Launch of 'ISO 42001 Certification Support Consulting Service' for AI Management Systems (AIMS)

VLC Security Consulting Co., Ltd. (Minato-ku, Tokyo, President and Representative Director Tadayuki Kato, hereinafter referred to as 'the Company'), an operating company of the VLC Security Group, will launch a consulting service to support the certification acquisition of the international standard for AI management systems 'ISO/IEC 42001:2023 (JIS Q 42001:2025)' on Tuesday, June 9, 2026.

The Company has a strong track record of approximately 20 years in providing support for the acquisition and operation of ISMS (ISO27001) and PrivacyMark. In this service, experienced consultants in certification support provide consistent support through four phases from preparation and planning to certification acquisition. By offering individual customization according to the organizational scale and AI utilization status, the service aims for certification acquisition in as little as 8 to 9 months.

Triggered by the release of ChatGPT at the end of 2023, the corporate adoption of generative AI is expanding rapidly within Japan. On the other hand, risks such as AI bias, misjudgment, personal information leakage, and hallucinations have surfaced as real problems, and corporate legal and reputational risks caused by AI utilization are also increasing.

In response to these circumstances, for all companies involved in AI systems—regardless of whether they are developers, providers, or users—visualizing the AI governance system and proving reliability through third-party certification have become challenges.

This service supports these customers' challenges through initiatives for acquiring AIMS.

Through this initiative, the Company aims to receive orders from 30 companies amounting to 60 million yen over three years.

In addition, in conjunction with the launch of this service, a free seminar on ISO 42001 (AIMS) will be held. (Details below)

◾️ Overview of ISO 42001 Certification Support Consulting Service

Provides consistent support through four phases from preparation and planning to certification acquisition, aiming for certification acquisition in as little as 8 to 9 months through individual customization according to organizational scale and AI utilization status.

Phases
Details
Estimated Period
Phase 1: Preparation & Planning
Inventory of AI utilization status, gap analysis, implementation planning, system construction
Approx. 1 month
Phase 2: System Construction
AI policy formulation, process design, documentation, company-wide deployment, education and training
Approx. 3 months
Phase 3: Operation & Verification
Trial operation, internal audit, corrective improvement
Approx. 3 months
Phase 4: Certification Acquisition
Selection of certification body, document review, on-site audit, certification acquisition
Approx. 2 months

The goal is to complete the process from initiation to certification acquisition in as little as 8 to 9 months, providing individual customization tailored to the organization's size and AI utilization status.

◾️ Background of Providing the ISO 42001 Certification Support Consulting Service

In Japan, the formulation of the 'AI Business Operator Guidelines' (2024), centered around the Ministry of Economy, Trade and Industry and the Digital Agency, and the development of industry-specific AI utilization guidelines by the Financial Services Agency and the Ministry of Internal Affairs and Communications are progressing. Furthermore, on August 20, 2025, the domestic standard 'JIS Q 42001:2025', which translated ISO/IEC 42001:2023, was officially enacted, and the construction of international-standard AI management systems (AIMS) has entered the standard implementation phase in Japan as well.

In the international regulatory environment, the European Union (EU) enacted the 'AI Act (EU AI Act)' in August 2024, pioneering risk-based AI regulation worldwide. Developers and operators of high-risk AI systems are required to ensure transparency, manage risks, and implement human oversight, forcing Japanese companies doing business within the EU to comply. In the United States, with the White House AI Executive Order (2023) and enhanced monitoring of AI utilization by the Federal Trade Commission (FTC), the 'safe and secure use of AI' has become one of the core issues of corporate governance.

◾️ ISO 42001 (AIMS) Related Free Seminar

Seminar Title
A Move Toward the 4th AI Boom. To an Era of Using and Managing AI
~ Establishing Organizational Governance with ISO 42001 (AIMS) ~

Seminar Overview
Along with explaining the latest trends surrounding AI governance and the risks associated with AI utilization, it clearly introduces an overview of ISO/IEC 42001 (AIMS), key points of implementation and utilization, and the benefits of acquiring certification.

Seminar Details
https://vlcsecurity.com/news/19415/

Seminar Format
Zoom Webinar

Date and Time
Thursday, July 9, 2026, 16:00-17:00

Seminar Application QR Code/URL
https://form.vlcsecurity.com/form/20260709Seminar?k3ad=pr

◾️ Reference: About the AI Management System ISO 42001

ISO 42001 is the world's first international standard regarding AI Management Systems (AIMS), targeting all organizations that develop, provide, and use AI systems. Aimed at constructing and maintaining a mechanism throughout the organization to operate AI safely, ethically, and transparently, it goes beyond mere technical standards to stipulate the overall design of an organizational governance structure, from AI risk assessment, policy formulation, lifecycle management, to information disclosure to stakeholders.

Based on 9 categories in the overall design (policies related to AI / internal organization / resources for AI systems / impact assessment / lifecycle management / data management / information provision to stakeholders / use of AI systems / relationships with third parties and customers), organizations are required to select and implement control measures according to their unique risks. It also aligns well with the EU AI Act and NIST's AI RMF (Risk Management Framework) and functions as a foundation for global regulatory compliance.

Expected Effects of Introducing the AI Management System ISO 42001

Management Aspect:
Efficient response to various countries' AI regulations, such as the EU AI Act
Improved credibility from investors, customers, and business partners
Systematic mitigation of accident and litigation risks caused by AI risks
Enhancement of brand value as a 'Responsible AI Company'

Operational Aspect:
Efficiency in development and operation through standardized processes
Organizational accumulation of AI-related knowledge and risk expertise
Construction of systematic AI talent development programs

◾️ About VLC Security Group

Under the mission 'Go Beyond! Japan Cyber Security', the VLC Security Group drives innovation in Japan's cyber security and supports the development of society and industry with the following three businesses incorporating the world's most advanced knowledge and technology as pillars.

VLC Security Group Operating Companies

VLC Security Consulting Co., Ltd.
A consulting business that constructs security systems based on industry standards and provides certification support including ISMS and PrivacyMark.

VLC Security Arena Co., Ltd.
A practical, cutting-edge cyber security training business provided under the CYBERGYM brand that reflects the latest attack methods in real-time.

VLC Security Lab Co., Ltd.
Research and development of cutting-edge technologies including AI and provision of security solutions.