<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:atom="http://www.w3.org/2005/Atom"
     xmlns:dc="http://purl.org/dc/elements/1.1/"
     xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>The AI Auditor – Insights</title>
    <link>https://der-ki-auditor.de/en/insights/</link>
    <description>Fact-checked articles on ISO/IEC 42001, ISO/IEC 27001 and the EU AI Act — for companies that want AI they can prove.</description>
    <language>en</language>
    <lastBuildDate>Sat, 20 Jun 2026 00:00:00 GMT</lastBuildDate>
    <atom:link href="https://der-ki-auditor.de/en/feed.xml" rel="self" type="application/rss+xml"/>
    <image>
      <url>https://der-ki-auditor.de/og-image.jpg</url>
      <title>The AI Auditor – Insights</title>
      <link>https://der-ki-auditor.de/en/insights/</link>
    </image>
    <item>
      <title>How to spot a credible AI consultant: check the legal notice</title>
      <link>https://der-ki-auditor.de/en/insights/how-to-spot-a-credible-ai-consultant/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/how-to-spot-a-credible-ai-consultant/</guid>
      <pubDate>Sat, 20 Jun 2026 00:00:00 GMT</pubDate>
      <category>Recht &amp; Normen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Half the world calls itself an AI consultant now. The most honest test takes two minutes: if the legal notice still cites the old TMG instead of the DDG, someone never checked their own AI output.</description>
      <content:encoded><![CDATA[<p>These days it feels like every second person calls themselves an AI consultant. The tools are cheap, the promises are big, and in the mid-market the uncertainty is high. The good news: you do not need a technical degree to tell substance from show. The most honest test takes two minutes and sits at the very bottom of every website.</p><p>I look at this as someone who audits rather than sells. In five industries and five countries I have run audits, from aviation to precision manufacturing. What an auditor learns: the one polished act says little. The small, unvarnished details say everything.</p><h2>The cheapest test almost nobody runs</h2><p>Scroll to the bottom of the consultant website and open the legal notice, in Germany the Impressum. If it still references the Telemediengesetz, the TMG, that is a first, quiet warning sign. The TMG was replaced in May 2024 by the Digital Services Act, the DDG. The obligation to publish a legal notice now sits in Section 5 DDG, not in the TMG anymore.</p><p>Sounds like a tiny detail. It is not. Many of these pages were written by an AI, or at least clicked together with one. And if someone never even proofread their own legal notice, then they did not check the output of their AI. On the very text that makes them legally easiest to attack.</p><blockquote>Anyone who does not check their own AI output is not someone I would trust with another companys processes.</blockquote><p>This is not legal advice and not a call to send warning letters. It is an assessment. An outdated legal notice does not make anyone a bad person. But it says something about the care with which someone works. And care is exactly what you expect from a person who is meant to touch your data and your processes.</p><h2>What an outdated legal notice also reveals</h2><p>The legal notice is a small, clearly regulated mandatory text. If even that is wrong, it hints at how someone works in general. Watch for these patterns:</p><ul><li>A reference to the TMG instead of the DDG, even though the DDG has applied since May 2024.</li><li>A dead link to online dispute resolution that leads nowhere.</li><li>Vague, generic wording that sounds like an unedited template.</li><li>No named, accountable person for the content.</li><li>Technical terms that do not fit together because they come from different templates.</li></ul><p>Each single sign is harmless on its own. Several together form a pattern. And patterns are exactly what an auditor watches for: not the one mistake, but the accumulation that shows how carefully or carelessly someone works. A single typo is human. A consistently unchecked web presence is a statement.</p><p>And yes, the same applies to my own trade. I have my legal notice checked regularly too. Not because I fear warning letters, but because I expect from others the same care I deliver myself. Anyone who sells scrutiny has to apply it to themselves first.</p><h2>Three sentences that make me listen closely</h2><p>In conversation a pretender gives themselves away faster than they would like. Three sentences make me sit up immediately:</p><ul><li>We will just build you an AI agent that handles it. Before anyone has understood the process.</li><li>The AI does that fully automatically, you do not need to check anything. The exact opposite of accountability.</li><li>We will deliver the numbers later. When the needs analysis ends without a tangible result on the table.</li></ul><p>None of these sentences is a crime in itself. But they reveal an attitude: technology before process, speed before care, promises before evidence. That order is exactly what leads to expensive surprises in operations.</p><h2>Process first, then the tool</h2><p>The most important sign shows in the first question. A credible advisor asks about your process first. A pretender talks about their tool immediately. Anyone who wants to build you an AI agent in the first meeting, without understanding your workflow, is not selling you a tool, but a risk.</p><p>Take three typical mid-market cases. An AI that pre-sorts applications. A camera with a model that inspects parts in final control. An AI that creates orders in the ERP. In all three the technology is the easy part. The hard part is the process behind it: who decides, who checks, what happens when it fails.</p><p>A picture from the shop floor: you would not buy an expensive CNC machine before it is clear which part it should make, in what quantity and to what tolerance. First the part, then the process, then the machine. With AI it is exactly the same. Put AI on a broken process and it just automates the mess, faster and more expensively. You get the same error, now a thousand times over and stamped objective.</p><p>A good advisor therefore brings order to the workflow first and asks about the tool second. That is less comfortable, because it sounds less like the future and more like homework. But it is the only path where something usable stands at the end.</p><blockquote>First the process. Then the tool. And only after that the AI.</blockquote><h2>A needs analysis is not an end in itself</h2><p>A needs analysis that ends with no tangible output, only the recommendation to keep consulting, is a warning sign. You then pay for the consultants learning curve, not for your own progress. Ask up front what concretely lands on the table at the end: a decision basis, a process map, a clear make-or-buy comparison.</p><p>Credible consulting makes itself redundant by making you capable. Poor consulting makes itself indispensable by building dependency. You tell them apart by whether something stays in your house after each meeting, something that carries on even without the consultant.</p><h2>Why an auditor asks differently than a salesperson</h2><p>A salesperson wants you to buy. An auditor wants it to hold. That difference sits in every question. The salesperson shows you what the AI could do. The auditor asks what happens when it gets it wrong, who notices, and how fast. For your business you need the second kind of person, even if the first sounds more pleasant.</p><p>This stance costs speed in the short term and saves money in the long run. I have seen enough businesses buy an expensive solution because the presentation was good, only to find a year later that nobody in the house could operate, check or, in an emergency, switch the thing off. The bill then comes twice: once for the tool and once for the cleanup.</p><h2>The accountable human on the letterhead</h2><p>Artificial intelligence does not carry liability. In the end a human always stands accountable, with their name, on the letterhead. A credible advisor knows this and names clearly who carries responsibility, instead of delegating it to a model.</p><p>Ask concretely: who checks the output? By what rule? Who signs at the end? If the answer is a shrug, you have your answer. A named person with a simple checking rule is worth more than any glossy presentation.</p><p>This same stance sits inside a management system for AI under ISO/IEC 42001: named accountability, checked output, documented processes instead of gut feeling. In the end an audit checks nothing other than whether there is a clear-headed human behind the tool and whether they can prove what they claim.</p><h2>Your quick check for the next consultant meeting</h2><p>You do not need to be an AI expert to ask the right questions. These five are enough to separate substance from show before you sign a contract.</p><ul><li>Does the legal notice cite the DDG or still the old TMG?</li><li>Does the advisor ask about my process first or about their tool first?</li><li>Can they show what the AI does on a real example, instead of just slides?</li><li>Who carries responsibility after the rollout, by name?</li><li>What happens when the AI gets it wrong, and who even notices?</li></ul><p>Anyone who answers these five confidently and concretely has understood what matters. Anyone who dodges, shows slides and talks about big promises without letting you touch a single example has not. And that is an answer in itself.</p><p>One closing thought that goes beyond the single meeting. Choosing a consultant is not just choosing a tool, but a dependency. You hand someone your workflows, your data and a piece of your future. That decision deserves the same standards as a new supplier in production: references, traceability, clear accountability. Nobody would put a supplier into the series without checking, just because sales were likeable. With AI consulting that happens surprisingly often.</p><p>The legal-notice test is only the first, cheap filter. It does not replace a thorough check, but it sorts out the obvious cases quickly. If someone cannot even keep their own mandatory text clean, you do not need to discuss the hard questions at all. And if the legal notice is fine, the good questions only begin. Either way it is time well spent, long before the first euro changes hands.</p>]]></content:encoded>
    </item>
    <item>
      <title>Spotting AI hype: telling substance from show</title>
      <link>https://der-ki-auditor.de/en/insights/spot-ai-hype-substance-over-show/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/spot-ai-hype-substance-over-show/</guid>
      <pubDate>Sat, 20 Jun 2026 00:00:00 GMT</pubDate>
      <category>Grundlagen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>LinkedIn is full of AI experts with precise numbers and ready-made tools. How to tell in two minutes whether there is substance behind the act, or just well-packaged hot air.</description>
      <content:encoded><![CDATA[<p>My LinkedIn feed is full of AI experts. Precise percentages, an uncomfortable truth, then a finished tool and a call to drop a codeword in the comments. It sounds like insider knowledge. Most of the time it is a template that thousands reuse. The good news: the tricks repeat, and once you see the pattern, you spot it everywhere.</p><p>I look at this as someone who audits rather than sells. What an auditor learns: the polished act says little. The small details say everything. Here are the patterns that separate well-packaged hot air from real substance.</p><h2>Invented numbers with decimal places</h2><p>The first warning sign is numbers that are too precise. If someone writes that a certain behaviour triggers exactly 15.6 percent more of something, pay attention. Decimal places are meant to sound serious. They are almost never backed by evidence. Real numbers come with a source and context, or they do not come at all.</p><p>As an auditor I follow a simple rule: a verifiable number or no number. A claim without checkable evidence is not a fact, it is an opinion in costume. Ask politely for the source. Substance gives you an answer. Show gives you an evasion.</p><h2>Help or bait?</h2><p>The second pattern is the bait. Drop a codeword in the comments and I will send you the PDF. It boosts reach in the short term, but it is a mechanic, not a gift. You type a word, the post gets interaction, and you land in a sales funnel.</p><p>Real help is openly accessible. Anyone who genuinely wants to give you something links the article, shows the example, names the source. Anyone who first routes you through a comment and a direct message is optimising their funnel, not your knowledge. It is not forbidden, but you should see it for what it is.</p><blockquote>Substance is shared openly. Show is kept scarce and behind a price.</blockquote><h2>Selling a tool instead of understanding the process</h2><p>The third and most important sign shows up in conversation. A credible advisor asks about your process first. A pretender talks about their tool immediately. Anyone who wants to build you an AI agent in the first meeting, without understanding your workflow, is not selling you a tool, but a risk.</p><p>Take three typical mid-market cases. An AI that pre-sorts applications. A camera with a model that inspects parts in final control. An AI that creates orders in the ERP. In all three the technology is the easy part. The hard part is the process behind it: who decides, who checks, what happens when it fails. Put AI on a broken process and it just automates the mess, faster and more expensively.</p><h2>The self-appointed AI elite</h2><p>The fourth pattern is the self-appointed elite. Lots of stage, lots of webinars, big words about the future. The uncomfortable question is: what has this person actually built, implemented or been accountable for? Anyone who never stood on the shop floor and never paid for their own mistake talks about AI the way people talk about the weather.</p><p>I have run audits in five industries, from aviation to precision manufacturing, in five countries, with over 1,200 documented audit hours. That does not make me the smartest person in the room. But I know what it is like when a process stops at half past three in the morning because a model fails to recognise something. You can hear that grounding in a person. You can also hear when it is missing.</p><h2>Buzzword bingo as a substitute for substance</h2><p>The fifth sign is the language. If a sentence collapses once you remove the fashionable words, there was nothing in it. Run the test: cut forward-looking, holistic, scalable and synergy from a consultant sentence. Is there a concrete statement left, or only hot air?</p><p>Substance sounds unspectacular. It names the part, the process, the number, the limit. It also says what does not work. That admission of limits is itself a sign of quality. Anyone who tells you AI solves everything has either understood nothing or wants to sell you something.</p><h2>Your hype filter in five questions</h2><p>You do not need to be an AI expert to separate the wheat from the chaff. These five questions are enough before you listen to someone, let alone sign a contract.</p><ul><li>Are the numbers backed by a source and context, or just made precise?</li><li>Is the help openly accessible, or tied to a bait and a direct message?</li><li>Does the person ask about my process first, or about their tool first?</li><li>What has this person actually built, implemented or been accountable for?</li><li>Is there a concrete statement left once I delete the buzzwords?</li></ul><p>Anyone who answers these confidently and concretely has substance. Anyone who dodges, shows slides and talks about the big future without letting you touch a single example does not. It is no guarantee, but a reliable first filter.</p><p>And yes, the same principle shows up in the smallest detail. Anyone who does not even keep their own legal notice up to date is not checking their AI output either. Hype is loud. Substance is quiet and verifiable. When in doubt, trust the quiet.</p>]]></content:encoded>
    </item>
    <item>
      <title>Cyber Resilience Act: what device and machine manufacturers must know now</title>
      <link>https://der-ki-auditor.de/en/insights/cyber-resilience-act-manufacturers/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/cyber-resilience-act-manufacturers/</guid>
      <pubDate>Thu, 18 Jun 2026 00:00:00 GMT</pubDate>
      <category>Recht &amp; Normen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>The Cyber Resilience Act requires manufacturers of products with digital elements to deliver cybersecurity across the lifecycle, EU-wide. Who it affects, which deadlines apply, and why ISO 27001 is the natural foundation.</description>
      <content:encoded><![CDATA[<p>While everyone watches the AI Act, a second duty is approaching for mid-sized manufacturers: the Cyber Resilience Act. It affects not only software houses, but anyone placing products with digital elements on the market, including connected machines, controllers and devices. A first stage already applies from June 2026.</p><h2>Who the CRA affects</h2><p>It covers products with digital elements, from pure software to the connected machine. Whoever manufactures, imports or distributes has duties. Unlike before, cybersecurity becomes a precondition for market access in the EU, no longer a voluntary extra, but part of the CE marking.</p><h2>The core obligations</h2><p>At its core the CRA demands three things: security by design and by default, that is, security from the start rather than bolted on. A working vulnerability management across the whole lifecycle, including security updates. And reporting duties: actively exploited vulnerabilities and serious incidents must be reported within short deadlines. On top come technical documentation and the conformity evidence.</p><h2>The deadlines</h2><p>The CRA applies in stages. A first stage, among others on conformity assessment bodies, applies from June 2026. The reporting duties and the full manufacturer obligations phase in towards 2027. Those who build products with long development and service lives should start now, not just before the deadline.</p><h2>Why ISO 27001 is the natural foundation</h2><p>At its core the CRA requires a structured approach to information security and vulnerabilities. An information security management system to ISO/IEC 27001 provides exactly that frame: risk management, access control, a secure development process and vulnerability and incident management. It does not satisfy the CRA automatically, because the CRA adds product-specific requirements. But it is the foundation the product duties build on cleanly. How to connect the two, we clarify in a free initial call.</p>]]></content:encoded>
    </item>
    <item>
      <title>Prompt injection cannot be patched away, only contained</title>
      <link>https://der-ki-auditor.de/en/insights/prompt-injection-ai-agents-supply-chain/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/prompt-injection-ai-agents-supply-chain/</guid>
      <pubDate>Wed, 17 Jun 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Prompt injection is not a bug but an architectural weakness of language models. What that means for AI agents and the AI supply chain, and how to contain the risk with ISO 27001, ISO 42001 and the EU AI Act.</description>
