EN 1090 vs ISO/IEC 42001:2023
EN 1090
EU standards for execution and CE marking of structural metals
ISO/IEC 42001:2023
International standard for AI management systems.
Quick Verdict
EN 1090 mandates CE marking for structural steel/aluminium in EU construction, while ISO/IEC 42001:2023 provides voluntary AIMS framework for global AI governance. Fabricators adopt EN 1090 for market access; AI firms choose 42001 for ethical compliance and trust.
EN 1090
EN 1090: Execution of steel and aluminium structures
Key Features
- Enables CE marking for structural steel/aluminium components
- Risk-based Execution Classes (EXC1-EXC4) scaling requirements
- Mandates certified Factory Production Control (FPC) system
- Specifies technical execution rules for steel (EN 1090-2)
- Integrates ISO 3834 welding quality management
ISO/IEC 42001:2023
ISO/IEC 42001:2023 AI Management Systems
Key Features
- PDCA-based framework for AI lifecycle governance
- Mandatory AI Impact Assessments for high-risk systems
- Annex A: 38 AI-specific controls
- Third-party risk management and monitoring
- Seamless integration with ISO 27001/9001
Detailed Analysis
A comprehensive look at the specific requirements, scope, and impact of each standard.
EN 1090 Details
What It Is
EN 1090 is a harmonized European standard series (EN 1090-1, -2, -3) under the Construction Products Regulation (CPR). It governs conformity assessment and technical execution of structural steel and aluminium components/kits for construction works. Primary purpose: enable CE marking via risk-based controls. Key approach: Execution Classes (EXC1-EXC4) scaling requirements by failure consequence, service, and production categories.
Key Components
- **EN 1090-1FPC certification, DoP, AVCP systems, notified body oversight.
- **EN 1090-2/-3Material traceability, welding (ISO 3834), tolerances, corrosion protection, NDT inspection. Built on risk-proportionate principles; certification model requires notified body initial audit and surveillance.
Why Organizations Use It
Mandatory for EU/EEA market access; reduces liability, ensures traceability. Benefits: defect reduction, rework minimization, qualified personnel. Builds stakeholder trust, unlocks high-risk projects (EXC3/4), competitive edge via certified quality.
Implementation Overview
Phased: gap analysis, FPC build, welding quals, NB certification (3-12 months). Applies to fabricators globally targeting Europe; suits SMEs to enterprises. Involves training, digital traceability, ongoing surveillance audits.
ISO/IEC 42001:2023 Details
What It Is
ISO/IEC 42001:2023 is the world's first international standard for establishing, implementing, maintaining, and improving an Artificial Intelligence Management System (AIMS). It provides a certifiable framework using the Plan-Do-Check-Act (PDCA) methodology and High-Level Structure (HLS) to manage AI risks and opportunities responsibly across the full AI lifecycle.
Key Components
- Clauses 4-10 cover context, leadership, planning, support, operation, evaluation, and improvement.
- Annex A with 38 AI-specific controls for data, transparency, integrity, and resiliency.
- Built on PDCA and HLS for integration with ISO 9001/27001; includes AI Impact Assessments (AIIAs).
- Third-party certification via accredited auditors, with 3-year validity and surveillance.
Why Organizations Use It
- Mitigates AI risks like bias, drift, and ethics; aligns with EU AI Act.
- Enhances trust, reputation, and procurement advantages (e.g., Microsoft SSPA).
- Drives innovation, compliance, and ROI via cost savings and insurance discounts.
Implementation Overview
- Phased gap analysis, risk assessments, training; 6-12 months typical.
- Applicable to all sizes/sectors/AI roles; integrates existing MSS for efficiency.
Key Differences
| Aspect | EN 1090 | ISO/IEC 42001:2023 |
|---|---|---|
| Scope | Execution and conformity of steel/aluminium structures | AI management systems across full lifecycle |
| Industry | Construction, fabrication; EU/EEA focus | All industries worldwide, any AI role |
| Nature | Harmonized standard enabling mandatory CE marking | Voluntary international management system standard |
| Testing | FPC certification, ITT/ITC, ongoing NB surveillance | Internal audits, management reviews, third-party certification |
| Penalties | Market exclusion, legal liability without CE mark | Loss of certification, reputational damage |
Scope
Industry
Nature
Testing
Penalties
Frequently Asked Questions
Common questions about EN 1090 and ISO/IEC 42001:2023
EN 1090 FAQ
ISO/IEC 42001:2023 FAQ
You Might also be Interested in These Articles...
The Panoramic View: How Integrated Compliance Monitoring Creates Unprecedented Organizational Visibility and Adaptability
Gain unprecedented organizational visibility with integrated compliance monitoring. Automate real-time alerts, ensure GDPR & SOC 2 adherence, reduce risks, and
Top 10 Cost-Saving Hacks for CMMC Compliance: Budgeting Blueprints for Small DIB Suppliers
Slash CMMC costs 30-50% with top 10 hacks for small DIB suppliers. Enclave scoping, FedRAMP clouds, automation, POA&M tips & budgeting blueprints for Level 2 co
The NIS2 "FTE Trap": Why 5 Analysts for 24/7 Security is Actually 8 (and Why the Board Needs to Know)
Exposed: NIS2 FTE Trap math shows 5 analysts fail 24/7 coverage due to sickness, training, leave & 2026 churn. Line-by-line breakdown for compliance. Alert your
Run Maturity Assessments with GRADUM
Transform your compliance journey with our AI-powered assessment platform
Assess your organization's maturity across multiple standards and regulations including ISO 27001, DORA, NIS2, NIST, GDPR, and hundreds more. Get actionable insights and track your progress with collaborative, AI-powered evaluations.
Explore More Comparisons
See how EN 1090 and ISO/IEC 42001:2023 compare against other standards