ISO 42001 is fifteen months old. Enough organisations have now moved through implementation — or stalled partway through — that the failure patterns are becoming clear. Some of them are familiar from ISO 27001 and ISO 27701 implementations. Others are specific to AI governance, and to the particular challenges of implementing a management system around a technology that many organisations are still trying to understand themselves.

This post covers the most common failure modes and what distinguishes the implementations that reach certification — and more importantly, that produce a functioning AI Management System — from the ones that produce paperwork.

Failure Mode 1: Starting with Controls Instead of Inventory

The most common way to fail at ISO 42001 is to start implementing controls before completing the AI inventory. It sounds like an obvious mistake, but it happens frequently — particularly in organisations where a compliance or information security team is driving the implementation without deep involvement from the teams that actually operate AI systems.

Without a complete AI inventory, you do not know what you are governing. Controls get designed for the AI systems the governance team is aware of — typically the high-profile ones — and miss the AI systems that have proliferated quietly across business functions. The result is an AIMS that covers 40% of the organisation’s actual AI footprint and provides a false sense of compliance.

Successful implementations start with a comprehensive AI inventory exercise that deliberately includes unglamorous AI: the vendor scheduling tools with embedded AI, the document processing pipeline that uses an LLM, the customer service routing tool that makes classification decisions. These are AI systems under ISO 22989’s definition, and they belong in your inventory.

Failure Mode 2: Treating AI Risk Assessment as an Extension of InfoSec Risk Assessment

Organisations with mature ISO 27001 programmes often import their information security risk assessment methodology into their ISO 42001 implementation without modification. This produces risk assessments that identify confidentiality, integrity, and availability risks to AI systems — but miss the risks that make AI governance distinct.

ISO 42001 requires risk assessment to address risks to affected individuals — the people whose lives are affected by your AI system’s outputs. It requires assessment of risks from model behaviour under distribution shift. It requires assessment of data fairness risks. None of these appear in a standard ISO 27001 risk assessment, because information security risk assessment is focused on risks to the organisation’s information assets, not risks to the people the organisation’s AI affects.

Successful implementations develop an AI-specific risk assessment methodology from the start — one that explicitly addresses human impact risks, model behaviour risks, and data provenance risks alongside the information security risks that carry over from the ISMS.

Failure Mode 3: Governance Without Technical Involvement

ISO 42001 implementation driven entirely by a compliance function, without genuine involvement from data science, engineering, and product teams, produces an AIMS that looks correct in documentation and fails in practice.

Human oversight controls that require data scientists to review and sign off on AI outputs are meaningless if the data science team was not involved in designing the review process and has no practical mechanism for conducting it. AI system documentation that describes model architecture inaccurately, because the documentation was written by a compliance team member who does not have the technical context, will not survive audit scrutiny.

Successful implementations treat AI governance as a cross-functional programme from the start. The compliance function provides the management system infrastructure. The technical functions provide the AI expertise. Neither can produce a functioning AIMS without the other.

Failure Mode 4: Scoping Too Broadly, Too Early

Organisations that attempt to bring their entire AI footprint into AIMS scope simultaneously almost always run into implementation fatigue. The documentation, risk assessment, and control implementation workload for 30 AI systems in parallel overwhelms the programme.

Successful implementations phase their scope deliberately. They identify the highest-risk AI systems — typically those making or influencing decisions that affect individuals, or those with the greatest regulatory exposure — and bring these into scope first. The governance infrastructure built for the first cohort is then extended to lower-risk systems progressively. The result is a certification audit that covers a meaningful and auditable scope, with a credible plan for extension.

Failure Mode 5: Certification as the End Goal

Implementations that treat ISO 42001 certification as the end goal — rather than as the first evidence checkpoint of a functioning AIMS — tend to produce systems that achieve certification and then stagnate. The internal audit programme runs pro forma. Management reviews happen but produce no meaningful actions. AI system changes occur without triggering AIMS updates. Within 18 months, the certified AIMS no longer reflects the organisation’s actual AI operations.

The fundamental issue is that AI moves faster than almost any other technology area. New AI systems are deployed. Existing systems are updated. Models drift. Deployment contexts change. An AIMS that was accurate at certification will require active maintenance to remain accurate — and organisations that treat certification as arrival rather than as a checkpoint discover this the hard way at their first surveillance audit.

Successful implementations build the maintenance programme before certification. They define triggers that require AIMS updates (new AI deployments, significant model changes, material context changes), assign ownership for those updates, and test the programme before the certification audit demonstrates that it operates in practice.

At Bitsecura, we have seen all of these failure modes, and we have designed our implementation methodology specifically to avoid them. We start with the AI inventory. We develop AI-specific risk assessment methodology with your technical teams. We scope implementations to be achievable and auditable on realistic timelines. And we build maintenance programmes that keep the AIMS accurate after certification, not just at certification.

If you are mid-implementation and recognise any of these patterns, or if you are about to begin and want to avoid them, reach out to us here.


Bitsecura provides ISO 42001 AIMS implementation, internal audit, and maintenance services. Learn more about our ISO 42001 services.