      <content:encoded><![CDATA[<p>The picture is clear: the current OWASP report on AI agent security (as of June 2026) gathers real incidents for the first time, not just theory. The uncomfortable message: prompt injection is not a flaw the next patch fixes. It is a design feature of today&apos;s language models.</p><h2>Why prompt injection stays</h2><p>A language model has no built-in boundary between &quot;this is a command from me&quot; and &quot;this is just data I am reading&quot;. Inject instructions into a document, an email, a web page or a code comment, and you can make the model execute them as a command. Filters and tight permissions lower the risk, they do not remove it. With an agent that acts on its own, a wrong answer becomes a wrong action: an email, an order, a system access.</p><h2>The second, often-missed risk: the AI supply chain</h2><p>AI agents are rarely a single piece. They use frameworks and open-source components, which in turn use other components. Poison one of them and every project inherits the weakness, often thousands of times and unnoticed. That is exactly what surfaced recently: a manipulated package deep in the supply chain of widely used agent libraries. If you buy AI components, you buy their weaknesses too.</p><h2>What actually protects</h2><p>Not the promise to patch the problem away, but consistent containment in several places at once:</p><table><tr><th>Risk</th><th>Measure</th><th>Anchor</th></tr><tr><td>Injected commands (prompt injection)</td><td>Validated inputs and outputs, separate command from data</td><td>ISO/IEC 27001 (integrity)</td></tr><tr><td>Over-privileged agent</td><td>Least privilege per action</td><td>ISO/IEC 27001 Annex A (access)</td></tr><tr><td>Risky autonomous actions</td><td>Human approval, limits, sandbox</td><td>EU AI Act Art. 14 (oversight)</td></tr><tr><td>Poisoned components</td><td>Check provenance, pin versions, harden the supply chain</td><td>ISO/IEC 27001 (supply chain)</td></tr><tr><td>Unnoticed misbehaviour</td><td>Monitoring, audit trail</td><td>ISO/IEC 42001 clause 9</td></tr></table><h2>Where this docks into standards</h2><p>If you run ISO/IEC 27001 and ISO/IEC 42001 properly, the framework is already in place: access control, integrity and supply-chain security from 27001, AI risk and monitoring from 42001, human oversight from the AI Act. For agents, what is added are mainly action guardrails and a harder supply chain. How to set this up in your organisation, we clarify in a free initial call.</p>]]></content:encoded>
    </item>
    <item>
      <title>Why customers will soon require ISO 42001 from AI vendors</title>
      <link>https://der-ki-auditor.de/en/insights/why-customers-require-iso-42001-from-ai-vendors/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/why-customers-require-iso-42001-from-ai-vendors/</guid>
      <pubDate>Tue, 16 Jun 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO/IEC 42001 is becoming a selection criterion for AI providers. What that means for your procurement and supply chain, and how to audit AI vendors against the standard before your own customers demand the evidence from you.</description>
      <content:encoded><![CDATA[<p>ISO/IEC 42001 is shifting from a nice-to-have to a buying criterion. Large providers are getting certified, and tenders increasingly carry the question: do you have an AI management system to ISO 42001? If you have nothing to show, you drop off the shortlist faster than you would like.</p><h2>From certificate to buying criterion</h2><p>Once the first large providers are certified, the standard becomes the benchmark everyone else is measured against. You know this from quality: when ISO 9001 became the norm, the question was no longer whether but when. With AI the same mechanism is starting, only faster, because the pressure comes from the EU AI Act, customers and liability at the same time.</p><h2>Why you are on the hook for your vendors&apos; AI</h2><p>If you deploy bought-in AI, in a product, in a hiring process, in quality inspection, you carry responsibility and evidence duties as the deployer, regardless of where the model comes from. A bought-in part that is not under control is your problem, not the supplier&apos;s. That is exactly why relying on the vendor&apos;s marketing slide is not enough.</p><h2>Auditing AI vendors against ISO 42001</h2><p>A second-party audit against ISO 42001 turns trust into evidence. What is checked is not the model itself, but whether the supplier has it under control:</p><table><tr><th>Question for the AI vendor</th><th>What matters</th></tr><tr><td>Is there an AI management system (AIMS)?</td><td>Lived processes, not just a folder</td></tr><tr><td>Are AI risks assessed and treated?</td><td>Impact assessment, clear owners</td></tr><tr><td>How are data and models governed?</td><td>Provenance, quality, traceable changes</td></tr><tr><td>Is operation monitored?</td><td>Drift, misbehaviour, audit trail</td></tr><tr><td>Is there an incident process?</td><td>Who reacts how when the AI goes wrong</td></tr></table><h2>Act now, before the customer asks</h2><p>The topic has two sides, and both are yours: build your own AIMS, because you will be asked for it, and audit your AI vendors, because you are on the hook. Tackle both early and you negotiate from strength instead of scrambling to produce evidence under time pressure. How a supplier audit against ISO 42001 looks for you, we clarify in a free initial call.</p>]]></content:encoded>
    </item>
    <item>
      <title>EU AI Act delayed: what the Digital Omnibus to 2027 really means</title>
      <link>https://der-ki-auditor.de/en/insights/ai-act-delayed-digital-omnibus-2027/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/ai-act-delayed-digital-omnibus-2027/</guid>
      <pubDate>Tue, 16 Jun 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>The EU is stretching the AI Act through the Digital Omnibus: high-risk obligations move to December 2027, AI embedded in products to August 2028. What stays, what is merely deferred, and why &quot;delayed&quot; does not mean &quot;gone&quot;.</description>
      <content:encoded><![CDATA[<p>The EU AI Act was billed as the world&apos;s most ambitious AI rulebook. Now it is being stretched in time and freed from overlapping requirements through the so-called Digital Omnibus. Many headlines read like an all-clear. That is the wrong lesson. What moves are mainly the deadlines for high-risk systems, the risk-based core stays, and in places Brussels is even tightening.</p><h2>What has actually changed</h2><p>The official reason for the deferral is that the necessary tools were missing: harmonised standards were not ready and national authorities not fully designated. On top came significant industry pressure. What moves and what stays, at a glance:</p><table><tr><th>Obligation</th><th>Before</th><th>Status after Omnibus</th></tr><tr><td>High-risk AI (Annex III, e.g. employment, education, biometrics)</td><td>from 2 August 2026</td><td>deferred to 2 December 2027</td></tr><tr><td>AI in regulated products (Annex I, e.g. machinery, lifts)</td><td>staggered</td><td>deferred to 2 August 2028</td></tr><tr><td>Prohibited practices</td><td>since 2 February 2025</td><td>remain unchanged</td></tr><tr><td>AI literacy obligation (Art. 4)</td><td>since 2 February 2025</td><td>downgrade proposed, officially still applies</td></tr><tr><td>GPAI obligations (general-purpose models)</td><td>since 2 August 2025</td><td>remain in force</td></tr><tr><td>Labelling of AI content (towards Art. 50)</td><td>in progress</td><td>Code of Practice, if anything moving forward</td></tr></table><p>Worth being precise: the downgrade of the AI literacy obligation is part of the Omnibus proposal, on the Commission&apos;s official AI Act page the obligation still applies as of February 2025. So &quot;abolished&quot; would be wrong, &quot;to be downgraded&quot; is correct.</p><h2>Why the delay happened</h2><p>It was driven by an open letter from around 46 European corporations calling for a two-year stop, including names such as ASML, SAP and Siemens, with political backing from Germany for an exemption of industrial AI. The Siemens CEO made public that most of a billion-euro investment in industrial AI would go to the United States if the AI Act is not adapted. That unrealistic deadlines and missing standards are being stretched is understandable, not a scandal but a dose of realism.</p><h2>The wrong lesson: delayed means done</h2><p>Turning this into &quot;let&apos;s just wait&quot; is a mistake for three reasons. First, prohibitions and GPAI duties already apply, and a new ban on non-consensual deepfakes was even added. Second, the real pressure does not hang on Brussels alone: customers, supply chains, liability and insurers ask for evidence regardless of any deadline. Third, December 2027 arrives faster than mid-sized companies think, and building a robust management system takes months, not days.</p><h2>The right lesson: build on a system, not on a date</h2><p>Precisely because the rules drift with the political wind, it is a mistake to build your AI system to a Brussels date. What is robust is a management system to ISO/IEC 42001: it makes you audit-ready independent of the exact deadline and adapts whether the rules tighten or loosen. Governance then is a capability, not a box ticked on a date. And speed needs guardrails, not bureaucracy: ISO 42001 enables speed with provability, instead of banning speed or racing blind.</p><p>In short: the AI Act gains more time, not less relevance. Those who build their AI management system now are ahead whether the rules loosen or tighten. How that looks in your organisation, we clarify in a free initial call.</p>]]></content:encoded>
    </item>
    <item>
      <title>Does ISO 42001 make me AI Act compliant? Harmonised standards explained</title>
      <link>https://der-ki-auditor.de/en/insights/does-iso-42001-make-me-ai-act-compliant/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/does-iso-42001-make-me-ai-act-compliant/</guid>
      <pubDate>Mon, 15 Jun 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO/IEC 42001:2023 is the best preparation for the EU AI Act, but not a legal free pass. Why the presumption of conformity only comes through harmonised EN standards (EN 18286) and what that means in practice.</description>
      <content:encoded><![CDATA[<p>Many hear &quot;ISO 42001&quot; and think they are safe under the EU AI Act. It is not that simple. And to clear up a second misconception right away: there is no ISO 42001:2026, the current and only edition is the 2023 one.</p><h2>ISO/IEC 42001:2023, and no 2026 version</h2><p>At ISO the standard sits at stage 60.60, which simply means: published International Standard, currently in force. What you may meet as &quot;EN ISO/IEC 42001&quot; is only the European adoption of the same text into the EN catalogue. The year in that designation is the year of European ratification, not a new, technically changed edition. Anyone promising a fresh version of the standard is mistaken.</p><h2>What presumption of conformity (Article 40) means</h2><p>The AI Act works with a presumption of conformity: whoever meets a harmonised standard whose reference is published in the EU Official Journal is presumed to conform with the corresponding requirements of the law. That is a real easing of the burden of proof. But it hangs on exactly that word: harmonised.</p><h2>Why ISO 42001 alone does not carry it</h2><p>ISO/IEC 42001 is an international standard outside the EU harmonisation process and does not cover every requirement of the AI Act. The dedicated harmonised standard is developed separately by CEN-CENELEC JTC 21. For AI management systems, EN 18286 is expected to fulfil the full set of regulatory requirements. The first harmonised standards are expected in 2026, after which the Commission assesses publishing the references in the Official Journal.</p><table><tr><th></th><th>ISO/IEC 42001:2023</th><th>Harmonised EN standard (EN 18286)</th></tr><tr><td>Purpose</td><td>Build and run an AI management system</td><td>Evidence conformity with AI Act requirements</td></tr><tr><td>Presumption of conformity (Art. 40)</td><td>no</td><td>yes, once published in the Official Journal</td></tr><tr><td>Status</td><td>published, in force (stage 60.60)</td><td>in development, expected 2026</td></tr></table><h2>What this means in practice</h2><p>ISO 42001 is still the right step now, not later. The building blocks are the same ones the AI Act demands: know and treat AI risks, set roles and controls, monitor operation. Build that today and you have the substance in place. The later alignment to the harmonised standard is then a delta, not a restart. Those who wait for the finished standard end up building twice and under time pressure. How to start cleanly, we clarify in a free initial call.</p>]]></content:encoded>
    </item>
    <item>
      <title>ISO 42001 vs SOC 2: which one do you need?</title>
      <link>https://der-ki-auditor.de/en/insights/iso-42001-vs-soc-2/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/iso-42001-vs-soc-2/</guid>
      <pubDate>Sun, 14 Jun 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO/IEC 42001 and SOC 2 solve different problems, AI governance versus service-organisation controls. A clear side-by-side, when to choose which, and why they often go together.</description>
      <content:encoded><![CDATA[<p>US and UK buyers often ask it directly: &quot;Do you have SOC 2, or is ISO 42001 enough?&quot; The honest answer is that they are not alternatives. They answer different questions, and which one you need depends on what you sell and who is asking.</p><h2>Side by side</h2><table><tr><th></th><th>ISO/IEC 42001</th><th>SOC 2</th></tr><tr><td>What it is</td><td>International management-system standard for AI (AIMS)</td><td>US attestation report on a service organisation&apos;s controls (AICPA)</td></tr><tr><td>Focus</td><td>Governing AI responsibly across the life cycle</td><td>Security, availability, processing integrity, confidentiality, privacy</td></tr><tr><td>Output</td><td>A certificate from an accredited body</td><td>An auditor&apos;s report (Type I = point in time, Type II = over a period)</td></tr><tr><td>Recognition</td><td>International, certifiable</td><td>Strong in the US market, widely requested by US customers</td></tr><tr><td>Best when</td><td>Your product uses or provides AI</td><td>US customers want assurance on how you handle their data</td></tr><tr><td>Renewal</td><td>3-year cycle with annual surveillance</td><td>Typically annual (Type II covers a period, e.g. 6–12 months)</td></tr></table><h2>When to choose which</h2><ul><li>Choose ISO/IEC 42001 if you build, deploy or sell AI and need to govern it, and especially if the EU AI Act touches your market.</li><li>Choose SOC 2 if your buyers (often US-based) want assurance about the security and handling of the data you process as a service provider.</li><li>Do both if you are a SaaS or AI vendor selling into both the US and the EU, SOC 2 reassures on data handling, ISO 42001 proves responsible AI governance.</li></ul><h2>The good news: the work overlaps</h2><p>Both rest on the same backbone, risk management, access control, monitoring, documented processes. If you run an ISO/IEC 27001 ISMS, you already cover much of SOC 2&apos;s security criteria and a large part of ISO 42001&apos;s structure. One control set, several frameworks: that is where an integrated management system pays off, and where I help you avoid doing the same work three times.</p><p>Not sure which your customers actually require? A short call usually settles it, and saves you from certifying the wrong thing first.</p>]]></content:encoded>
    </item>
    <item>
      <title>Which documents does ISO 42001 need? The ~20 documents at a glance</title>
      <link>https://der-ki-auditor.de/en/insights/which-documents-iso-42001-needs/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/which-documents-iso-42001-needs/</guid>
      <pubDate>Sun, 14 Jun 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO/IEC 42001 does not require a mountain of paper but around 20 real documents, grouped into policies, procedures and records and mapped to the relevant clause. The complete, audit-ready overview.</description>
      <content:encoded><![CDATA[<p>&quot;Do we now have to write hundreds of pages?&quot; is the most common worry before an ISO 42001 implementation. The answer: no. The standard does not require a mountain of paper but around 20 real documents, and they follow logically from two sources and sort into three categories. Once you see that, the fear of documentation disappears.</p><h2>Two sources, three categories</h2><p>The documents come from clauses 4 to 10 of the standard (the management-system requirements) and from Annex A (38 controls in 9 objectives). Bundled, that is around 20 real documents, and each is either a policy, a procedure or a record:</p><ul><li>Policies, how you govern AI (maintained, i.e. kept current).</li><li>Procedures, how you operate the system step by step (maintained).</li><li>Records, evidence that the system actually ran (retained).</li></ul><h2>Category 1, Policies</h2><table><tr><th>Clause</th><th>Document</th></tr><tr><td>5.2 / A.2</td><td>AI policy, the top-level governance document</td></tr><tr><td>6.2</td><td>AI objectives</td></tr><tr><td>A.6</td><td>AI development policy</td></tr><tr><td>A.9</td><td>Acceptable use policy</td></tr><tr><td>A.7</td><td>Data management policy</td></tr><tr><td>A.8 / A.10</td><td>Supplier &amp; customer policy</td></tr></table><h2>Category 2, Procedures</h2><table><tr><th>Clause</th><th>Document</th></tr><tr><td>4.3</td><td>Defining the AIMS scope</td></tr><tr><td>6.1</td><td>AI risk assessment methodology</td></tr><tr><td>6.1</td><td>AI risk treatment plan</td></tr><tr><td>A.5</td><td>AI impact assessment procedure</td></tr><tr><td>A.6</td><td>AI life-cycle procedure</td></tr><tr><td>A.4</td><td>Management of AI resources</td></tr><tr><td>7.5</td><td>Control of documents &amp; records</td></tr></table><h2>Category 3, Records</h2><table><tr><th>Clause</th><th>Document</th></tr><tr><td>6.1.3</td><td>Statement of Applicability (SoA)</td></tr><tr><td>7.2</td><td>Competence records</td></tr><tr><td>8.2</td><td>AI risk assessment results</td></tr><tr><td>8.3</td><td>Risk treatment results</td></tr><tr><td>8.4</td><td>Impact assessment results</td></tr><tr><td>9.1</td><td>Monitoring &amp; measurement results</td></tr><tr><td>9.2</td><td>Internal audit, programme &amp; results</td></tr><tr><td>9.3</td><td>Management review minutes</td></tr><tr><td>10.2</td><td>Nonconformity &amp; corrective actions</td></tr></table><h2>The simple logic: maintain or retain?</h2><p>If you are unsure which category a document belongs to, ask one question: does it state HOW we do something, or does it prove THAT we did it? The first is a policy or procedure and is maintained (kept current, versioned). The second is a record and is retained (logs, minutes, audit reports, assessment and impact-assessment results).</p><blockquote>Good documentation is not the thickest, but the one actually used in operations, and findable in minutes during the audit.</blockquote><h2>How we approach it</h2><p>You do not have to invent these ~20 documents from scratch. I bring proven templates mapped to the standard&apos;s clauses and adapt them to your real operation, lean, audit-ready and without duplication where an ISO 27001 or 9001 already exists. The result is a document set that passes the audit and holds up in day-to-day work.</p>]]></content:encoded>
    </item>
    <item>
      <title>How long does ISO 42001 take? A realistic timeline</title>
      <link>https://der-ki-auditor.de/en/insights/how-long-does-iso-42001-take/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/how-long-does-iso-42001-take/</guid>
      <pubDate>Sun, 14 Jun 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>From gap analysis to certification readiness: a realistic week-by-week timeline for an ISO 42001 implementation in a mid-sized company, and the factors that really drive the duration.</description>
