Toolkit bundle

ISO 27001 & ISO 42001 Dual Engine

Translate existing ISMS strength into an integrated ISO 27001 and ISO/IEC 42001 control and policy system.

Best for: ISO 27001 to ISO/IEC 42001 integration.

Each bundle combines complementary AIBI Systems toolkits into a focused route. Toolkit 6 is now available in the AI Risk & Lifecycle Control bundle and the Complete System Bundle.

£1,395 inc. VAT bundle price £1,694 inc. VAT individually. Save £299 (18%). 25 artefacts included
Toolkit 2Toolkit 4
Your Implementation Route

Two toolkits. One connected governance baseline.

Step 1 Week 1-4
TK2 - ISO 27001 & ISO/IEC 42001 Integration Engine
assess
Map ISO 27001 controls to ISO/IEC 42001 requirements
Identify integration gaps across both standards
Build a unified control framework
📄 Deliverable: Integrated Controls Map
Step 2 Week 5-8
TK4 - Unified ISO 27001 & ISO/IEC 42001 Policy System
manage
Deploy a unified policy library across both standards
Align policies to your integrated control framework
Build audit-ready policy evidence
📄 Deliverable: Unified Policy Library
🎯
End result: An integrated ISO 27001 and ISO/IEC 42001 control and policy system Controls mapped, policies aligned, and audit evidence linked

Available now

Instant digital download
25 artefacts. No subscription. One-off purchase.
£1,395inc. VAT
Get the bundle - £1,395 inc. VATCompare bundles

🔒 Secure checkout via Lemon Squeezy ⚡ Instant delivery to your email 📄 7-day refund policy 👤 Your governance data stays with you

Included in this bundle

  • Toolkit 2 - ISO 27001 & ISO 42001 Integration Engine
  • Toolkit 4 - Unified ISO 27001 & ISO 42001 Policy System

£1,694 inc. VAT individually. Save £299 (18%).

25 artefacts included across Toolkit 2 and Toolkit 4.

Includes all current files from Toolkit 2 and Toolkit 4, delivered as a one-off digital download.

Outputs may be shared with auditors, customers, regulators, and advisers for assurance.

By the end of implementation you will have

  • An integrated control model that avoids running ISO/IEC 42001 as a parallel system.
  • A unified policy spine aligned to ISO 27001 and ISO/IEC 42001.
  • Cleaner evidence mapping and assurance navigation.
  • A more coherent audit story across controls, policies, and governance ownership.

Designed for

  • Organisations with an existing ISO 27001 foundation adding AI governance.
  • ISMS, compliance, and risk leaders who want one joined-up architecture.
  • Teams preparing for customer assurance, internal audit, or ISO/IEC 42001 readiness.
  • Organisations that want to avoid duplicating controls, policies, or evidence.

Toolkit contribution comparison

Use this matrix to compare what each included toolkit contributes, what it costs, and what manual work it replaces.

Capability
PrimarySupportingBlank = not relevant
TK2 - ISO 27001 & ISO/IEC 42001 Integration EngineTK4 - Unified ISO 27001 & ISO/IEC 42001 Policy System
Integrated control mapping
 Primary Maps ISO 27001 and ISO/IEC 42001 into one control architecture. Supporting Uses the mapped structure to anchor policy.
Policy system
 Supporting Shows how controls flow into governance documents. Primary Provides the unified policy suite.
Evidence architecture
 Primary Defines evidence logic, overlap treatment, and audit navigation. Supporting Translates evidence expectations into policies.
Implementation sequencing
 Primary Explains how to integrate without duplication. Supporting Provides policy rollout sequence and usage guidance.
Audit and assurance narrative
 Primary Explains the control integration logic. Primary Explains the policy structure and supporting narrative.
Price
£995inc. VAT£699inc. VAT
What it replaces
Replaces manual clause-by-clause mapping between ISO 27001 and ISO/IEC 42001.Replaces drafting and reconciling separate ISO 27001 and ISO/IEC 42001 policy documents.

Toolkit 2 - ISO 27001 & ISO 42001 Integration Engine

£995 inc. VAT

  • Integrated control mapping: Maps ISO 27001 and ISO/IEC 42001 into one control architecture.
  • Policy system: Shows how controls flow into governance documents.
  • Evidence architecture: Defines evidence logic, overlap treatment, and audit navigation.
  • Implementation sequencing: Explains how to integrate without duplication.
  • Audit and assurance narrative: Explains the control integration logic.

What it replaces: Replaces manual clause-by-clause mapping between ISO 27001 and ISO/IEC 42001.

