MetincTrust
All sample reports
Rohan CastellanoAI-generated
ISO/IEC 42001 Readiness Report

Rohan Castellano

Head of AI Platform · ApexHire
HR tech & recruiting
Role
provider, deployer
Complexity
high
Confidence
88 · High
AIMS scope
product line

As a provider, deployer with a high-complexity AIMS, your self-attested readiness is "Developing AIMS" (65/100). You are strongest in leadership, policy & accountability; the most material gap is in improvement.

Report saved

Your results are available through this secure link.

Unlock detailed reportRequest verified review
Full report · 40 pages

This is the free report. The full report is a 40-page comprehensive deep-dive — clause-by-clause gap matrix, Statement-of-Applicability mapping and a 30/60/90-day certification-prep roadmap.

Executive summary
Readiness score
65/ 100
Developing AIMS
Domain average
65raw

No foundational caps — the headline equals the weighted domain average.

Confidence
88High

Reflects how complete and consistent your scope and current-state answers are. Reported separately — it never changes readiness.

Foundational caps
0binding

Foundational AIMS gaps that cap the score and cannot be averaged away. See findings below.

What this assessment indicates

As a provider, deployer with a high-complexity AIMS, your self-attested readiness is "Developing AIMS" (65/100). You are strongest in leadership, policy & accountability; the most material gap is in improvement.

Strongest domain
Leadership, policy & accountability
Primary gap
Improvement
Immediate focus
Assess and test generative-AI risks (injection, leakage, hallucination)

Management-system domain performance

Score out of 100 · target 70
Leadership, policy & accountability
83.3
Context & AIMS scope
79.7
Operation & AI lifecycle control
78.2
Planning, risks, impacts & objectives
66.3
Support, competence & documented information
65
Value chain & third parties
65
Data & model controls
50.7
Performance evaluation
40
Improvement
33.8
0–24 Critical25–49 At risk50–74 Moderate75–100 Strong

Certification preparation

Significant prep required

Audit-readiness signals across the certification-critical artifacts — 2 of 8 appear in place.

Leadership-approved AI policyReady
AI risk assessment & treatment processReady
Statement of ApplicabilityPartial
AI system impact assessmentsPartial
Internal AIMS auditPartial
Management reviewPartial
Evidence organized for auditPartial
Certification body / audit planGap

Top strengths

  • Are content-safety controls (filtering, refusal, abuse handling) implemented for customer-facing generative AI? A.6.2.6
  • Is human review required before high-impact AI outcomes are finalized? A.9.2
  • Are the boundaries and applicability of the AI management system (AIMS) defined and documented? Clause 4.3

Top gaps

  • Are generative-AI risks (hallucination, IP leakage, data exfiltration, prompt injection) assessed and tested? A.5 / A.6
  • Is there an internal audit programme covering all AIMS clauses and applicable Annex A controls? Clause 9.2
  • Is the Statement of Applicability complete and consistent with the risk treatment plan? Clause 6.1.3
  • Have management reviews with documented inputs and outputs been conducted? Clause 9.3
  • Are impacts on health, safety, fundamental rights and fairness considered? A.5.2

Prioritized remediation roadmap

  1. P0
    Assess and test generative-AI risks (injection, leakage, hallucination)
    A.5 / A.6Owner: Security / MLBefore certification / 0–30 days
  2. P0
    Run internal audits across all AIMS clauses and Annex A
    Clause 9.2Owner: Internal AuditBefore certification / 0–30 days
  3. P0
    Hold management reviews with documented inputs and outputs
    Clause 9.3Owner: ExecutiveBefore certification / 0–30 days

Turn these findings into a certification-prep plan

Unlock the 40-page detailed report for a clause-by-clause gap matrix and a 30/60/90-day roadmap, or request a verified review with evidence and analyst input.

Unlock detailed reportRequest verified review

This is an informational, self-attested readiness result — not an ISO/IEC 42001 certification, accredited audit, conformity assessment, legal opinion, or proof that an AI management system meets the standard. No documents or evidence were reviewed. Foundational caps prevent a strong area from hiding a missing foundation; the confidence score reflects how complete and consistent your answers are, not whether controls truly exist.