      <content:encoded><![CDATA[<p>After cost, &quot;how long does it take?&quot; is the next question everyone asks, and the honest answer is a range, not a date. For a mid-sized company, three to nine months is realistic. A well-run project with a clear scope typically lands at around five months, roughly 22 weeks from the first assessment to certification readiness.</p><p>One clarification up front: this is the time to readiness for the external certification audit. The audit itself (Stage 1 and Stage 2) is scheduled separately by the accredited certification body, with its own lead time.</p><h2>The timeline in six phases</h2><p>This sequence follows a real implementation project, tailored to ISO 42001, the AI-specific steps (AI inventory, risk and impact assessment) are added:</p><table><tr><th>Phase</th><th>Week</th><th>What happens</th><th>Output</th></tr><tr><td>1 · Initiation</td><td>1–2</td><td>Build standard knowledge, set up the project, gap analysis / pre-audit</td><td>Gap report, project plan</td></tr><tr><td>2 · Planning</td><td>3–4</td><td>Context, interested parties, scope, inventory of AI systems</td><td>Scope, AI inventory, stakeholder list</td></tr><tr><td>3 · Development</td><td>5–9</td><td>AI policy, objectives, AI risk and impact assessment, control selection (SoA), documented information</td><td>Policy, risk register, SoA, procedures</td></tr><tr><td>4 · Implementation</td><td>10–14</td><td>Training, roll out processes, establish human oversight and monitoring, collect evidence</td><td>Processes in use, first evidence</td></tr><tr><td>5 · Review</td><td>15–18</td><td>Internal audit, management review, corrective actions</td><td>Audit report, management review, action plan</td></tr><tr><td>6 · Certification</td><td>19–22</td><td>Select certification body, Stage 1 and Stage 2 audit</td><td>Certification readiness, audit date</td></tr></table><h2>What really drives the duration</h2><ul><li>Existing foundation: a live ISO 27001 (or ISO 9001) already provides structure, roles and management review, a clear shortcut, because ISO 42001 shares the same base structure (Annex SL).</li><li>A clear scope: a few clearly bounded AI systems go faster than &quot;everything that is somehow AI&quot;.</li><li>Internal effort: whether your people have weekly time decides the pace more than any method. The most common cause of delay is not complexity but missing internal capacity.</li><li>AI maturity: if you already document and monitor your AI, you are faster than starting from zero.</li></ul><h2>The external audit: what drives the number of audit days</h2><p>How many audit days the certification body allocates depends, per ISO/IEC 42006:2025 (Table A.1), explicitly not on your total headcount but on the number of people involved in the AI life cycle and your role (AI provider, AI deployer, or both). A company with 500 employees but only 15 people working with the AI is audited like a small organisation, the single most misunderstood lever.</p><p>For orientation, rounded guide values for the initial audit per ISO/IEC 42006:2025: up to around 10 people involved with the AI, roughly 3.5 to 5 audit days; up to ~25 people, roughly 4.5 to 7 days; up to ~85 people, roughly 7.5 to 11 days. An AI provider sits higher than a pure AI deployer. Adjustments apply for the number of AI systems, the regulatory frameworks involved and high-risk applications. Annual surveillance audits are considerably shorter.</p><h2>What makes it faster</h2><p>Three levers shorten the timeline without cutting quality: a tightly drawn scope for the initial certification (you can extend it later), building on an existing management system rather than reinventing it, and AI-assisted templates for policy, risk register and evidence. The last mainly shortens the documentation phase, but not the external audit, whose scope follows fixed accreditation rules.</p><p>I estimate the realistic timeframe for your case after a short assessment, more reliable than any flat figure, because it depends on your foundation and scope.</p>]]></content:encoded>
    </item>
    <item>
      <title>Is PECB recognised in the US and UK? Accreditation explained</title>
      <link>https://der-ki-auditor.de/en/insights/is-pecb-recognised-us-uk/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/is-pecb-recognised-us-uk/</guid>
      <pubDate>Sun, 14 Jun 2026 00:00:00 GMT</pubDate>
      <category>Grundlagen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>PECB vs in-house training certificates: why an ISO/IEC 17024 accredited personnel certification is internationally recognised, including in the US and UK, and how to tell the difference before you enrol.</description>
      <content:encoded><![CDATA[<p>&quot;Will this certificate actually count where I work?&quot; is the right question to ask before booking any auditor course. The market blurs three very different things under the single word &quot;certificate&quot;. Once you separate them, the answer becomes simple.</p><h2>The only thing that matters: accreditation</h2><p>A personnel certificate is not valuable because it says &quot;PECB&quot; or &quot;TÜV&quot; on it, but because the issuing body is accredited to ISO/IEC 17024, the international standard for &quot;bodies operating certification of persons&quot;. Accredited means an independent national accreditation body has assessed and continuously monitors the certifier. Only that accreditation makes a certificate comparable and recognised across borders.</p><ul><li>Attendance confirmation: proves only that you were present. No exam, no certification.</li><li>A provider&apos;s in-house certificate: the provider attests your learning itself. It sounds like certification but is not an accredited personnel certification, recognition effectively stops at that provider.</li><li>Accredited personnel certification (ISO/IEC 17024): independent exam, issued by an accredited certification body, mutually recognised internationally.</li></ul><h2>Where PECB stands</h2><table><tr><th>Feature</th><th>PECB</th><th>TÜV (training arm)</th><th>IRCA / CQI</th></tr><tr><td>What it is</td><td>Accredited personnel certification body</td><td>Training provider; certificate may be in-house or accredited</td><td>Professional body that registers auditors</td></tr><tr><td>ISO/IEC 17024 accredited</td><td>Yes, by IAS, UKAS, COFRAC</td><td>Sometimes; sometimes in-house, check the specific offer</td><td>Registration, not its own 17024 exam</td></tr><tr><td>International recognition</td><td>Worldwide via the accreditors&apos; IAF MLA</td><td>Strong in DACH; international depends on accreditation</td><td>Established in the QM/audit community</td></tr><tr><td>ISO/IEC 42001 (AI) offered</td><td>Yes, Foundation to Lead Auditor</td><td>Emerging, varies by provider</td><td>Schemes emerging</td></tr><tr><td>Model</td><td>Training separate from exam/certification</td><td>Training and certificate often from one hand</td><td>Membership + evidence of audit practice</td></tr></table><p>PECB is accredited to ISO/IEC 17024 by the International Accreditation Service (IAS), UKAS (United Kingdom) and COFRAC (France). All three are signatories to the IAF Multilateral Recognition Arrangement, the mutual-recognition agreement of the International Accreditation Forum. That is what makes your PECB certificate recognised in roughly a hundred countries, the US and UK included. It is exactly why I deliver official PECB courses rather than my own in-house certificate.</p><p>One point on roles, because clean separation is what carries the recognition: I act as the authorised PECB trainer for the course. The exam and the certification itself are issued solely by PECB as the accredited body, not by me.</p><h2>What to check before you enrol</h2><ul><li>Does it say &quot;accredited to ISO/IEC 17024&quot;, and by which accreditation body?</li><li>Is it a personnel certification or merely an attendance confirmation?</li><li>Are exam and certificate included, or billed separately (often four figures)?</li><li>Is training cleanly separated from certification?</li></ul><p>Check those four points and you make a decision your employer or a client can follow, which is the whole point of an auditor certificate.</p>]]></content:encoded>
    </item>
    <item>
      <title>How to Become an AI Auditor: The Realistic Path 2026</title>
      <link>https://der-ki-auditor.de/en/insights/how-to-become-an-ai-auditor/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/how-to-become-an-ai-auditor/</guid>
      <pubDate>Sun, 14 Jun 2026 00:00:00 GMT</pubDate>
      <category>Grundlagen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>A certificate alone doesn&apos;t make an AI auditor. What you really need: training, audit hours, and field credibility. From a Senior Lead Auditor.</description>
      <content:encoded><![CDATA[<p>More and more people ask me: &quot;Lars, how do you actually become an AI auditor?&quot; The question comes from two directions. Career changers who want into a future-proof field. And compliance professionals who want to sharpen their profile, because the EU AI Act is shaking up the whole industry right now.</p><p>The honest answer: a certificate is one building block. Nothing more. Anyone who treats &quot;AI auditor&quot; as a pure diploma exercise hasn&apos;t understood the profession.</p><h2>What an AI auditor really does</h2><p>An AI auditor checks whether an organization has its artificial intelligence under control. Not the models. Not the algorithms. The management system. Accountability, risk assessment, awareness, controls, evidence. Whoever spends a day on site walks out with a clear picture, or with a big question mark.</p><p>That only works if you understand both: the standard and the business. Reading ISO/IEC 42001 is not enough. You have to recognize a workbench, an HR tool or a sales engine when someone is sitting across from you. You have to speak the language of the shop floor, the business units, the management. Otherwise you audit paperwork, not reality.</p><h2>The formal side: training and certificates</h2><p>There are three credible routes to a recognized ISO/IEC 42001 auditor certificate:</p><ul><li>PECB (Professional Evaluation and Certification Board): the most widely adopted certification internationally. Lead Auditor: a five-day course plus a written exam. Senior Lead Auditor is NOT an additional exam; it is a status that PECB grants once you have demonstrated at least seven years of field auditing experience and more than 1,000 documented audit hours.</li><li>TÜV / DEKRA / DQS: the German certification bodies offer their own programs. Comparable technical depth, more regionally recognized in the DACH region. Prices and terms vary by provider and format; getting comparison quotes makes sense.</li><li>Exemplar Global: an international personnel certification body, mainly relevant in English-speaking countries.</li></ul><p>A word of caution: there are now cheap online courses calling themselves &quot;AI auditor training&quot; that are not recognized personnel certifications. Anyone going to market with that kind of slip will be exposed on the first engagement. Look at the personnel certification body (PECB, TÜV, Exemplar Global), not just the course provider.</p><h2>The real prerequisite: audit practice</h2><p>Here lies the most important point the course catalogs leave out: the certificate is the entry ticket. You only turn it into a profession once you accumulate real audit hours.</p><blockquote>A pilot with a theory license but no flight hours doesn&apos;t fly. An auditor with a certificate but no audit hours doesn&apos;t audit.</blockquote><p>How do you collect them? In three ways. First: internal audits in your own company, if you are lucky enough that your firm is building a management system right now and you get trained as an internal auditor. Second: as a subcontractor for certification bodies that need auditors with specialist knowledge. Third: supplier audits within your own quality management practice.</p><p>My own path: more than ten years of internal and supplier audits across five industries, aviation, staffing services, sanitary wholesale, metal construction and precision engineering. Over 1,200 documented audit hours in five European countries. Only on that foundation did the ISO/IEC 42001 and 27001 Lead Auditor certifications come on top. That is the sequence that holds.</p><h2>The three realistic ways in</h2><p>If you are starting from zero today, you have three realistic paths:</p><ul><li>Path 1 - From compliance practice: you already work with ISO/IEC 27001, GDPR or quality management. ISO/IEC 42001 is the natural extension. Timeframe: 6 to 12 months to your first auditor role.</li><li>Path 2 - From AI/tech practice: you have experience with ML models, data quality, MLOps. You need to add the standard and the audit craft. Timeframe: 12 to 18 months; audit practice is the bigger gap than the technology.</li><li>Path 3 - Lateral entry from industry: you have carried responsibility, you know how a business runs. You need both the standard fundamentals AND the audit methodology. Timeframe: 18 to 24 months, but with the field credibility no one can shortcut.</li></ul><p>Which path fits depends on where you come from. There is no &quot;best&quot; one. But there is a wrong one: jumping overboard without water experience. Whoever books a 4,000-euro course with zero audit background and hopes the phone will ring off the hook afterward will be disappointed.</p><h2>What a certificate does NOT do</h2><p>Three truths that appear in no course brochure:</p><ul><li>A certificate does not make you an auditor for a certification body. These bodies additionally vet their auditors for experience and technical suitability, and they assign engagements only to listed individuals.</li><li>A certificate does not replace the industry you work in. Whoever audits in manufacturing must understand manufacturing. Whoever audits in healthcare must know the MDR and patient data. Standard plus industry, not either-or.</li><li>A certificate has a half-life. ISO/IEC 42001 will keep evolving over the coming years, and the EU AI Act adapts with it. Anyone who stops learning after the course is out of the game in five years.</li></ul><h2>How to prepare, in 1 to 6 weeks, depending on your learning style</h2><p>Important context: the core is the official 5-day course with the exam at the end, it provides the material, the exercises and the exam itself. How much you study around it depends on your prior knowledge and learning style: some are ready within a few days around the course, others spread it comfortably over a few weeks. You can compress the six building blocks below into a single week or stretch them over up to six, the sequence matters, not the duration:</p><table><tr><th>Step</th><th>Focus</th><th>Content</th></tr><tr><td>1</td><td>Fundamentals</td><td>Understand ISO/IEC 42001 and the shared management-system structure (Annex SL); AI basics (ISO/IEC 22989)</td></tr><tr><td>2</td><td>EU AI Act</td><td>Risk classes, roles (provider/deployer), obligations, and how ISO 42001 supports meeting them</td></tr><tr><td>3</td><td>Audit principles</td><td>ISO 19011: the seven principles, the audit programme, risk-based sampling</td></tr><tr><td>4</td><td>Conducting an audit</td><td>Stage 1 and 2, gathering evidence, classifying findings (major/minor nonconformity, opportunity for improvement)</td></tr><tr><td>5</td><td>Practice</td><td>Work through case examples, mentally run a mock audit, draft an audit report</td></tr><tr><td>6</td><td>Exam prep</td><td>Review, exam simulation, close remaining gaps</td></tr></table><h2>What does an AI auditor earn?</h2><p>An honest market read, not a promise: ISO/IEC 27001 Lead Auditors in Germany earn roughly EUR 62,000 to 82,000 per year, around EUR 70,000 on average (public salary databases such as StepStone and Glassdoor, 2026). The AI governance / ISO 42001 specialisation is still young and in demand, a premium over the pure 27001 level is realistic, depending on industry, experience and whether you are employed or freelance. Self-employed auditors work on day rates, which for specialised audit and advisory work are often four figures. What ultimately drives income is documented audit practice, not the certificate alone.</p><h2>What I advise new auditors</h2><p>If you genuinely want to become an AI auditor and not just have the title in your LinkedIn profile, do these three things first:</p><ul><li>Find a company, whether as an employee or a consultant, that is currently building a management system. Collect audit hours there before you put money into expensive certification.</li><li>Read original sources, not summaries. ISO/IEC 42001 itself. The EU AI Act itself. The NIST AI RMF. Those are what you&apos;ll be measured against in an audit, not course handouts.</li><li>Find an experienced auditor to mentor you. A mentor replaces three books and two training courses.</li></ul><p>Then, and only then, the certification. Then the first small engagements. Then the bigger ones. That is the honest path. It is slower than the LinkedIn career hacks. But it holds.</p>]]></content:encoded>
    </item>
    <item>
      <title>What Does ISO 42001 Cost? Honest Numbers and Funding 2026</title>
      <link>https://der-ki-auditor.de/en/insights/iso-42001-cost-2026/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/iso-42001-cost-2026/</guid>
      <pubDate>Sun, 14 Jun 2026 00:00:00 GMT</pubDate>
      <category>Kosten &amp; Förderung</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Consulting, audit, certificate: what an ISO 42001 implementation really costs mid-sized firms, the biggest hidden cost factor, and which funding helps in 2026.</description>
      <content:encoded><![CDATA[<p>The most honest answer to &quot;What does ISO 42001 cost?&quot; is: it depends. It depends on your starting point, the scope of your AI use, and how much is already in place. That is exactly why I assess your specific situation first and then quote a clear price, rather than opening with a number pulled out of thin air.</p><p>So that you can still gauge the order of magnitude, here are typical market ranges, offered as orientation and explicitly not as my quote, along with the one cost item almost everyone underestimates.</p><h2>The Three Cost Blocks</h2><p>An ISO 42001 implementation has three parts: external consulting and support, the internal effort of your own people, and the actual certification audit by an accredited body. If you only budget for the first and third, you are planning too tight.</p><ul><li>External consulting and support: typically around 8,000 to 30,000 EUR on the market, depending on maturity and the scope of your AI use.</li><li>Certification audit: for an initial certification, accredited bodies generally schedule at least four audit days.</li><li>Certificate and ongoing surveillance: the certificate is valid for three years, with annual surveillance audits and a recertification at the end of the cycle.</li></ul><h2>What Does It Cost in Total?</h2><p>For small and mid-sized companies, the total investment, consulting plus internal and external audit plus certificate combined, typically runs between roughly 15,000 and 50,000 EUR on the market. For larger mid-sized firms with 100 to 500 employees and broad AI use, the range can be considerably higher. Daily rates for experienced auditors and consultants move roughly between 800 and 1,500 EUR, often with a premium for AI topics, because the field is young and highly specialized.</p><table><tr><th>People involved with the AI</th><th>External support</th><th>Audit + certificate</th><th>Total (orientation)</th></tr><tr><td>Few (up to ~25 in the AI life cycle)</td><td>EUR 8,000–15,000</td><td>EUR 5,000–9,000</td><td>approx. EUR 15,000–25,000</td></tr><tr><td>Mid (~26–85 in the AI life cycle)</td><td>EUR 15,000–25,000</td><td>EUR 8,000–14,000</td><td>approx. EUR 25,000–45,000</td></tr><tr><td>Larger (86+ people, multiple AI systems)</td><td>EUR 25,000–40,000</td><td>EUR 14,000–22,000</td><td>from approx. EUR 45,000</td></tr></table><p>The range is deliberately wide, and that is not an evasive answer but the core of the matter: where you land depends heavily on how much foundation is already in place (for example an existing ISO 27001), how clearly the scope is drawn, and how lean the work is kept. That is why a short upfront assessment is worth more than any flat-rate figure.</p><h2>Over Three Years: the Certification Cycle</h2><p>An ISO certificate is valid for three years but is confirmed annually by a surveillance audit. The main investment falls in year one; after that it gets considerably cheaper. Budgeting across the full cycle from the start avoids surprises later.</p><table><tr><th>Phase</th><th>Timing</th><th>Effort</th></tr><tr><td>Implementation + certification audit (Stage 1 + 2)</td><td>Year 1</td><td>Main investment (see table above)</td></tr><tr><td>1st surveillance audit</td><td>Year 2</td><td>Significantly reduced, usually a short audit day by the certification body</td></tr><tr><td>2nd surveillance audit</td><td>Year 3</td><td>Comparable to year 2</td></tr><tr><td>Recertification</td><td>after 3 years</td><td>Lower than the initial certification, as the system is established</td></tr></table><p>Concrete, from practice: for a small manufacturing company in 2025, offers from accredited certification bodies for the audit alone (ISO 9001, a comparable audit structure) ran at roughly EUR 3,200–4,300 for the year-one certification audit and EUR 1,400–2,000 per surveillance audit, so roughly EUR 7,500–10,500 net over three years, travel costs separate. ISO 42001 sits in the same order of magnitude, tending toward the upper end, because the field is younger and the audit effort somewhat higher. Those are the certification body&apos;s fees; consulting and your internal effort come on top.