DS-JUN26-PG18+19_Layout 1 15/06/2026 11:15 Page 2
AI IN DESIGN & MANUFACTURING FEATURE
(AIMS). It provides a structured framework for organisations to implement and operate AI systems, analyse risks and establish protective measures. As AI introduces risks that traditional IT standards aren’t equipped to handle, such as algorithmic bias or hallucinations, ISO 42001 helps manage these through specific requirements. ISO/IEC 42001 can be easily integrated into any
existing management systems, such as the widely used quality management standard ISO 9001 or information security management standard ISO 27001. All three standards support a management system implementation that can be adapted to individual corporate structures, enabling needs-based integration into existing processes. Organisations should take full advantage of this flexibility by establishing concrete and effective measures for controlling and monitoring AI deployment. Otherwise, the AI management system remains a paper tiger – in theory it may look good, but in practice it has no effect. Rather than prescribing specific technical
solutions, ISO/IEC 42001 outlines what processes and controls need to be in place for responsible AI management. Key aspects of the standard include: • Organisation-wide scope – ISO 42001 certifies an organisation’s AI governance processes, rather than products, applying broadly across roles in the AI value chain.
Scaling ai To harness the full potential of AI, organisational readiness must be assessed and risks managed effectively so that the AI system is fit for large-scale deployment. Risks include those associated with safety, security, legality, ethics, performance and sustainability. Effective due diligence reduces the likelihood
of occurrence and demonstrates that proportionate measures have been taken to address the risk or the consequence. All aspects along the lifecycle of an AI system and its data must be covered, including data preparation and quality, model development and fairness, deployment readiness, and ongoing monitoring and feedback. The organisation must therefore be fully prepared, both technically and culturally, for widespread adoption, making staff training and effective incident response essential.
Quality conSiderationS As AI systems are increasingly being integrated into critical infrastructure, poor AI quality can result in hallucination or biased decisions. An AI hallucination is when it presents a confident, grammatically correct and persuasive response that in reality is factually incorrect or nonsensical. As AI models learn by identifying patterns
in massive datasets, they act like a mirror. If training data contains human prejudices, AI responses will reflect those biases, having significant implications for product reliability and liability.
uSing iSo 42001 to manage ai riSkS ISO/IEC 42001:2023 is the first internationally recognised standard for AI management systems
www.designsolutionsmag.co.uk
• Risk management focus – the standard requires continuous identification and mitigation of AI-related risks such as bias, safety and security.
• Accountability and governance – Leadership must ensure clear roles, oversight and policies for ethical and accountable AI use.
• Comprehensive AI lifecycle controls – ISO 42001 mandates controls across data, models, deployment, oversight and third- party risks throughout the AI lifecycle
• Incident response and continuous improvement – Organisations must have processes for handling AI incidents and continuously improving governance in line with risks and regulations. However, AI governance is not solely a topic
for the IT department as seemingly harmless systems, such as automated fault diagnosis or AI-driven production scheduling, can introduce bias. An AIMS will help to keep processes and decisions transparent and controllable by prompting companies through structured risk management to address bias risks, fairness criteria, and to regularly monitor and optimise the algorithms used. This is particularly important where AI-generated decisions are used to support or replace engineering judgement. Although ISO/IEC 42001:2023 certification is not
a regulatory requirement, it represents a solid basis for compliance with current and future AI regulations, helping organisations manage their AI responsibly in the long term. A certified AIMS helps to secure innovations, minimise risks, and increase the trust of stakeholders and customers. At the centre of the certification process is the
audit, in which all processes for AI development, use and monitoring, as well as prescribed measures for risk minimisation (if applicable) are examined. To lay the foundation for a successful
JUNE 2026 DESIGN SOLUTIONS 19
audit, those responsible should involve all relevant company areas early on and promote an open communication culture. Developers, decision-makers, and users must
demonstrate to auditors that they systematically deal with the specific risks of their AI solutions. The first stage of the audit focuses on the certification readiness of the management system and on the defined scope of AI applications and systems, as well as their documentation. Stage two examines the implementation and effectiveness of the normative requirements of the management system. If minor deviations are identified, the company must take measures and rectify the gaps within a deadline, while major or potentially critical deviations will require a follow-up review at shorter intervals.
“Any organisation
deploying AI within its systems must
integrate technical safeguards with ethical and legal
compliance across the entire AI lifecycle”
An AI assurance platform is a cost-effective
means of identifying and tracking risk. It provides assurance evidence to auditors, regulators and customers that the business has conducted appropriate due diligence and can effectively reduce risk and liability, whether deploying a simple process optimisation algorithm or something more complex. AI deployment offers significant benefits
for design engineers, but complex regulatory and ethical landscapes must be successfully addressed. Frameworks such as the ISO/IEC 42001 standard will help an organisation with technical and legal compliance. Proactive risk management and transparent governance are essential to building innovative AI systems that are trustworthy.
TÜV SÜD Business Assurance
www.tuvsud.com/en-gb/services/
assurance Chris Whyborn
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52
