With RISCPoint, A-LIGN, and Vanta, customers get a one-of-a-kind experience that covers all aspects of reaching your goals of achieving an optimized ISO 42001 program. You get the best of all worlds: RISCPoint: As an industry-leading management consulting firm, RISCPoint specializes in cybersecurity compliance and risk management. They offer intentional design and process optimization through their custom strategies and hands on program implementation. A-LIGN: With over 20 years of ISO audit experience and more than 2,000 ISO audits completed, A-LIGN delivers efficient, cutting-edge auditing services that enhance the impact of strategic advisory and tool choices. Vanta: The world's leading Trust Management platform that simplifies security and compliance processes for organizations by automating evidence collection and offering continuous controls monitoring to manage risk effectively. With the combined expertise of three leading AWS Partners this comprehensive bundle delivers a world-class, end-to-end solution optimizing the process of aligning with ISO 42001 by leveraging each partner’s unique core competencies and skillsets:

• RISCPoint ISO 42001 services begin with achieving an in-depth understanding of your company and objectives, integrating our deep Vanta expertise to create and implement a sustainable program. This includes assessing gaps to the framework and helping the customer close those gaps with hands-on consulting and implementation services. The customer can be rest assured that they will be ready before they go forward with an external audit against the ISO 42001 framework and its requirements.

• A-LIGN's ISO 42001 certification services offer a comprehensive solution for companies looking to demonstrate conformity of their Artificial Intelligence Management System (AIMS) of the in-scope services with international standards. This certification provides assurance to customers and stakeholders that a company can manage the security of their digital and physical assets, reduce the likelihood and impact of security incidents, and identify issues through nonconformities. ISO 42001 certifications are broken up into two stages to ensure that the organization's Artificial Intelligence Management System (AIMS) meets the standard's requirements.

• Vanta helps you establish a lightweight, manageable AIMS built on security & privacy, not just compliance. Choose from over a dozen customizable templates to help define the scope of your AIMS, assign roles and responsibilities, identify risks and vulnerabilities, implement mitigation measures, and explicitly demonstrate your organization’s compliance with ISO 42001 requirements.

Stage 1 and Stage 2 Activities for ISO 42001 Certification:

Stage 1: During Stage 1, A-LIGN will review the organization's AIMS documentation to ensure that it meets the requirements of ISO 42001. A-LIGN will also verify the organization's readiness for a Stage 2 audit. This stage is typically completed on-site, although it can also be done remotely.

The objectives of the Stage 1 audit include:

• Reviewing the organization's AIMS documentation • Confirming that the documentation is complete and meets the requirements of ISO 42001 • Verifying the organization's readiness for a Stage 2 audit • Providing feedback and recommendations to the organization on any areas that need improvement before the Stage 2 audit

Stage 2: During Stage 2, A-LIGN will conduct a comprehensive audit of the organization's AIMS to ensure that it is being implemented effectively and is meeting the requirements of ISO 42001. This stage is typically completed on-site, although it can also be done remotely.

The objectives of the Stage 2 audit include:

• Evaluating the effectiveness of the organization's AIMS in meeting the requirements of ISO 42001 • Verifying the implementation of controls identified in the Stage 1 audit • Assessing the organization's performance against its own policies and objectives • Identifying any areas of nonconformity and recommending corrective actions • Providing the organization with a report of the audit findings, including any nonconformities, observations, and recommendations for improvement.

The two-stage approach provides a systematic and thorough assessment of the organization's AIMS, allowing any deficiencies to be identified and remedied before certification. This approach ensures that the certification process is rigorous and that the organization's AIMS meets the requirements of ISO 42001. For custom pricing and audit packaging or demo, please contact aws-marketplace@a-lign.com

A-LIGN, RISCPoint and Vanta are active participants in the AWS Global Security & Compliance Acceleration (GSCA) Program.