</p><h2>The Biggest Hidden Cost Factor: Your Own Time</h2><p>The item that appears on no quote line yet costs the most is the working time of your own people: conducting interviews, reviewing documents, implementing controls, collecting evidence. Underestimate this and you come under pressure, not on the fee, but in day-to-day operations. Good support keeps exactly this internal effort small by staying focused and not reinventing every folder.</p><p>Modern, AI-supported methods help further by shortening routine work: document templates, evidence structures, first drafts. That noticeably reduces preparation effort and makes the implementation leaner than it was just a few years ago. One thing AI does not shorten, however, is the external certification audit itself. Its scope follows fixed accreditation rules and is driven by your organization, not by how efficiently you prepared.</p><blockquote>The most expensive ISO implementation is the one no one in the organization supports, because it was built past reality.</blockquote><h2>How to Reduce the Cost</h2><ul><li>Use ISO 27001 as a foundation: if you already run an information security management system, you save noticeably on ISO 42001, because the base structure is already in place.</li><li>Tackle both standards together: 42001 and 27001 overlap strongly. Reusing base structure, risk logic, and evidence often reduces the additional effort considerably; the reliable figure comes out of the gap analysis.</li><li>Draw the scope cleanly: not every system has to be in the first scope. A clearly defined scope keeps the initial project lean.</li><li>Risk-based instead of complete: controls are selected by risk rather than all implemented across the board, which saves effort and is conformant.</li></ul><h2>Funding 2026: What Is Available?</h2><p>Consulting services for digitalization and AI are frequently eligible for funding for mid-sized companies. One caveat upfront: funding programs change. The following reflects the status as of May 2026 and does not replace individual funding advice.</p><ul><li>BAFA &quot;Promotion of Business Consulting&quot;: nationwide for SMEs in Germany, currently still available until the end of 2026. It covers up to 50 percent of consulting costs in the western German states (capped at around 1,750 EUR) and up to 80 percent in the eastern states (capped at around 2,800 EUR).</li><li>State-level programs: depending on the federal state, some are funded considerably more generously, such as the Digitalbonus Bayern (up to 30,000 EUR) or the MID vouchers in North Rhine-Westphalia (up to 15,000 EUR).</li><li>Combination: a concept subsidy can often be combined with a state implementation program and a qualification subsidy.</li></ul><p>The nationwide BAFA funding tends to cover the concept phase; the larger amounts usually sit in the state-level programs. Which combination fits your location we clarify in the free initial consultation, and we do so before the project starts, because retroactive funding is rarely granted.</p><h2>Conclusion</h2><p>ISO 42001 is an investment, not a bargain, but it is not a corporate megaproject either. With a clearly defined scope, an existing ISO 27001 foundation, and the right funding, the entry point can be made predictable for mid-sized companies. What matters is doing the math honestly from the start: fee, internal effort, and audit together.</p>]]></content:encoded>
    </item>
    <item>
      <title>Securing AI agents: agentic AI under ISO 42001, ISO 27001 and the EU AI Act</title>
      <link>https://der-ki-auditor.de/en/insights/securing-ai-agents-agentic-ai/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/securing-ai-agents-agentic-ai/</guid>
      <pubDate>Sat, 13 Jun 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Agentic AI, AI agents that plan and act on their own, needs its own security and governance guardrails. How to secure the identity, inputs, actions and oversight of AI agents and map them cleanly onto ISO/IEC 42001, ISO/IEC 27001 and the EU AI Act.</description>
      <content:encoded><![CDATA[<p>Classic AI returns a text, a recommendation or a prediction, a human decides what happens next. An AI agent (agentic AI) goes a step further: it plans sub-steps itself, calls tools, writes to systems, places orders or sends messages. That shifts the risk from the output to real actions, and that needs its own guardrails.</p><h2>What makes agentic AI different</h2><p>An agent is autonomous enough to break a task into steps and carry them out with tools (APIs, databases, email, actuators). That is powerful, but every step is a potential action with real-world impact. A manipulated input document, an ambiguous instruction or an over-broad access right can then trigger not just a wrong answer, but a wrong action.</p><h2>Six building blocks to secure AI agents</h2><p>If you run agents in production, secure six areas deliberately, and dock them onto existing standards and the EU AI Act instead of inventing something entirely new:</p><table><tr><th>Building block</th><th>Main risk</th><th>Anchor (standard / law)</th></tr><tr><td>Agent identity &amp; access</td><td>Over-privileged agent, stolen credentials</td><td>ISO/IEC 27001 Annex A (access control, least privilege)</td></tr><tr><td>Input &amp; model security</td><td>Prompt injection, data poisoning</td><td>ISO/IEC 42001 operation; ISO/IEC 27001 (integrity)</td></tr><tr><td>Action validation &amp; guardrails</td><td>Unwanted or irreversible actions</td><td>Defined limits per action, human approval</td></tr><tr><td>Monitoring &amp; threat detection</td><td>Unnoticed misbehaviour, drift</td><td>ISO/IEC 42001 clause 9 (monitoring), audit trail</td></tr><tr><td>Governance, risk &amp; compliance</td><td>No owner, no evidence</td><td>ISO/IEC 42001 risk management &amp; AIIA</td></tr><tr><td>Human oversight</td><td>Humans cannot intervene</td><td>EU AI Act Art. 14 (human oversight)</td></tr></table><h2>The core: human oversight and action guardrails</h2><p>The biggest lever is separating &quot;may the agent decide this&quot; from &quot;may the agent execute this&quot;. Low-risk actions an agent can handle autonomously; anything with external effect or potential for harm, payments, contract emails, deletions, production commands, needs a defined guardrail: a human approval, a limit or a sandbox. The EU AI Act already requires effective human oversight for high-risk AI (Art. 14); for agents this is not a box-ticking exercise but simply good practice.</p><h2>Where this docks into ISO 42001</h2><p>ISO/IEC 42001 requires you to know your AI systems, assess their impact (AI System Impact Assessment), treat risks and monitor operation. From that angle, an AI agent is an AI system with greater leverage, the same mechanisms apply, just with more attention to the action side. If you have set up ISO 42001 properly, the framework for agentic AI is largely in place; what is added are mainly action guardrails and tighter access rights.</p><p>In short: agentic AI raises both value and risk. With clear identity, least privilege, validated inputs and outputs, action guardrails, monitoring and human oversight, the agent stays a tool, not an uncontrolled actor. How to set this up in your organisation, we clarify in a free initial call.</p>]]></content:encoded>
    </item>
    <item>
      <title>Labelling AI Content: The EU Code of Practice Explained</title>
      <link>https://der-ki-auditor.de/en/insights/labelling-ai-content-eu-code-of-practice/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/labelling-ai-content-eu-code-of-practice/</guid>
      <pubDate>Fri, 12 Jun 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>The EU has published its Code of Practice for labelling AI-generated content. What applies from 2 August 2026, and what businesses should do now.</description>
      <content:encoded><![CDATA[<p>On 10 June 2026 the European Commission published its final Code of Practice on labelling AI-generated content (press release IP/26/1328). The Code is voluntary and sets out practical steps for meeting the transparency duties of the EU AI Act, which apply from 2 August 2026. For small and mid-sized businesses that use AI day to day, this is a concrete roadmap, not an abstract legal topic.</p><h2>What applies from 2 August 2026</h2><p>On that date, the transparency obligations under Article 50 of the AI Act take effect. They apply regardless of whether your AI is high-risk; the point is the open disclosure of AI interaction and AI content.</p><ul><li>Interactive AI such as chatbots: users must be able to recognise that they are talking to an AI, not a human.</li><li>Deepfakes: AI-generated or AI-manipulated images, audio and video must be labelled as such.</li><li>AI texts on matters of public interest: must be labelled when published without human or editorial oversight.</li><li>Providers of generative AI: must mark their AI outputs in a machine-readable way, so they are technically detectable as artificially generated.</li></ul><p>The new Code of Practice mainly operationalises two of these: machine-readable marking by providers (Article 50(2)) and the visible labelling of deepfakes and published texts by deployers (Article 50(4)). The plain chatbot disclosure is the related duty under Article 50(1) and also applies from 2 August 2026.</p><h2>Provider or deployer: where do you stand?</h2><p>The AI Act distinguishes two roles, and the Code is split into two sections accordingly. The decisive point for most companies: anyone who merely uses AI is a deployer, not a provider.</p><ul><li>Providers: develop or distribute generative AI systems and must ensure the machine-readable marking of outputs.</li><li>Deployers: use AI, and must visibly label deepfakes and AI texts on public topics, and disclose the AI in chatbots.</li></ul><h2>What this means for mid-sized businesses</h2><p>Most mid-sized companies are deployers. Even so, real obligations arise as soon as generative AI becomes visible to the outside world:</p><ul><li>A chatbot on your website or in customer service: a clear notice such as &quot;You are chatting with an AI&quot; meets the requirement.</li><li>AI-generated images or videos in marketing and social media: check whether a deepfake label is needed.</li><li>AI-created texts published without human review that concern public-interest topics: label them.</li><li>Keep an internal record of where AI is used at all. That is the basis for any labelling.</li></ul><h2>How to label: the EU icon</h2><p>For visible labelling, the Code of Practice provides an official EU icon that may be used freely and without attribution. There are two variants: &quot;AI GENERATED&quot; for fully AI-created content and &quot;AI MODIFIED&quot; for partly AI-altered content. This answers the question &quot;How do I label?&quot; in concrete terms.</p><ul><li>Images and videos: place the icon clearly visible, for example top right; in videos at the start and after ad breaks.</li><li>Published texts: place the notice near the headline or at the start of the text.</li><li>Audio-only with no screen: prepend a short, clearly understandable audible notice.</li><li>The label must be clearly recognisable and accessible at the latest on first contact.</li></ul><h2>When you do not have to label</h2><p>The Code sets out clear exceptions. Not every piece of AI content needs to be labelled:</p><ul><li>Published texts that have undergone human or editorial review and for which a person holds editorial responsibility.</li><li>Artistic, creative, satirical or fictional works: here labelling is done so it does not impair the work, for example in accompanying text or credits.</li><li>Content whose use is legally permitted for detecting, preventing or prosecuting criminal offences.</li></ul><h2>Voluntary, but with an upside</h2><p>The Code is not mandatory. However, those who sign it can, once approved by the Commission and the AI Board, more easily demonstrate compliance with the relevant AI Act duties. In addition, the Commission has announced practical guidelines that will further clarify the scope. The Code was drawn up by six independent experts with the involvement of more than 180 stakeholder groups.</p><blockquote>People in Europe have a right to know whether what they see, hear or read was created or altered by AI. Transparency is how we protect trust. (paraphrased: Henna Virkkunen, Executive Vice-President of the European Commission)</blockquote><h2>The bridge to ISO 42001</h2><p>Labelling is not a standalone topic but part of a whole: those who know which AI systems run in their organisation, who is accountable for them and how their outputs are handled meet transparency duties almost in passing. That is exactly what an AI management system (AIMS) under ISO/IEC 42001 delivers. It makes the AI Act&apos;s duties structured and demonstrable. I build such systems so they work in day-to-day operation, and I check beforehand whether your labelling holds up.</p><p>If you are unsure whether you count as a provider or a deployer, and which labelling your AI requires, a short initial conversation is enough to classify your systems. Source: European Commission, press release IP/26/1328 of 10 June 2026.</p>]]></content:encoded>
    </item>
    <item>
      <title>AI Act High-Risk Self-Check: Is Your AI Really High-Risk?</title>
      <link>https://der-ki-auditor.de/en/insights/ai-act-high-risk-self-check/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/ai-act-high-risk-self-check/</guid>
      <pubDate>Fri, 12 Jun 2026 00:00:00 GMT</pubDate>
      <category>Recht &amp; Normen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>High-risk AI is the exception, not the rule. Use this self-check to correctly classify your AI under the EU AI Act risk categories.</description>
      <content:encoded><![CDATA[<p>In almost every first conversation, the same worry lands on the table: &quot;Lars, we now use AI in quality control and run a chatbot in customer service. Does that make us high-risk, and do we have to spin up the entire compliance machinery?&quot; My answer is reassuring almost every time: as a rule, no. High-risk is not the default case but a clearly defined exception.</p><h2>The AI Act thinks in four risk classes</h2><p>The AI Regulation (Regulation (EU) 2024/1689) follows a risk-based approach. It does not regulate &quot;AI&quot; across the board, but instead asks: what could this application do in the worst case? Four levels follow from that.</p><ul><li>Prohibited practices (Art. 5): a small number of clearly named applications such as social scoring, manipulative behaviour, or certain biometric practices. These are banned.</li><li>High-risk AI: narrowly defined fields of use carrying significant obligations. This is where the real focus of the regulation lies.</li><li>Limited risk (Art. 50): transparency obligations. Anyone running a chatbot or generating AI-produced content and deepfakes must, as a rule, label it.</li><li>Minimal risk: everything else. No specific obligations under the AI Act.</li></ul><p>The decisive point for mid-sized companies: the vast majority of everyday AI applications land in the lower two levels. High-risk is something you essentially have to &quot;earn&quot;, and only via one of two clearly described routes.</p><h2>High-risk only arises via two routes</h2><p>An AI is not high-risk because it is &quot;important&quot; or &quot;powerful&quot;. It is high-risk only if it hits one of the two routes laid down in law. Anyone who knows both can roughly classify their own application in a few minutes.</p><h2>Route A: Annex III - the eight areas of use</h2><p>Annex III lists eight areas in which AI is deemed high-risk because it directly affects people&apos;s fundamental rights, safety, or life chances. Check honestly whether your application falls into one of them:</p><ul><li>Biometrics (e.g. biometric identification)</li><li>Critical infrastructure (e.g. control of electricity, water, or transport networks)</li><li>Education and vocational training (e.g. grading of exam performance, access to education)</li><li>Employment and workforce management (e.g. AI for candidate selection or employee evaluation)</li><li>Access to essential private and public services (e.g. creditworthiness assessment, risk assessment in life or health insurance)</li><li>Law enforcement</li><li>Migration, asylum, and border control</li><li>Administration of justice and democratic processes</li></ul><p>Don&apos;t see yourself here? Then Route A is, as a rule, already settled for you. This is exactly where the all-clear comes for many industrial and service businesses: a machine that detects defective parts via camera, or a model that forecasts material demand, belongs to none of these eight areas.</p><h2>Route B: Annex I - AI as a safety component in products</h2><p>The second route concerns AI that sits as a safety component in an already regulated product subject to a conformity assessment. Think of machinery, medical devices, lifts, or toys. When the AI takes on safety-relevant functions there, it is captured through the respective product regulation.</p><p>For many manufacturers this is familiar territory: they already go through a conformity assessment anyway. The AI Act hooks into this existing logic rather than creating an entirely new world. For pure deployers who merely use such products, Route B is usually not relevant.</p><blockquote>High-risk is not a gut feeling. Either your AI hits one of the eight Annex III areas, or it sits as a safety component in a regulated product under Annex I. Neither applies? Then, as a rule, it is not high-risk.</blockquote><h2>The most important exception: Annex III does not automatically mean high-risk</h2><p>Now comes the rule that brings the most relief in practice and that many overlook. Even when an AI nominally falls into an Annex III area, it can be classified as not high-risk. The regulation provides for this exception in Art. 6(3).</p><p>It applies when the AI performs only a preparatory or narrowly limited supporting task and does not pose a significant risk to health, safety, or fundamental rights. A system that, for instance, merely pre-sorts incoming documents or provides a purely supportive secondary function without making the actual decision can fall out of the high-risk class despite its Annex III link.</p><p>Important: you must be able to justify and document this classification cleanly. It is not a free pass but a deliberate, traceable assessment. This is precisely the transition from the question &quot;Are we high-risk?&quot; to the question &quot;Can we prove our answer?&quot;</p><h2>Typical mid-market AI - and where it really lands</h2><p>Let&apos;s look at the applications I encounter most often. The classification almost always turns out reassuring.</p><ul><li>Predictive maintenance: as a rule, minimal risk.</li><li>Camera-based quality control and image processing in manufacturing: as a rule, minimal risk.</li><li>Demand and requirements forecasting: as a rule, minimal risk.</li><li>Internal chatbot or customer-service chatbot: usually limited risk, i.e. a transparency or labelling obligation, not high-risk.</li><li>Text generation and AI assistants: usually limited risk with labelling of AI-generated content.</li></ul><p>It only becomes high-risk once the same technology moves into one of the sensitive areas. The same text analysis is harmless when it sorts service tickets, and potentially high-risk when it decides on job applications. It is not the technology that matters, but the purpose and context.</p><h2>What applies when? The deadlines at a glance</h2><p>The AI Act does not enter into force all at once but in stages. That gives you time to sort things out rather than fall into a panic.</p><ul><li>02.02.2025: the prohibitions (Art. 5) and the obligation on AI literacy (Art. 4) apply.</li><li>02.08.2025: obligations for general-purpose AI models (GPAI) plus the governance and authority structure.</li><li>02.08.2026: transparency obligations under Art. 50 (e.g. labelling of AI-generated content).</li><li>High-risk obligations: originally Annex III from 02.08.2026 and Annex I from 02.08.2027, postponed by the Digital Omnibus (agreement of 7 May 2026) to 02.12.2027 and 02.08.2028 respectively.</li></ul><p>Note: the obligation on AI literacy under Art. 4 applies to everyone who deploys AI, regardless of risk class. Your staff should understand what they are working with. That is not a high-risk question but common sense with a legal basis.</p><h2>The self-check in four questions</h2><p>If you need a quick initial assessment for a specific application, work through these four questions in order. They do not replace a full legal evaluation of the individual case, but they sort most cases cleanly in advance.</p><ul><li>1. Is it a prohibited practice under Art. 5 (e.g. social scoring)? If yes, the application is banned. For typical mid-market AI, almost never the case.</li><li>2. Does the application fall into one of the eight Annex III areas, or is it a safety component under Annex I? If no, it is, as a rule, not high-risk.</li><li>3. If Annex III: does the exception under Art. 6(3) apply because the AI performs only a preparatory or narrowly limited task? Then it can still fall out of high-risk, properly documented.</li><li>4. Otherwise check: do you need transparency under Art. 50 (chatbot, labelling of AI content)? If yes, limited risk. If no, minimal risk.</li></ul><p>The right question is not &quot;Are we using AI?&quot; but &quot;For what exactly, and with what effect on people?&quot; From that, the risk class follows almost by itself.</p><h2>Why an AI Management System makes the difference here</h2><p>Regardless of which class your AI falls into, you need a solid answer when a customer, an insurer, or an authority asks. That is exactly what ISO/IEC 42001 is built for. The standard gives you a structure to systematically capture, assess, and govern your AI applications.</p><p>The self-check above is the snapshot. An AI management system to ISO/IEC 42001 turns it into a durable, traceable process: you document why an application falls into which class, keep it up to date, and can present it on request. In practice this is often worth more than the class itself, because it shows that AI is being deployed here deliberately and under control.</p><p>A note on classification: this overview does not replace a legal review of the individual case. It helps you ask the right questions and approach the topic with a clear head rather than a knot in your stomach. In the vast majority of mid-market cases, the honest answer in the end is: not high-risk, but good that you took a closer look.</p>]]></content:encoded>
