AS ISO/IEC 42001:2023 (AU AI Management System)

Why it matters for NETEVO

This is one of the most load-bearing artefacts in NETEVO's AI governance substrate. Three reasons.

AU national-standard designation. The international ISO/IEC 42001:2023 is the global anchor; the Australian adoption AS ISO/IEC 42001:2023 is the AU-specific designation that listed-company boards and AU procurement teams look for. Citing the AS adoption signals operating at the level of the AU-specific normative reference — the AI management standard, adopted in Australia, that boards can reference by AS number in board papers.

The management-system shell for AI obligations. The standard is built on the same Harmonized Structure (HS, formerly Annex SL 9.1) as ISO 9001, ISO 27001, ISO 31000, and the ISO (2026) IMS Practical Guide. An organisation's existing management system can extend to cover AI without parallel-stack maintenance — the integration thesis the NETEVO Law-to-Code Methodology operationalises. NETEVO delivers AI-specific obligations into this shell.

Annex A is the operative artefact. The standard contains a normative Annex A reference set of AI-management-system controls covering policies on AI use, internal organisation of AI activity, resources for AI systems, impact assessments, AI system lifecycle management, data management, information for interested parties, AI system use, and third-party relationships. Annex B is implementation guidance for each Annex A control. The AICD/HTI eight elements of board-level AI governance map onto these Annex A control families almost cleanly, producing a board-readable spine: eight elements → AS ISO/IEC 42001 Annex A controls → engineered controls demonstrating each.