMS gaps that cap the score and cannot be averaged away. See findings below.

What this assessment indicates

As a developer, deployer with a medium-complexity AIMS, your self-attested readiness is "Substantially ready" (81/100). You are strongest in context & aims scope; the most material gap is in data & model controls.

Strongest domain
Context & AIMS scope
Primary gap
Data & model controls
Immediate focus
Define data governance for AI data (quality, provenance, access)

Management-system domain performance

Score out of 100 · target 70
Context & AIMS scope
100
Leadership, policy & accountability
100
Planning, risks, impacts & objectives
100
Value chain & third parties
96.5
Operation & AI lifecycle control
83.8
Support, competence & documented information
65
Performance evaluation
65
Improvement
65
Data & model controls
40
0–24 Critical25–49 At risk50–74 Moderate75–100 Strong

Certification preparation

Foundations forming

Audit-readiness signals across the certification-critical artifacts — 4 of 8 appear in place.

Leadership-approved AI policyReady
AI risk assessment & treatment processReady
Statement of ApplicabilityReady
AI system impact assessmentsReady
Internal AIMS auditPartial
Management reviewPartial
Evidence organized for auditPartial
Certification body / audit planPartial

Top strengths

  • Are third-party AI providers, models and datasets risk-assessed before use? A.10.3
  • Are the boundaries and applicability of the AI management system (AIMS) defined and documented? Clause 4.3
  • Is there a maintained inventory of AI systems and use cases in scope of the AIMS? Clause 4 / A.4

Top gaps

  • Is data governance defined for data used in AI systems (acquisition, quality, provenance)? A.7
  • Are content-safety controls (filtering, refusal, abuse handling) implemented for customer-facing generative AI? A.6.2.6
  • Are generative-AI risks (hallucination, IP leakage, data exfiltration, prompt injection) assessed and tested? A.5 / A.6
  • Is there an internal audit programme covering all AIMS clauses and applicable Annex A controls? Clause 9.2
  • Is the Statement of Applicability complete and consistent with the risk treatment plan? Clause 6.1.3

Prioritized remediation roadmap

  1. P0
    Define data governance for AI data (quality, provenance, access)
    A.7Owner: Data / MLBefore certification / 0–30 days
  2. P0
    Implement content-safety controls for customer-facing generative AI
    A.6.2.6Owner: Product / SecurityBefore certification / 0–30 days
  3. P1
    Assess and test generative-AI risks (injection, leakage, hallucination)
    A.5 / A.6Owner: Security / ML30–60 days

Turn these findings into a certification-prep plan

Unlock the 40-page detailed report for a clause-by-clause gap matrix and a 30/60/90-day roadmap, or request a verified review with evidence and analyst input.

Unlock detailed reportRequest verified review

This is an informational, self-attested readiness result — not an ISO/IEC 42001 certification, accredited audit, conformity assessment, legal opinion, or proof that an AI management system meets the standard. No documents or evidence were reviewed. Foundational caps prevent a strong area from hiding a missing foundation; the confidence score reflects how complete and consistent your answers are, not whether controls truly exist.