    </item>
    <item>
      <title>Lead Implementer or Lead Auditor? Which ISO Path Fits You</title>
      <link>https://der-ki-auditor.de/en/insights/lead-implementer-vs-lead-auditor/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/lead-implementer-vs-lead-auditor/</guid>
      <pubDate>Tue, 09 Jun 2026 00:00:00 GMT</pubDate>
      <category>Grundlagen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>A Lead Implementer builds the management system; a Lead Auditor checks it. Which PECB path (ISO 42001 / 27001) fits you, and why both together are strongest.</description>
      <content:encoded><![CDATA[<p>Ever since PECB began offering its Lead Implementer and Lead Auditor programmes for ISO/IEC 42001 as well, one question keeps coming up: &quot;Lars, should I become an Implementer or an Auditor?&quot; Both sound similar, both are five-day courses with a genuine personnel certification, yet they lead into two completely different roles.</p><h2>The difference in one sentence</h2><p>A Lead Implementer builds the management system and keeps it running. A Lead Auditor checks whether it actually works. One constructs, the other verifies.</p><p>The Implementer is the architect and site manager. The Auditor is the structural engineer who, at the end, decides whether the building will stand.</p><h2>What a Lead Implementer really does</h2><p>A Lead Implementer establishes an AI management system (an AIMS to ISO/IEC 42001) or an information security management system (an ISMS to ISO/IEC 27001) from the ground up. They translate the requirements of the standard into something that genuinely works in operation, not into a binder gathering dust on a shelf.</p><ul><li>Clarify context and scope: what exactly should the management system cover?</li><li>Assess risks and produce the Statement of Applicability</li><li>Select, design and implement the controls</li><li>Build up documented information, communication, competence and awareness</li><li>Run ongoing operations, conduct internal audits and improve continuously</li><li>Prepare the organisation for the external certification audit</li></ul><p>PECB teaches this with its own step-by-step methodology (IMS2), from initiation through to certification readiness. It is the role for anyone who wants to build something, whether internally or as a consultant.</p><h2>What a Lead Auditor really does</h2><p>A Lead Auditor assesses whether an existing management system meets the standard, following the rules for auditing (ISO 19011) and for certification bodies (ISO/IEC 17021-1). They plan the audit, gather and verify evidence, formulate findings, write the report and lead an audit programme.</p><p>Auditing means checking, not consulting. Whoever has built a system is not allowed to certify it externally themselves, and it is precisely this separation that makes the whole system credible. The auditor looks at it from the outside and says what holds and what does not.</p><h2>Which path fits whom?</h2><ul><li>Lead Implementer if you want to BUILD: as a project lead, consultant, member of an AIMS/ISMS team, or as the person responsible for implementing the standard in-house.</li><li>Lead Auditor if you want to CHECK: as an internal auditor, as an auditor for a certification body, or to assess suppliers and partners in a defensible way.</li></ul><p>Both are genuine personnel certifications to ISO/IEC 17024, both run for five days (four training days plus an exam day) and both earn 31 CPD points. Neither path is &quot;higher&quot; than the other; they simply point in different directions.</p><h2>Why both together are strongest</h2><p>The most compelling option is not either-or, but both. Anyone who can build a management system AND audit it understands both sides of the table, and that shows in every project. This dual qualification is rare.</p><p>PECB even rewards it formally: hold both Lead Implementer and Lead Auditor within one scheme, pass four additional Foundation exams, and you qualify for the PECB Master credential.</p><p>My own starting point was the audit side: Senior Lead Auditor ISO/IEC 42001 and Lead Auditor ISO/IEC 27001, built on more than 1,200 documented audit hours across five European countries. Those who come from implementation travel the opposite route, and both meet in the middle.</p><h2>How you get in, and what really matters</h2><p>The formal entry is similar for both: ideally start with the Foundation course (the fundamentals of the standard), then take the five-day Lead course with its exam. For personnel certification, PECB additionally requires experience, graded from Provisional (no proof of experience required) through Implementer or Auditor up to Senior Lead (around ten years and roughly 1,000 documented hours).</p><p>The certificate is the entry ticket. You turn it into a profession only through real hours: project hours for the Implementer, audit hours for the Auditor.</p><p>In practical terms: start with the course that matches your direction and gather experience alongside it. For the Implementer, in real implementation projects; for the Auditor, in internal and supplier audits. Each builds on the other, and the two can be combined later on.</p>]]></content:encoded>
    </item>
    <item>
      <title>Consulting, Internal Audit, Third-Party Audit: Who Checks What?</title>
      <link>https://der-ki-auditor.de/en/insights/consulting-internal-audit-third-party-audit-difference/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/consulting-internal-audit-third-party-audit-difference/</guid>
      <pubDate>Mon, 01 Jun 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Three audit roles, three different mandates. When does a company need consulting, an internal audit, or a third-party audit, and why mixing them is risky.</description>
      <content:encoded><![CDATA[<p>“Consultant, auditor, certifier, isn’t that all the same thing?” I hear this question from companies almost every week. And every time, it makes me wince a little. Because behind it sits not just a confusion of terms, but a trap that can cost real money: anyone who throws consulting, internal audit, and accredited third-party audit into one pot buys the wrong service at the wrong price, and later wonders why the certificate doesn’t hold up or why the regulator starts asking questions.</p><p>Let’s be honest: these three audit roles do not differ by a nuance. They differ in mandate, in responsibility, in independence, and in what is ultimately legally defensible. I’ll explain it here the way I’d explain it to a managing director at the kitchen table who has just been handed a quote for an “AI audit” and doesn’t know whether to buy.</p><h2>Three mandates, three responsibilities</h2><p>Before we talk about prices or providers, we need to sort the mandate cleanly. Each of the three roles has its own goal. Confuse them, and you buy the most expensive service for the least benefit.</p><h2>1. Consulting (Implementer)</h2><p>The consultant helps build. They help you stand up the management system to ISO/IEC 42001 or ISO/IEC 27001, write policies with you, define roles, train staff, run risk assessments, and close gaps. They are partial, on your side. That is not meant negatively, quite the opposite: a good consultant has one goal, that you become ready for certification. Full stop.</p><p>What consulting is not: an independent judgment. Whoever builds their own system cannot assess it objectively. That is not a question of morality but of human logic, nobody reliably finds their own blind spots. Exactly for that reason, consulting is separated from certification.</p><blockquote>A consultant is like an architect. They build you a good house. But they are not the building inspector who signs off on it at the end.</blockquote><h2>2. Internal audit (first-party audit)</h2><p>The internal audit examines your own management system, carried out by you, on behalf of top management. It is mandatory: ISO/IEC 42001 requires it just as ISO/IEC 27001 and ISO 9001 do. No internal audit, no certificate, because the standard explicitly demands a demonstrable self-assessment.</p><p>An internal audit can be performed by:</p><ul><li>Your own staff with auditor qualifications and sufficient independence from the area under review (never audit your own area).</li><li>External auditors brought in as service providers when in-house know-how is missing, this is legitimate and very common among smaller and mid-sized companies.</li></ul><p>What an internal audit is not: an accredited certificate. It is a mandatory step in the PDCA cycle of your management system, not external market evidence. But: whoever audits honestly here walks calmly into the certification body’s Stage 2 audit. Whoever cuts corners here builds the risk straight into the process.</p><h2>3. Third-party audit (accredited certification audit)</h2><p>The third-party audit is carried out by an accredited certification body, in Germany supervised by the national accreditation body (DAkkS). Only this body may issue an accredited certificate. This is the form that customers, authorities, and regulators accept as evidence.</p><p>This body is independent, bound by ISO/IEC 17021, and audits according to a clearly documented procedure in two stages (Stage 1: document review; Stage 2: on-site audit). The certification body’s auditor must not have advised you, nor built your system, nor be economically dependent on you.</p><p>I myself work as a Senior Lead Auditor ISO/IEC 42001 and Lead Auditor ISO/IEC 27001 (PECB), also on behalf of certification bodies, when they engage me as an external auditor. More than 1,200 documented audit hours across five European countries, the Netherlands, Scotland, Croatia, Serbia, Türkiye, and in five different sectors from aviation to precision engineering. But: consulting and an accredited certification audit are something I may not do for the same client. Never.</p><h2>A quick aside: where does second-party fit in?</h2><p>Sometimes the term second-party audit comes up. That is the supplier audit: you assess a supplier on your own behalf, not accredited, but as a customer toward the provider. Important: this is not a substitute for ISO certification. But it is a form I often work in, when a company engages me to audit one of its AI service providers or subcontractors.</p><h2>When do I need what?</h2><p>Here is the decision logic from my practice. It is not academic, it grew out of real engagements.</p><ul><li>You want to build ISO/IEC 42001 but don’t yet have a management system? → Consulting / gap analysis / implementation support. Build the system first, then audit it.</li><li>You have built the system and want to know, before the certification audit, where it still falls short? → Internal audit by an external auditor (someone not involved in the build). A reality check before Stage 2.</li><li>You want the accredited certificate? → Third-party audit via an accredited certification body. Full stop. No consultant may issue it.</li><li>You want to assess an AI supplier you work with? → Second-party audit. Pairs well with a confidentiality agreement.</li><li>You are already certified and need the annual surveillance? → Surveillance audit, again by the same certification body (re-certification every three years).</li></ul><h2>The mixing trap: why it burns when roles cross</h2><p>In the market there are providers who offer everything from one hand: consulting plus audit plus “certificate.” That sounds convenient. But it is legally and substantively problematic. Reasons:</p><ul><li>Independence under ISO/IEC 17021: an accredited certification body may neither consult nor implement, otherwise it loses its accreditation.</li><li>Credibility in the market: customers and supervisory authorities recognize very well whether a certificate comes from an accredited body or from a consultant who cobbled together their own logo.</li><li>Liability in a dispute: if something goes wrong (a data protection breach, an AI bias incident, a regulatory proceeding), the authority examines who performed which audit for which purpose. Mixed roles weaken your defensive position.</li></ul><p>My test when a client puts a provider’s “AI audit package” on the table: I ask who issues the certificate. If the answer is “we do”, hands off. If the answer is “through an accredited body such as TÜV, DEKRA, DQS or similar”, then I can take a closer look.</p><h2>What I deliberately don’t do, and why that’s a mark of quality</h2><p>A clear statement from my side: I am an auditor and a consultant. I can run internal audits, gap analyses, implementation support, supplier audits. I can also work as an external auditor for accredited certification bodies, as a subcontractor under their mandate.</p><p>What I do not do: issue my “own certificate.” That would be worthless, would destroy my brand, and would be misleading in marketing toward authorities and clients. “The AI Auditor” is a brand of FERNAU Präzisionstechnik GmbH, not a certification body. This separation is deliberate. It is my mark of quality.</p><blockquote>Anyone who tells you they are consultant, auditor, and certifier in one has not understood the system. Or they are hoping that you don’t.</blockquote><h2>The two rules every managing director should know</h2><p>If you remember only two things:</p><ul><li>Rule 1: Whoever builds you must not certify you. Consulting and accredited certification are separate, by standard, by accreditation rule, by common sense.</li><li>Rule 2: Only accredited certification bodies issue accredited certificates. Anything else is a confirmation, but not market evidence in the sense of the standard.</li></ul><p>With these two rules in your pocket, you can assess any audit offer in 30 seconds. And you save yourself expensive bad purchases, not only in euros, but in trust toward customers and regulators.</p>]]></content:encoded>
    </item>
    <item>
      <title>What an ISO 42001 Audit Really Checks (and What It Doesn&apos;t)</title>
      <link>https://der-ki-auditor.de/en/insights/what-an-iso-42001-audit-really-checks/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/what-an-iso-42001-audit-really-checks/</guid>
      <pubDate>Sat, 30 May 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>An ISO 42001 audit doesn&apos;t check your technology. It checks whether someone owns the risk, knows it, and has evidence. What an auditor really wants to see.</description>
      <content:encoded><![CDATA[<p>When I walk into an organization as an auditor, many people expect me to inspect the servers. Models, training data, algorithms. That is a misunderstanding. An ISO 42001 audit doesn&apos;t check technology. It checks whether the organization has its AI under control, and that is something entirely different.</p><p>First the process. Then the role. Then the evidence. I look in that order.</p><h2>What an ISO 42001 audit is not</h2><p>An auditor does not check whether an AI model performs well. That is the job of validation. Nor whether the cloud architecture is sound, that belongs in the ISO 27001 scope. And not whether you are using the best available model either. Model choice is your decision, not mine.</p><blockquote>An audit doesn&apos;t ask: does your AI work? It asks: who is accountable when it doesn&apos;t?</blockquote><h2>What is actually on the test bench</h2><p>An ISO 42001 audit (standard published in 2023, audits now conducted under ISO/IEC 42006) examines five core areas, and not a single one of them is primarily technical:</p><ul><li>Leadership and accountability: Does someone visibly hold the mandate to be accountable for AI governance? Is it written into a role, a record, a board decision?</li><li>Risk management: Do you know the risks your AI poses to affected people and to the organization? Have you assessed them systematically, not from gut feeling?</li><li>Impact assessment: Can you show what consequences an AI system has for the outside world (ISO/IEC 42005)? Not just risks to you, but effects on others.</li><li>Awareness and competence: Do staff know what they are and aren&apos;t allowed to do? Who completed the mandatory training? Is there evidence?</li><li>Controls and evidence: Have you selected the relevant controls from Annex A, and can you demonstrate that they are effective?</li></ul><h2>A concrete scene from audit practice</h2><p>I ask in a mid-sized company: &quot;Which AI systems are you currently using?&quot; The managing director names three. The head of IT adds: &quot;Plus the component inspection in plant three. And the chat assistant for sales.&quot; The managing director looks surprised.</p><p>This is not a trap. It is the audit test: does a complete, maintained inventory of AI systems exist? When leadership learns about systems instead of already knowing them, the governance isn&apos;t there yet.</p><p>The next test is classification. I ask about the applicant-screening tool in HR. &quot;It&apos;s only a filter,&quot; says the head of IT. Wrong. An AI that pre-sorts or scores job applications falls into the high-risk category under Annex III of the EU AI Act. That triggers obligations around human oversight, bias testing, transparency, and documentation. Anyone who doesn&apos;t know this has a gap in their risk register, and a hard question coming in the audit.</p><blockquote>An AI tool that sorts résumés isn&apos;t a convenience. It is a discrimination claim waiting to become actionable.</blockquote><p>The same applies to AI-assisted quality inspection in manufacturing: does the camera reliably detect a crack, or does it wrongly pass defective parts? That is not just a quality issue, it is product liability. Anyone operating here without documented validation, without defined thresholds, without an escalation path has built AI risks into their production without controlling them.</p><h2>What an auditor sees in the first two hours</h2><p>Experienced auditors don&apos;t need three days to gauge maturity. Four indicators reveal it by mid-morning:</p><ul><li>Can the responsible person answer &quot;Which AI do we use?&quot; in under two minutes?</li><li>Is there a risk register with concrete entries, or just a list of theoretical risk categories?</li><li>Is there a training overview with names, dates, and content, or just a PDF sitting on the server?</li><li>Are the Annex A controls linked to concrete measures, or simply ticked off?</li></ul><p>If all four are clean, the audit runs as a confirmation. If two are thin, it goes deeper. If three or four are thin, it is too early for an external audit, and an honest gap analysis helps more than an embarrassing, lost certification mandate.</p><h2>Why technology is only a by-catch in the audit</h2><p>Imagine someone certifying your fire protection without ever looking at your fire alarm system. Sounds absurd, but it is exactly what to expect with ISO 42001. The standard examines the management system, not the equipment. It checks whether you know what you are doing, why you are doing it, who answers for it, and whether your controls fit.</p><p>That is not a flaw in the standard. That is its purpose. Technology changes monthly. Accountability, roles, and risks do not. That is precisely why the standard builds on what endures.</p><h2>When an organization is audit-ready</h2><p>Audit-ready does not mean having every answer ready. Audit-ready means being able to demonstrate, traceably, where you stand, where you don&apos;t, and what is planned. Auditors don&apos;t expect perfection. They expect honesty, evidence, and consistency.</p><p>Those who have that walk into the audit relaxed. Those who don&apos;t should not go to the certification body first, but go to themselves first.</p>]]></content:encoded>