Toolkit 4 - Unified ISO 27001 & ISO 42001 Policy System

£699 inc. VAT

  • Integrated control mapping: Uses the mapped structure to anchor policy.
  • Policy system: Provides the unified policy suite.
  • Evidence architecture: Translates evidence expectations into policies.
  • Implementation sequencing: Provides policy rollout sequence and usage guidance.
  • Audit and assurance narrative: Explains the policy structure and supporting narrative.

What it replaces: Replaces drafting and reconciling separate ISO 27001 and ISO/IEC 42001 policy documents.

What each included toolkit adds

Each included toolkit keeps its full standalone content and purpose. The bundle gives you a joined-up route through those artefacts.

Toolkit 2 - ISO 27001 & ISO 42001 Integration Engine preview

Toolkit 2 - ISO 27001 & ISO 42001 Integration Engine

12 artefacts

A practitioner-grade system for integrating AI governance into an existing ISMS without duplicating controls, documentation, or evidence.

Key contribution

  • Combined Controls Mapping System - integration engine covering clauses 4-10, Annex A mapping, overlap summaries, evidence mapping, RACI, and information architecture.
  • Product Master Guide - explains integration philosophy, terminology, artefact structure, and audit positioning of the unified ISMS and AIMS.
  • How-To Guide - worked examples showing how controls are unified where no AI-specific extension is required.
  • Auditor Orientation Sheet - helps auditors understand the integrated ISMS and AIMS approach quickly.
View individual toolkit
Toolkit 4 - Unified ISO 27001 & ISO 42001 Policy System preview

Toolkit 4 - Unified ISO 27001 & ISO 42001 Policy System

13 artefacts

A complete integrated policy suite designed to support both ISO 27001 and ISO/IEC 42001 in one governance spine. Replace duplicated or conflicting documents with one coherent set of policies.

Key contribution

  • Start Here guide - orientation, pack contents, implementation sequence, and connection to the wider AIBI governance spine.
  • Master Implementation Guide - explains how policies fit together and how to customise them safely without breaking alignment.
  • Build Once. Comply Twice. notes - integration logic showing where policies map to ISO 27001 Annex A controls and ISO/IEC 42001 clauses.
  • Auditor Orientation Sheet - explains policy structure, evidence expectations, and audit sampling approach.
View individual toolkit

Suggested implementation path

  1. Use Toolkit 2 to map controls and define the integrated control model.
  2. Use Toolkit 4 to implement the unified policy system that supports those controls.
  3. Use both outputs to create the control-and-policy backbone for audit readiness.

Why choose this bundle

This bundle avoids the common mistake of treating ISO/IEC 42001 as a separate system layered on top of ISO 27001.

Procurement justification

This bundled purchase supports integration of existing information security governance structures with ISO/IEC 42001 aligned AI governance controls and policy requirements.

The combined materials bring together integrated control mapping and unified policy structures so that teams can identify reuse opportunities, extend existing governance mechanisms and avoid building a second duplicated management system.

The materials can be implemented internally by information security, GRC, policy, risk, AI governance, compliance and internal audit teams using existing document, risk and evidence systems.

This is a one-off digital bundle purchase. The supplier does not require access to our ISMS evidence, AI systems, prompts, models, datasets, customer data, source code, production environments, internal controls, risk registers or completed evidence to fulfil this purchase.

The purchase is proportionate because it supports the Build Once. Comply Twice. model and provides a lower-cost path to integrated control and policy alignment than creating duplicate ISO 27001 and ISO/IEC 42001 artefacts independently.

Designed for internal approval and procurement workflows.

Frequently asked questions

Is this for organisations that already have ISO 27001?

It is especially useful for organisations with an existing ISMS, but it can also support organisations building integrated security and AI governance structures from an earlier stage.

Does this create ISO/IEC 42001 certification?

No. The bundle supports alignment, control mapping, policy rationalisation and evidence preparation. It does not guarantee certification or replace certification-body assessment.

How does it reduce duplication?

Toolkit 2 identifies reuse, extension and new AI-governance requirements, while Toolkit 4 provides unified policy structures so security and AI governance are not maintained as disconnected policy sets.

Does the supplier need our ISMS evidence?

No. The materials are self-contained and completed internally. The supplier does not require access to ISMS evidence, AI systems, internal controls, risk registers or completed outputs.

What file formats are included?

The bundle is delivered as PDF, DOCX, XLSX, PPTX and TXT files, depending on toolkit.

Can auditors or advisers see our completed outputs?

Completed outputs can be shared by the purchasing organisation with auditors, advisers, customers or regulators for assurance purposes, subject to the licence terms.

Complete indexed PDF remains standalone

Build Once. Comply Twice. is sold separately as a £17.99 inc. VAT complete indexed PDF desk reference. It supports the operating model, but it is not required to purchase or use these bundles.

View bookStart with Toolkit 1