ISO/IEC 42001 by industry
ISO/IEC 42001 for your sector
AI risk isn't the same everywhere. A hiring algorithm, a credit model and a diagnostic tool face different regulations, different failure modes and different controls. These pages map ISO/IEC 42001 — and the toolkit — to the sectors where AI governance is most tightly regulated.
High-regulation sectors
Start where the compliance pressure is highest
Each of these uses AI in ways the EU AI Act classifies as high-risk. Pick your sector for the specific risks, controls and templates:
HR & recruitment
CV screening, candidate ranking, targeted job ads and performance monitoring — with bias front and centre.
Read the sector page Annex III — high-riskFinancial services & fintech
Credit scoring, risk pricing, fraud and AML — under model-risk, DORA and fair-lending scrutiny.
Read the sector page Annex I & III — high-riskHealthcare & medical AI
Diagnosis, triage and clinical decisions — patient safety, MDR/IVDR and health-data rules.
Read the sector pageMore sectors
Also high-risk under the EU AI Act
Dedicated pages for these are on the way; the toolkit already covers them today: insurance, public sector and government, education & edtech, and critical infrastructure and energy. Using AI in one of these and want guidance now? Get in touch.
Why sector matters
Same standard, different applicability
ISO/IEC 42001 is one framework, but the Statement of Applicability, the impact assessments and the priority controls look different per sector. A sector lens tells you which of the 38 Annex A controls carry the most weight for you, which kit documents to complete first, and which regulators you'll answer to — so you spend effort where the risk actually is.
Get the toolkit that fits your sector
One package, 82 documents, mapped to ISO/IEC 42001 and the EU AI Act — ready to tailor to your industry's AI systems.