    </item>
    <item>
      <title>Bringing your AI to the EU: what non-EU providers must know about the EU AI Act</title>
      <link>https://der-ki-auditor.de/en/insights/eu-ai-act-non-eu-providers/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/eu-ai-act-non-eu-providers/</guid>
      <pubDate>Thu, 28 May 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>From scope to the Authorised Representative under Article 22: how the EU AI Act applies to providers from the US, UK, Switzerland or anywhere else placing AI on the EU market.</description>
      <content:encoded><![CDATA[<p>Whether you are based in the US, the UK, Switzerland, the Gulf or anywhere else: if your AI system is placed on the EU market, or if its output is used in the EU, the EU AI Act applies to you. This article walks through what that means in practice, role by role.</p><h2>Does the AI Act actually apply to you?</h2><p>Article 2(1) is deliberately broad. The Regulation reaches providers who place AI systems on the EU market regardless of their location, and it reaches providers and deployers outside the EU whose system’s output is used in the EU. Three quick examples: a US SaaS company selling AI-powered analytics to European customers is covered. A Swiss medical AI exporter is covered. An Indian back-office whose AI results are sent to an EU operator is covered.</p><h2>Your role decides your obligations</h2><ul><li>Provider, you develop the AI system (or have it developed) and put it on the EU market under your own name or trademark.</li><li>Deployer, you use an AI system under your authority in a professional context; for non-EU deployers, if the output is used in the EU.</li><li>Importer, established in the EU, you place on the market an AI system bearing the name of a person established outside the EU.</li><li>Distributor, anyone else in the supply chain making the system available on the EU market.</li></ul><p>Providers and deployers carry the heaviest set of duties; importers and distributors carry due-diligence and corrective-action duties (more on those in the dedicated supplier-audit article).</p><h2>Authorised Representative (Article 22), the door key</h2><p>Before placing a high-risk AI system on the EU market, a non-EU provider must appoint, by written mandate, an Authorised Representative established in the Union. The representative keeps the technical documentation, registers the system in the EU database where required, is the contact point for market-surveillance authorities and may terminate the mandate if the provider acts against AI Act obligations. The minimum content of the mandate is set out in Annex V.</p><p>For limited- or minimal-risk AI and for general-purpose AI models there are different mechanisms (a GPAI provider outside the EU must also appoint a representative under the GPAI chapter). The point: identify what kind of system you place on the market before you assume one mechanism fits all.</p><h2>The conformity path for high-risk systems</h2><ul><li>Classify against Annex III (use-case based) and Annex I (safety component of regulated products under EU harmonisation law).</li><li>Build the management-system requirements: risk management (Art. 9), data governance (Art. 10), technical documentation (Art. 11), record-keeping and logs (Art. 12), transparency (Art. 13), human oversight (Art. 14), accuracy/robustness/cybersecurity (Art. 15).</li><li>Run the conformity assessment (Art. 43), typically internal control for Annex III systems, with third-party assessment in safety-component cases.</li><li>Affix the CE marking, draw up the EU declaration of conformity and register the system in the EU database (Art. 71).</li></ul><h2>What happens if you ignore it</h2><p>Article 99 sets the maximum fines: prohibited practices up to EUR 35 million or 7% of worldwide annual turnover, whichever is higher; high-risk and other operator violations up to EUR 15 million or 3%; supplying incorrect, incomplete or misleading information up to EUR 7.5 million or 1.5%. SMEs and start-ups are subject to the lower of the two figures. These are caps, not standard fines, but the headline numbers are what board rooms react to.</p><h2>The Digital Omnibus may move the high-risk dates</h2><p>On 7 May 2026 the EU institutions reached a provisional political agreement that would postpone the high-risk applicability, Annex III systems to 2 December 2027 and Annex I to 2 August 2028, and ease some AI literacy requirements. It is not yet formally adopted. Plan against the original dates and treat the relief as a buffer.</p><h2>A pragmatic order of operations</h2><ul><li>Decide whether you place AI on the EU market or use it for the EU.</li><li>Map your role: provider, deployer, importer, distributor.</li><li>If you are a non-EU provider of high-risk AI: appoint your Authorised Representative early, the mandate takes time to negotiate.</li><li>Build a management system (ISO/IEC 42001 is the most direct way to deliver the AI Act’s evidence load).</li><li>Run the conformity assessment, CE-mark, register, document.</li></ul><blockquote>The AI Act does not stop at the EU border. It reaches every provider whose system touches the EU market, but the workload is structured. With the right management system in place, most of it is documentation you would build anyway.</blockquote><p>Note on scope: this article covers AI compliance only. Tax, labour, corporate, immigration and contract questions about entering the German or EU market require a licensed German lawyer or tax advisor. I focus on ISO/IEC 42001, ISO/IEC 27001 and AI Act readiness, and work with a network for the rest.</p>]]></content:encoded>
    </item>
    <item>
      <title>EU AI Act vs. NIST AI RMF, ISO 42001 and the UK approach, how they fit together</title>
      <link>https://der-ki-auditor.de/en/insights/eu-ai-act-vs-nist-iso-uk/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/eu-ai-act-vs-nist-iso-uk/</guid>
      <pubDate>Thu, 28 May 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>A practical comparison of the major AI governance frameworks, and how a system built to ISO/IEC 42001 helps you meet the EU AI Act, NIST AI RMF and UK expectations at once.</description>
      <content:encoded><![CDATA[<p>If you operate AI across the US, the UK and the EU you are likely staring at three or four frameworks at once: the EU AI Act, the NIST AI RMF, ISO/IEC 42001 and the UK government’s principles. They are not contradictory, but they are different in nature, and that matters when you decide what to invest in first.</p><h2>The four frameworks at a glance</h2><ul><li>EU AI Act (Regulation (EU) 2024/1689): a binding law with risk-based obligations, conformity assessment and fines up to 7% of worldwide turnover. Extra-territorial.</li><li>NIST AI RMF 1.0 (January 2023): a voluntary US framework with four functions, Govern, Map, Measure, Manage. Strong practice guidance; not a certification.</li><li>ISO/IEC 42001:2023: the global voluntary standard for an AI management system. Certifiable by accredited bodies.</li><li>UK approach: the white paper “A pro-innovation approach to AI regulation” (March 2023; the government published its response to the consultation in February 2024) sets out five non-statutory principles delivered through existing sectoral regulators (ICO, MHRA, CMA, Ofcom). A dedicated UK AI bill is debated but not in force as of May 2026.</li></ul><h2>How they differ in nature</h2><ul><li>Legal force, AI Act = law with fines. NIST, ISO 42001, UK principles = voluntary (with the UK partly enforced via existing sectoral regulators).</li><li>Coverage, AI Act classifies systems by risk; NIST organises by lifecycle functions; ISO 42001 sets management-system requirements; UK works by sectoral application of high-level principles.</li><li>Audience, the AI Act addresses regulators and operators; ISO 42001 addresses customers and certification bodies; NIST AI RMF addresses practitioners; UK principles address sectoral compliance officers.</li></ul><h2>How they fit together</h2><p>For a non-EU company operating in the EU, the EU AI Act is the mandatory layer. A NIST-aligned practice or a UK-aligned governance posture does not by itself satisfy the AI Act, but it gives you a real head start, because most controls map across.</p><p>ISO/IEC 42001 is the most direct bridge: it asks for exactly the structures the AI Act expects, AI inventory, risk and impact assessment, human oversight, data governance and life-cycle control, and it is certifiable. A system built to ISO 42001 makes meeting the AI Act easier to demonstrate to authorities, customers and partners, and it aligns naturally with NIST AI RMF functions.</p><h2>What this means in practice</h2><ul><li>One AIMS, three or four narratives: build the management system once (ISO 42001), then map your evidence to AI Act articles, NIST functions and UK principles.</li><li>Run a single AI impact assessment process, it satisfies AI Act human-oversight expectations and feeds the NIST Measure function.</li><li>Use ISO/IEC 27001 as your information-security foundation; it underpins all four frameworks and is the natural prerequisite for trustworthy AI evidence.</li><li>Document once, report many: keep a Statement of Applicability that cross-references the four frameworks, so the same artefact serves regulator, customer and auditor.</li></ul><blockquote>The frameworks are not a buffet. Treat them as one structure with different audiences: regulators want the AI Act, customers want ISO certificates, security teams want NIST functions, the UK wants sectoral evidence.</blockquote><p>Note on scope: this article focuses on AI governance and certification. National rules outside AI Act scope, sectoral law, privacy enforcement, taxation, need their respective specialists.</p>]]></content:encoded>
    </item>
    <item>
      <title>AI in your EU supply chain, supplier audits and EU AI Act importer/distributor obligations</title>
      <link>https://der-ki-auditor.de/en/insights/ai-supplier-audits-eu/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/ai-supplier-audits-eu/</guid>
      <pubDate>Thu, 28 May 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>If your AI is built on third-party components or models, the EU AI Act makes you accountable for them. A practical guide to supplier audits and the new responsibilities along the AI value chain (Articles 23–25).</description>
      <content:encoded><![CDATA[<p>Few AI systems are built fully in-house. You might licence a foundation model, embed a third-party vision API or import a finished product from a non-EU vendor. The EU AI Act explicitly addresses this, and pushes accountability both down and up the value chain.</p><h2>Who counts as importer and distributor</h2><p>An importer (Article 3) is a person established in the Union that places on the market an AI system bearing the name or trademark of a person established outside the Union. A distributor is anyone else in the supply chain, other than provider or importer, that makes a system available on the EU market.</p><h2>Importer obligations (Article 23)</h2><ul><li>Verify that the provider carried out the conformity assessment and that technical documentation and instructions are in place.</li><li>Verify the CE marking and the EU declaration of conformity.</li><li>Indicate your name, registered trade name and contact address on the system, on its packaging or in accompanying documentation.</li><li>Keep a copy of the EU declaration of conformity for ten years; keep certificates issued by notified bodies available to authorities.</li><li>Cooperate with market-surveillance authorities, and take corrective measures or withdraw the system if you suspect non-compliance.</li></ul><h2>Distributor obligations (Article 24)</h2><ul><li>Before making available, verify the CE marking, the EU declaration of conformity, instructions for use and that the provider and importer fulfilled their duties.</li><li>Make sure storage and transport conditions do not jeopardise compliance.</li><li>If you suspect a risk, inform the provider or importer and take corrective measures.</li></ul><h2>Responsibilities along the AI value chain (Article 25)</h2><p>Article 25 introduces a duty to allocate responsibilities along the value chain by written agreement, between providers of high-risk systems, providers of components and downstream operators integrating AI into their products. Crucially: if a downstream actor substantially modifies a high-risk AI system, or places it on the market under their own name or trademark, they may become the provider of that modified system, with the full provider duty set (and, for non-EU actors, an Authorised Representative).</p><h2>What a useful AI supplier audit covers</h2><ul><li>Technical documentation completeness (Article 11, Annex IV) and whether updates are tracked.</li><li>Risk management system (Article 9): how the supplier identifies, evaluates and mitigates risks across the AI life cycle.</li><li>Data governance (Article 10): provenance, quality, representativeness and bias control of training, validation and test data.</li><li>Logging and traceability (Article 12), events you can reconstruct after an incident.</li><li>Human-oversight measures available to the operator (Article 14).</li><li>Transparency information you can hand to your own deployers (Article 13).</li><li>For non-EU providers of high-risk AI: existence and contact details of the Authorised Representative (Article 22).</li><li>Information security and AI governance evidence: ISO/IEC 27001 for the foundation, ISO/IEC 42001 for AI specifically, or equivalent demonstrable evidence.</li></ul><h2>Second-party audits as a working control</h2><p>A second-party audit, you (or a representative auditor) auditing your supplier, is the most useful tool to make Articles 23–25 real. It is not a certification; it is your own evidence that you exercised due diligence. A clear audit plan, on-site or remote review, and a written report with findings and corrective measures protect you in market-surveillance interactions and in customer audits.</p><blockquote>Article 25 turned “my supplier is responsible” into a documentation duty. If you cannot prove what you checked, you did not check it.</blockquote><h2>How to start</h2><ul><li>List every AI component and supplier feeding into your products or operations, including model APIs and embedded libraries.</li><li>Classify each component by AI Act risk class and by your own criticality.</li><li>Build a baseline supplier-audit checklist mapped to Articles 9–15, 22 and 25.</li><li>Run risk-based audits, high-risk components yearly, lower-risk on a longer cadence; trigger ad-hoc audits after material model changes.</li><li>Fold the supplier-audit evidence into your ISO 42001 management system, so the rest of your governance benefits from it.</li></ul><p>Note on scope: this article covers AI compliance and audit aspects only. Procurement and contract law (warranty, liability, indemnity, intellectual-property clauses) need legal counsel, supplier audits sit alongside contract review, not instead of it.</p>]]></content:encoded>
    </item>
    <item>
      <title>ISO/IEC 42001 explained: what the AI standard means for your business</title>
      <link>https://der-ki-auditor.de/en/insights/iso-42001-explained/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/iso-42001-explained/</guid>
      <pubDate>Wed, 27 May 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO/IEC 42001 is the first international standard for AI management systems. What it is, who needs it and how to get started, in plain language.</description>
      <content:encoded><![CDATA[<p>Artificial intelligence has arrived in everyday business, in quoting, in quality control, in customer service. But whoever uses AI also carries responsibility: for the data, for the decisions, for the consequences. This is exactly where ISO/IEC 42001 comes in, the first international standard for an AI management system (AIMS).</p><h2>What is ISO/IEC 42001?</h2><p>ISO/IEC 42001 was published in December 2023. It describes how an organisation governs the use of AI in a responsible, traceable and controllable way, across the entire life cycle of an AI system. It follows the same high-level structure as ISO 9001 (quality) or ISO/IEC 27001 (information security), so it integrates well into management systems you may already have.</p><p>At its core it answers three questions: Which AI do we use, and what for? What risks does that create, for our customers, our staff, our company? And how do we make sure those risks stay under control?</p><h2>The main building blocks</h2><ul><li>An AI policy and clear responsibilities, who decides how AI is used?</li><li>Systematic risk assessment and an AI impact assessment</li><li>Data management: provenance, quality and suitability of training and operational data</li><li>Transparency and human oversight over AI-supported decisions</li><li>Control across the whole life cycle, from selection to decommissioning</li><li>Annex A of the standard: a catalogue of concrete controls you implement</li></ul><h2>Do I really need it?</h2><p>A certified management system is not (yet) a legal requirement. But with the EU AI Act, being able to prove that you have your AI under control becomes a competitive factor. Clients, especially large industrial customers, increasingly ask for credible evidence. A system built to ISO/IEC 42001 is the most structured way to meet the obligations of the AI Act and to show trust to the outside world at the same time.</p><blockquote>ISO 42001 turns “we use AI responsibly” from a claim into a verifiable fact.</blockquote><h2>How do you get started?</h2><p>The pragmatic route starts with a gap analysis: where do you stand today against the requirements of the standard? That produces an action plan that fits how you actually operate, not a binder that helps no one. Then the controls are built, an internal audit is run, and the system is prepared for the external certification audit. Important: the certification itself is always issued by an accredited certification body, for reasons of independence.</p><p>For small and mid-sized companies the effort pays off especially when AI already influences decisions, processes customer data, or you have to provide evidence to clients.</p>]]></content:encoded>
    </item>
    <item>
      <title>EU AI Act: deadlines and the Digital Omnibus (status May 2026)</title>
      <link>https://der-ki-auditor.de/en/insights/eu-ai-act-deadlines/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/eu-ai-act-deadlines/</guid>
      <pubDate>Wed, 27 May 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Which EU AI Act obligations apply when, and what the May 2026 Digital Omnibus changes. A practical timeline for companies operating in the EU.</description>
      <content:encoded><![CDATA[<p>The EU AI Act (Regulation (EU) 2024/1689) is the world&apos;s first comprehensive law on artificial intelligence. It entered into force on 1 August 2024 and applies in stages. This article lays out the timeline that matters for companies operating in the EU, and what the May 2026 Digital Omnibus proposes to change.</p><h2>The staged timeline</h2><ul><li>2 February 2025: Prohibited AI practices are banned, and the AI literacy obligation (Art. 4) applies. Providers and deployers must take measures, to their best extent, to ensure a sufficient level of AI literacy among their staff (a proportionate best-efforts duty).</li><li>2 August 2025: Rules for general-purpose AI models (GPAI) and the governance framework start to apply.</li><li>2 August 2026: The bulk of the obligations for high-risk AI systems (Annex III) become applicable, in the original text.</li><li>2 August 2027: Obligations for high-risk AI that is a safety component of regulated products (Annex I) apply.</li></ul><h2>What the Digital Omnibus changes</h2><p>On 7 May 2026 the EU institutions reached a provisional political agreement on a so-called Digital Omnibus that adjusts parts of the AI Act. The key points for businesses: the application of the high-risk obligations is to be postponed, for Annex III systems to 2 December 2027, and for Annex I systems to 2 August 2028, and the requirements around AI literacy (Art. 4) are to be eased and simplified.</p><p>Important caveat: as of May 2026 this is a provisional agreement, not yet formally adopted and in force. Until it is, the original text and its dates apply. Plan against the original deadlines and treat the relief as a welcome buffer, not as a reason to wait.</p><blockquote>The honest summary in May 2026: the prohibitions, GPAI rules and AI literacy already apply. The high-risk obligations are likely to move later, but that is not yet law.</blockquote><h2>What you should do now</h2><ul><li>Build an inventory of your AI systems and classify them by risk (prohibited / high-risk / limited / minimal).</li><li>Cover the AI literacy duty: proportionate, documented training for the people who work with AI.</li><li>Check transparency obligations (Art. 50): label AI interactions and AI-generated content where required.</li><li>If you operate high-risk AI, start the governance work now, the build-up takes longer than the remaining time often suggests.</li></ul><h2>How ISO 42001 helps</h2><p>A management system built to ISO/IEC 42001 gives you exactly the structures the AI Act asks for: an AI inventory, risk and impact assessments, human oversight, transparency and life-cycle control. It is the most efficient way to turn a legal obligation into a repeatable, auditable process.</p>]]></content:encoded>
    </item>
    <item>
      <title>ISO 42001 vs. ISO 27001: how the two standards fit together</title>
      <link>https://der-ki-auditor.de/en/insights/iso-42001-vs-iso-27001/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/iso-42001-vs-iso-27001/</guid>
      <pubDate>Wed, 27 May 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Information security or AI governance, or both? How ISO/IEC 27001 and ISO/IEC 42001 differ, where they overlap and in which order to tackle them.</description>
      <content:encoded><![CDATA[<p>ISO/IEC 27001 and ISO/IEC 42001 are often mentioned in the same breath, and for good reason. They share a structure and a logic, but they protect different things. Understanding the difference helps you invest in the right order.</p><h2>What each standard is for</h2><p>ISO/IEC 27001 is the established standard for an information security management system (ISMS). It protects the confidentiality, integrity and availability of information, your data, your systems, your know-how.</p><p>ISO/IEC 42001 is the new standard for an AI management system (AIMS). It governs the responsible use of artificial intelligence: risks to people and society, transparency, human oversight, data quality and the life cycle of AI systems.</p><h2>Where they overlap</h2><ul><li>The same high-level structure (Annex SL): context, leadership, planning, support, operation, evaluation, improvement.</li><li>Risk-based thinking and a Statement of Applicability that documents which controls apply.</li><li>Internal audits, management review and continual improvement as recurring duties.</li><li>A large shared base of evidence, policies, roles, training, supplier management.</li></ul><h2>The key difference</h2><p>ISO 27001 asks: are our information assets secure? ISO 42001 asks: is our AI responsible and under control? Information security is largely about protecting the organisation; AI governance adds a strong focus on protecting the people affected by AI decisions. ISO 42001 therefore introduces AI-specific elements such as the AI impact assessment that 27001 does not have.</p><blockquote>ISO 27001 secures your information. ISO 42001 builds on that and makes your AI trustworthy. A solid ISMS is a good foundation, but not a hard prerequisite.</blockquote><h2>Which one first?</h2><p>Both orders work. A robust ISMS is a good foundation, but it is not a mandatory predecessor for ISO 42001. Because the two share structure, risk logic and much of the evidence, it often pays to look at them together and avoid building the same things twice. In practice the right sequence depends on where your risks and your client requirements sit, that is what a short assessment clarifies.</p>]]></content:encoded>
    </item>
    <item>
      <title>AI literacy under Article 4 of the EU AI Act: what companies must do</title>
      <link>https://der-ki-auditor.de/en/insights/ai-literacy-eu-ai-act/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/ai-literacy-eu-ai-act/</guid>
      <pubDate>Wed, 27 May 2026 00:00:00 GMT</pubDate>
      <category>EU AI Act</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Article 4 of the EU AI Act requires a sufficient level of AI literacy. What that means in practice, who is affected, and how the Digital Omnibus eases it.</description>
      <content:encoded><![CDATA[<p>Among all the obligations of the EU AI Act, one applies broadly and early, and is comparatively cheap to meet: AI literacy under Article 4. It has applied since 2 February 2025, to providers and deployers of AI systems alike.</p><h2>What does Article 4 require?</h2><p>Providers and deployers of AI systems must take measures to ensure, to their best extent, a sufficient level of AI literacy among their staff and other people who operate and use AI on their behalf. It is therefore a proportionate best-efforts duty, not a guarantee of a particular outcome. What counts as “sufficient” depends on the prior knowledge, experience and training of the people involved, on the context the AI is used in, and on who the AI is used on.</p><p>AI literacy, as the Regulation defines it, is the skills, knowledge and understanding that allow people to deploy AI in an informed way and to be aware of its opportunities, risks and possible harm.</p><h2>Who is affected?</h2><p>Practically every company that uses AI. A “deployer” is anyone who uses an AI system under their own authority in a professional context, from the marketing team using a text generator to the workshop using an AI-based inspection tool. Purely personal, non-professional use is excluded.</p><h2>What good measures look like</h2><ul><li>Basic training: how AI works, what it can and cannot do, where its limits and risks are.</li><li>Role-specific depth: people who make decisions with AI need more than occasional users.</li><li>Practical rules: what may be entered into which tool, how to handle outputs, when a human has to check.</li><li>Documentation: keep a record of what training happened and who took part.</li></ul><h2>What the Digital Omnibus changes</h2><p>Even the original text frames Art. 4 as a proportionate best-efforts duty (“to their best extent”), not a rigid training guarantee. The Digital Omnibus (provisional political agreement of 7 May 2026) additionally foresees relief and simplifications to the AI literacy requirements. That is not yet formally adopted, however; until it is, the original text applies. Anyone who trains sensibly now is on the safe side either way.</p><blockquote>AI literacy is the cheapest obligation in the AI Act, and one of the most effective. Teams that understand AI make fewer expensive mistakes.</blockquote>]]></content:encoded>
    </item>
    <item>
      <title>The AI Officer: Does Your Company Need One?</title>
      <link>https://der-ki-auditor.de/en/insights/ai-officer-role-governance/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/ai-officer-role-governance/</guid>
      <pubDate>Wed, 27 May 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>No law mandates an AI officer the way the GDPR does for data protection. Here is why the role still makes sense, and what the EU AI Act and ISO 42001 really require.</description>
      <content:encoded><![CDATA[<p>&quot;Do we need an AI officer, the way we have a data protection officer?&quot; The honest answer: there is no legal obligation to appoint one. But the role almost always makes sense.</p><h2>No legal obligation, unlike the DPO</h2><p>Under certain conditions, the GDPR requires companies to appoint a data protection officer. The EU AI Act knows no comparable, legally mandated &quot;AI officer.&quot; So anyone waiting for an appointment obligation will wait in vain, and waste valuable time in the meantime.</p><h2>What the law and the standard do require</h2><ul><li>EU AI Act: deployers of high-risk AI must assign human oversight to competent people and define responsibilities (among others, Art. 26). The AI literacy obligation (Art. 4) also needs someone to organise it.</li><li>ISO/IEC 42001: the standard requires clearly defined roles and responsibilities for AI, as well as accountability of top management. Responsibility must be assigned and documented.</li></ul><p>In other words: there is no obligation to appoint a specific person, but there is an obligation to assign responsibility clearly. And that needs someone to own it.</p><h2>What the role actually does</h2><ul><li>Maintain an overview of all AI systems in use (an inventory).</li><li>Initiate and track risk and impact assessments.</li><li>Maintain the AI policy and ground rules, and organise training (AI literacy).</li><li>Act as a point of contact, internally as well as for clients, auditors and supervisory authorities.</li><li>Build a bridge between management, IT, data protection and the business units.</li></ul><h2>One person or a committee?</h2><p>For small and mid-sized companies, a single named person in a part-time role is usually enough, ideally with a short line to management and close ties to data protection and information security. In larger or heavily regulated organisations, a small AI committee works well. What matters is not the title, but that responsibility is assigned unambiguously and documented in a way others can follow.</p><p>One thing stays true: top management carries the responsibility. The AI officer coordinates and takes operational load off leadership, but does not relieve management of its accountability.</p><blockquote>AI governance is not made by a title, but by the clear, documented assignment of responsibility. An AI officer is the simplest path to get there.</blockquote>]]></content:encoded>
    </item>
    <item>
      <title>How an Audit Works: The 7 Principles and Lifecycle</title>
      <link>https://der-ki-auditor.de/en/insights/how-an-audit-works/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/how-an-audit-works/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>What an audit really is, the seven principles that guide every auditor (ISO 19011), and how an audit runs step by step, from planning to follow-up.</description>
      <content:encoded><![CDATA[<p>Many people picture an &quot;audit&quot; as an inspection where someone goes looking for mistakes. That falls short. An audit is a systematic, independent and documented process for gathering and evaluating objective evidence of how well something meets defined criteria. It is not about catching people out; it is about producing a reliable picture.</p><h2>Three concepts that carry everything</h2><ul><li>Audit criteria: the yardstick, for example the standard, your own policies, or legal requirements.</li><li>Audit evidence: the facts, including documents, records, statements and observations.</li><li>Audit findings: the result of comparing the evidence against the criteria (conforming or not).</li></ul><h2>The seven principles behind every credible audit</h2><p>The methodology for management system audits is described in ISO 19011. Seven principles guide every auditor:</p><ul><li>Integrity: professional trustworthiness and honesty.</li><li>Fair presentation: reporting truthfully and accurately, including uncomfortable facts.</li><li>Due professional care: applying sound, appropriate professional judgement.</li><li>Confidentiality: handling all audit information with care.</li><li>Independence: remaining impartial and avoiding conflicts of interest.</li><li>Evidence-based approach: drawing conclusions only from evidence (sampling).</li><li>Risk-based approach: focusing the audit where the risk is greatest.</li></ul><blockquote>An audit never proves that &quot;everything is perfect.&quot; Using samples, it assesses whether the system demonstrably works, honestly and with a focus on risk.</blockquote><h2>First, second or third party?</h2><ul><li>First-party audit (internal): the organisation audits itself, which is mandatory in every management system.</li><li>Second-party audit: a customer audits its supplier (supplier audit).</li><li>Third-party audit: an independent certification body audits with the goal of certification.</li></ul><h2>The audit lifecycle</h2><p>Whatever the type, the process follows the same pattern:</p><ul><li>Initiation and planning: define the objective, scope, criteria and audit programme.</li><li>Preparation: review documents and prepare the audit plan and checklists.</li><li>Conduct: hold the opening meeting, gather evidence (interviews, observation, documents) and draw samples.</li><li>Reporting: classify the findings, produce the audit report and hold the closing meeting.</li><li>Closure and follow-up: track corrective actions and verify their effectiveness.</li></ul><p>It is the final step that decides the real value. An audit whose findings nobody acts on was a waste of time. That is why verifying the effectiveness of the corrective actions is an inseparable part of the process.</p>]]></content:encoded>
    </item>
    <item>
      <title>Accreditation, Certification, Audit: Who Does What?</title>
      <link>https://der-ki-auditor.de/en/insights/accreditation-certification-audit-who-does-what/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/accreditation-certification-audit-who-does-what/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Grundlagen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Accreditation body, certification body, lead auditor, consultant: who plays which role in the certification system, and why advice and certification must stay separate.</description>
      <content:encoded><![CDATA[<p>Plenty of terms circulate around certification: accreditation, certification, auditor, consultant. Confuse them, and you quickly buy the wrong thing. Yet the system follows a clear logic. It is a chain of trust with clearly defined roles.</p><h2>The chain of trust, from top to bottom</h2><ul><li>Accreditation body (in Germany, the DAkkS): oversees and accredits certification bodies. In effect, it certifies the certifiers.</li><li>Certification body: carries out the external audits and issues the certificate. It is itself accredited against international requirements.</li><li>Organization: has its management system audited and certified.</li></ul><p>This chain is exactly why an accredited certificate carries weight. It does not stand on its own; it is part of a supervised system.</p><h2>Who is allowed to do what?</h2><ul><li>Internal auditor: audits their own organization (a requirement), but may not issue certificates.</li><li>Consultant / implementer: helps build the management system.</li><li>Lead auditor (external): leads audits, including on behalf of certification bodies, with the corresponding qualification and audit experience.</li><li>Certification body: the only party that can issue the accredited certificate.</li></ul><h2>Why advice and certification are kept apart</h2><p>One core rule applies: whoever builds or advises on a system cannot also certify it. Otherwise you would be reviewing your own work, and independence would be gone. That is why the division of tasks makes sense. An implementation partner brings you to maturity, and the accredited body confirms it independently.</p><blockquote>This separation is not an obstacle but a safeguard for quality: preparation and judgment are deliberately placed in different hands.</blockquote><h2>System certification vs. person certification</h2><p>Two things are often mixed up. System certification confirms that an organization has a functioning management system. Person certification confirms an individual&apos;s qualification, for example as a lead auditor. Both are useful, but they are different kinds of evidence with different purposes.</p><p>For AI management systems under ISO/IEC 42001, this landscape is still taking shape: accreditation and certification bodies are positioning themselves, and qualified auditors remain scarce. That is an advantage for everyone who starts early.</p>]]></content:encoded>
    </item>
    <item>
      <title>AI Risk Management, Impact Assessment and DPIA Explained</title>
      <link>https://der-ki-auditor.de/en/insights/ai-risk-management-impact-assessment-dpia/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/ai-risk-management-impact-assessment-dpia/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>How to assess AI risks systematically (ISO 23894), how an AI impact assessment differs from classic risk management, and when it merges with the GDPR DPIA.</description>
      <content:encoded><![CDATA[<p>AI without risk consideration is like machinery without guards. That is why ISO/IEC 42001 requires organizations to assess and treat the risks of their AI systematically. Three terms get mixed up in the process, and it pays to keep them apart.</p><h2>Classic risk management: risk TO the organization</h2><p>Familiar risk management asks: what could harm my organization? With AI, that includes things like faulty model decisions, poor data quality, outages, or dependence on suppliers. ISO/IEC 23894 gives this approach depth and ties into the general risk standard ISO 31000: identify, analyze, evaluate, treat, monitor.</p><ul><li>Treatment options: avoid, reduce, transfer, or knowingly accept the risk.</li><li>AI-typical risk sources: bias, lack of robustness, drift in operation, missing transparency.</li><li>Important: risks are documented and their treatment is tracked, not assessed once and forgotten.</li></ul><h2>Impact assessment: risk FROM the AI to others</h2><p>This is where the decisive difference with AI lies. An AI system impact assessment (guidance: ISO/IEC 42005) does not ask what harms the organization, but what effects the AI has on affected people and society, for example on applicants, customers, or patients. Classic risk management does not capture this outward perspective in the same way, and it is exactly what responsible use of AI demands.</p><h2>DPIA: the data protection impact assessment</h2><p>If the AI processes personal data that is likely to result in a high risk, the GDPR (Art. 35) requires a data protection impact assessment (DPIA). In substance it overlaps heavily with the AI impact assessment, since both ask about the consequences for people.</p><blockquote>Where AI processes personal data, it pays to combine the AI impact assessment and the DPIA into one consolidated document instead of two separate compliance exercises.</blockquote><h2>Why these belong together</h2><p>ISO/IEC 42001 forces you to take both viewpoints: the risk to the organization and the effect on the outside world. It is precisely this dual perspective that turns &quot;we use AI&quot; into a responsible, auditable practice, and it incidentally produces the evidence that the EU AI Act requires for high-risk systems.</p>]]></content:encoded>
    </item>
    <item>
      <title>Annex A &amp; Statement of Applicability Explained</title>
      <link>https://der-ki-auditor.de/en/insights/annex-a-statement-of-applicability/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/annex-a-statement-of-applicability/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>What Annex A of ISO 42001 delivers, what a Statement of Applicability is, and why this document becomes your most important guide in the audit.</description>
      <content:encoded><![CDATA[<p>Anyone opening ISO 42001 (or 27001) for the first time runs into two terms: Annex A and the Statement of Applicability. The two are connected, and they are among the most important tools in any audit.</p><h2>What is Annex A?</h2><p>Annex A is a catalogue of controls, that is, concrete measures an organization uses to get its risks under control. In ISO 42001 these are organizational and governance controls around AI, grouped by area: AI policy, roles and resources, impact assessment of AI systems (effects on individuals and on society), the AI lifecycle, data for AI systems (quality and provenance), transparency and information for interested parties, responsible use, and the handling of third parties and suppliers.</p><p>Important: Annex A is deliberately generic and organizational. Model-specific technical tests, such as for bias, robustness, or adversarial attacks, must be planned in addition; the annex does not replace them.</p><h2>What is the Statement of Applicability (SoA)?</h2><p>The Statement of Applicability is the document that records, for each control: Does it apply to us? Why (or why not)? And what is its implementation status? It is the bridge between your risk assessment and the concrete measures.</p><ul><li>Which controls are applicable, derived from the risk assessment?</li><li>Justification for the inclusion or exclusion of each control.</li><li>Implementation status: planned, implemented, effective?</li></ul><h2>Why the SoA is the heart of the audit</h2><p>For the auditor, the Statement of Applicability is the map through the entire system: it shows what you have declared relevant, and that is exactly what gets sampled for effectiveness. A well-considered, honest SoA is therefore half the battle; an empty or whitewashed one stands out immediately.</p><blockquote>The SoA is not a bureaucratic form but the map of your management system, for yourself just as much as for the auditor.</blockquote><h2>Risk-based, not a tick-box list</h2><p>The decisive point: controls are not adopted as &quot;all implemented&quot; across the board but selected risk-based. An exclusion is entirely legitimate, as long as it is justified. It is precisely this traceable logic from risk to measure that an audit wants to see.</p>]]></content:encoded>
    </item>
    <item>
      <title>What Is an ISO Standard and a Management System?</title>
      <link>https://der-ki-auditor.de/en/insights/what-is-an-iso-standard-and-a-management-system/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/what-is-an-iso-standard-and-a-management-system/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Grundlagen</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO standard, management system, Annex SL and PDCA explained clearly. What &quot;ISO/IEC&quot; really means and why 9001, 27001 and 42001 are so alike.</description>
      <content:encoded><![CDATA[<p>&quot;We do it according to ISO.&quot; You hear that sentence a lot, but what does it actually mean? Anyone who wants to introduce or have a management system audited should keep two terms cleanly apart: the standard and the management system. The two are connected, but they are not the same thing.</p><h2>What is a standard?</h2><p>A standard is a voluntary document developed by consensus. ISO is the International Organization for Standardization, based in Geneva, where national standards bodies work together. A standard describes how to do something &quot;according to recognized good practice.&quot; It is not a law, yet it can become effectively binding through contracts, tenders or regulation.</p><p>A label such as &quot;ISO/IEC 27001&quot; already tells you something about a standard&apos;s pedigree: ISO is the international body, IEC the International Electrotechnical Commission, and the two publish information-security and AI standards jointly. In Europe and Germany the same text is then adopted as &quot;EN&quot; and &quot;DIN&quot; respectively. The content stays identical, only the level of adoption changes.</p><h2>What is a management system?</h2><p>A management system is the way an organization steers a particular topic, using objectives, roles, processes, documents and controls. A quality management system (QMS) steers quality, an information security management system (ISMS) steers information security, and an AI management system (AIMS) steers the responsible use of AI.</p><p>A management system standard sets out the requirements for such a system, not for a single product. An ISO 9001 certificate therefore says something about how you work, not about a specific manufactured part.</p><h2>Why the standards look so similar: Annex SL</h2><p>Modern management system standards, including ISO 9001, ISO/IEC 27001 and ISO/IEC 42001, follow a common backbone called the &quot;Harmonized Structure&quot; (formerly Annex SL / High Level Structure). As a result they share the same clauses: context of the organization, leadership, planning, support, operation, performance evaluation and improvement.</p><ul><li>Context: Who are we, which interested parties exist, and what is the scope?</li><li>Leadership: Top management takes responsibility and sets a policy.</li><li>Planning: Risks and opportunities are assessed and objectives are set.</li><li>Support &amp; operation: Resources, competence, documentation and processes that are actually lived.</li><li>Performance evaluation &amp; improvement: internal audit, management review, corrective actions.</li></ul><p>The big advantage: anyone already living ISO 9001 will recognize the same logic in ISO/IEC 27001 or ISO/IEC 42001, and can integrate the systems instead of maintaining three separate bureaucracies.</p><h2>The core principle: PDCA</h2><p>Behind every management system sits the PDCA cycle: Plan, Do, Check, Act. A management system is therefore never &quot;finished&quot;. It is an ongoing loop of continual improvement. And that is exactly what an audit examines: is the loop genuinely being lived?</p><h2>Certifiable, or just a guideline?</h2><p>Not every ISO publication is certifiable. Requirements standards such as 9001, 27001 or 42001 (recognizable by the word &quot;shall&quot;) are the basis for a certificate. Alongside them sit guidance documents and technical reports that only offer orientation and are not certified against. So if you are aiming for certification you need the right standard, plus an accredited certification body to issue it.</p><blockquote>A management system is never &quot;finished&quot;. It is an ongoing loop of continual improvement, and an audit asks whether that loop is genuinely being lived.</blockquote>]]></content:encoded>
    </item>
    <item>
      <title>The ISO 42001 Family: How the AI Standards Fit Together</title>
      <link>https://der-ki-auditor.de/en/insights/iso-42001-family-of-standards-overview/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/iso-42001-family-of-standards-overview/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>ISO 42001</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>ISO/IEC 42001 doesn&apos;t stand alone. How 42005, 42006, 23894, 22989 and 38507 work together, and which standard answers which question.</description>
      <content:encoded><![CDATA[<p>ISO/IEC 42001 is the certification standard for AI management systems, but it doesn&apos;t stand alone. Around it sits a family of companion standards, each going deeper on a specific aspect. Once you have the overview, you know where to look something up instead of getting lost.</p><h2>The central standard: the &quot;what&quot;</h2><p>ISO/IEC 42001 defines the requirements for the management system, in other words what has to be in place: policy, roles, risk assessment, controls, improvement. It is the only standard in the family you can actually get certified against.</p><h2>The companion standards: the &quot;how&quot; and &quot;how deep&quot;</h2><ul><li>ISO/IEC 42005, AI System Impact Assessment: how to evaluate the consequences for affected people and for society.</li><li>ISO/IEC 23894, AI risk management: deepens the risk work and ties into the generic risk standard ISO 31000.</li><li>ISO/IEC 22989, Terminology and concepts: the shared vocabulary that ISO/IEC 42001 refers to.</li><li>ISO/IEC 23053, Framework for AI/ML systems: the technical vocabulary for the architecture.</li><li>ISO/IEC 38507, Governance implications of AI: the perspective of top management.</li><li>ISO/IEC 42006, Requirements for bodies certifying AIMS: relevant for accreditation, not for the organization being audited.</li></ul><h2>And the standards for the auditor?</h2><p>Two further standards are less about content and more about method. ISO 19011 provides the audit methodology for management systems, while ISO/IEC 17021-1 sets the requirements for certification bodies. They don&apos;t define what makes a good AI system, but how cleanly an organization is audited and certified.</p><blockquote>Rule of thumb: ISO/IEC 42001 says WHAT an AI management system needs. The companion standards say HOW to do the individual parts well. ISO 19011 and ISO/IEC 17021-1 say how the whole thing is audited.</blockquote><h2>What this means in practice</h2><p>For an audit or an implementation you don&apos;t need the entire library. ISO/IEC 42001 is the anchor; you reach for ISO/IEC 23894 and ISO/IEC 42005 when risk and impact assessment need real depth; ISO/IEC 38507 helps the leadership level. What matters is knowing the right standard for the right question, and that is precisely part of an auditor&apos;s competence.</p>]]></content:encoded>
    </item>
    <item>
      <title>Internal Audit &amp; Management Review: The Overlooked Duty</title>
      <link>https://der-ki-auditor.de/en/insights/internal-audit-and-management-review/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/internal-audit-and-management-review/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>Every management system requires internal audit and management review. What each delivers, why the certification body checks them first, and how they drive improvement.</description>
      <content:encoded><![CDATA[<p>Two requirements appear in every modern management system standard, and they are the ones most often underestimated by small and mid-sized organizations: the internal audit and the management review. They are not a tiresome formality. They are the built-in engine of improvement.</p><h2>The internal audit</h2><p>In an internal audit, the organization checks itself, in a planned way, against its own audit program. Independence is essential: no one should audit their own work. In small operations you solve this through peer audits, contracted internal auditors, or a clear separation of roles.</p><ul><li>An audit program defines what is audited, when, and in what depth.</li><li>The findings feed into corrective actions and into the management review.</li><li>The goal is not to tick a box, but to get an honest picture before the external audit.</li></ul><h2>The management review</h2><p>In the management review, top management looks at the entire system at planned intervals: Is it working? Is it meeting its objectives? Where does it need to be adjusted? This is the moment when leadership visibly takes ownership.</p><p>Typical inputs are audit results, performance indicators, risks and opportunities, feedback from interested parties, changes, and the status of open actions. Typical outputs are decisions on improvements, resources, and objectives.</p><blockquote>The internal audit supplies the facts, the management review makes the decisions. Together they keep the PDCA cycle turning.</blockquote><h2>Why the certification body looks here first</h2><p>In a certification audit, the internal audit and the management review are among the first records requested, often already in Stage 1. The reason is simple: an organization that does not assess and review itself cannot have a living management system. If they are missing, the audit fails before it has really begun.</p><h2>The most common mistakes</h2><ul><li>Running the internal audit pro forma just before the external audit.</li><li>Treating the management review as a minute-taking exercise with no real decisions.</li><li>Documenting findings, but never verifying that the corrective actions were effective.</li></ul>]]></content:encoded>
    </item>
    <item>
      <title>How an External Certification Audit Works: Stage 1 and Stage 2</title>
      <link>https://der-ki-auditor.de/en/insights/how-an-external-certification-audit-works/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/how-an-external-certification-audit-works/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>From contract to certificate: how the two-stage certification audit (Stage 1 and Stage 2) works, what gets checked, and who makes the final decision.</description>
      <content:encoded><![CDATA[<p>Anyone pursuing an ISO certification goes through a clearly defined, two-stage process at an accredited certification body. If you understand how it works, you walk in without surprises, and that is half the battle won.</p><h2>Before you start: proposal and contract</h2><p>You sign a contract with a certification body. The body plans the audit based on your scope, your headcount and the complexity of your operation, and from this it derives the number of audit days. One important point: a body that certifies you may not, for reasons of independence, also act as your consultant.</p><h2>Stage 1: the readiness review</h2><p>In the first stage, the auditor focuses primarily on your documentation and your fundamental audit readiness. Is there a policy, a defined scope, a risk assessment, the core procedures and, depending on the standard, evidence such as a Statement of Applicability? Stage 1 exists to surface gaps early, to plan the Stage 2 date and to avoid surprises later.</p><ul><li>Review of the documented information and the scope</li><li>Assessment of whether an internal audit and a management review have been carried out</li><li>Clarification of sites, key processes and open issues</li><li>Outcome: readiness for Stage 2, or a list of gaps to close</li></ul><h2>Stage 2: the on-site audit</h2><p>The second stage is about effectiveness: is what is written on paper actually lived in practice? On site (or remotely), the auditor gathers evidence through interviews, observation and examination of records. The entire standard is assessed, with a risk-based focus on the areas that matter most.</p><p>A typical flow: an opening meeting, an audit of leadership and of the core processes along the clauses of the standard, a continuous log of findings, and finally a closing meeting where the results are presented.</p><h2>Findings, corrective actions, decision</h2><p>You must respond to nonconformities with corrective actions and a root cause analysis; for major nonconformities, evidence is required before the certificate can be issued. The actual certification decision is then made by a body within the certification body that is independent of the audit team, not by the auditor.</p><p>A certificate is usually valid for three years, but only as long as the annual surveillance audits confirm that the system continues to be lived.</p><h2>The role of preparation</h2><p>This is exactly where the leverage lies. If you run an honest gap analysis and an internal audit &quot;the way the certification body would&quot; before the external audit, you already know your weak points. The external audit then becomes a confirmation rather than a risk.</p>]]></content:encoded>
    </item>
    <item>
      <title>Audit Findings: Major, Minor and Observations Explained</title>
      <link>https://der-ki-auditor.de/en/insights/understanding-audit-findings-nonconformities/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/understanding-audit-findings-nonconformities/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>What audit findings mean, from a major nonconformity to an opportunity for improvement, and how to respond with correction, root cause and effectiveness.</description>
      <content:encoded><![CDATA[<p>An audit report lists findings, and for many people the word &quot;nonconformity&quot; alone sounds threatening. Yet findings are the most valuable outcome of an audit: they show exactly where you need to act. What matters is understanding the severity levels and responding to them correctly.</p><h2>The severity levels of a finding</h2><ul><li>Major nonconformity: a systemic failure or a serious risk. A requirement is not met, or the system is at risk of failing.</li><li>Minor nonconformity: an isolated case or a small gap that does not fundamentally call the overall system into question.</li><li>Observation: not yet a nonconformity, but an early warning signal worth keeping an eye on.</li><li>Opportunity for improvement: a suggestion for doing things even better, with no obligation attached.</li></ul><p>The difference between a major and a minor nonconformity is not arbitrary. It comes down to systematics and risk. A single forgotten record is judged differently from a process that simply does not exist.</p><h2>The right response in three steps</h2><ul><li>Correction (immediate): fix the specific problem right away.</li><li>Root cause analysis: understand why it happened, not just the symptom.</li><li>Corrective action (CAPA): eliminate the cause so it does not recur, then verify that the action was effective.</li></ul><p>If you only fix the symptom, you will see the same nonconformity again at the next audit. Root cause analysis is the real lever.</p><h2>What does this mean for certification?</h2><p>A major nonconformity must, as a rule, be demonstrably closed before the certificate can be issued. For minor nonconformities, an accepted action plan is usually sufficient, with its implementation reviewed at the next surveillance audit. A clean, honest root cause analysis counts for more than a quick cosmetic fix.</p><h2>The right mindset</h2><p>Mature organizations welcome findings. They are free, expert pointers to real weaknesses, identified in the protected setting of an audit rather than in an actual incident. Once you internalize that, the audit becomes a tool for improvement instead of a source of exam-style anxiety.</p><blockquote>Findings are the most valuable outcome of an audit: they show exactly where you need to act.</blockquote>]]></content:encoded>
    </item>
    <item>
      <title>After Certification: Surveillance and Recertification</title>
      <link>https://der-ki-auditor.de/en/insights/surveillance-audit-recertification-cycle/</link>
      <guid isPermaLink="true">https://der-ki-auditor.de/en/insights/surveillance-audit-recertification-cycle/</guid>
      <pubDate>Tue, 26 May 2026 00:00:00 GMT</pubDate>
      <category>Audit-Praxis</category>
      <dc:creator>Lars Zimmermann</dc:creator>
      <description>An ISO certificate runs on a three-year cycle. How surveillance audits and recertification work, and when a certificate can be suspended.</description>
      <content:encoded><![CDATA[<p>Many teams breathe a sigh of relief after the certification audit: &quot;Done.&quot; But a certificate is not a trophy for the cabinet. It is a promise that has to be confirmed continuously. It lives on a three-year cycle.</p><h2>The three-year cycle</h2><ul><li>Year 0: certification audit (Stage 1 + Stage 2), the certificate is granted.</li><li>Year 1: first surveillance audit.</li><li>Year 2: second surveillance audit.</li><li>Year 3: recertification audit, the certificate is renewed for the next cycle.</li></ul><h2>The surveillance audit</h2><p>Surveillance audits are shorter than the certification audit, but they look specifically at whether the management system is still being lived and improved. A few elements are almost always on the list:</p><ul><li>The internal audit and management review carried out since the last visit</li><li>How complaints, incidents and changes have been handled</li><li>The status of the agreed corrective actions</li><li>Correct use of the certificate and the certification mark</li></ul><h2>Recertification</h2><p>At the end of the cycle comes a more comprehensive reassessment of the entire system, similar to the first certification audit, but with an eye on how the system has developed over the three years. After that, the cycle starts again.</p><blockquote>A management system is never &quot;finished.&quot; That is exactly the point of the cycle: continual improvement instead of a one-off heroic effort.</blockquote><h2>What happens if the system goes to sleep?</h2><p>If a surveillance audit finds that the system is no longer being lived, the certification body can suspend the certificate and, in serious cases, withdraw it. Anyone who treats the cycle as routine from day one, internal audit, management review, well-maintained actions, never runs into that problem.</p>]]></content:encoded>
    </item>
  </channel>
</rss>
