Lyra and ISO/IEC 42001

21 April 2026 · How an audit-trailed, owner-gated, human-in-the-loop CRM maps to the AI Management System standard Singapore just started accrediting.

What the standard actually is

ISO/IEC 42001:2023 is the international standard for AI Management Systems. Published December 2023. Certifiable. Same structure as ISO 27001 (for infosec) or ISO 9001 (for quality) — a set of policies, risk controls, and audit evidence an organisation can be assessed against.

Singapore's Accreditation Council (SAC) launched the local accreditation programme on 17 February 2025. Changi Airport Group became the first Singapore company certified in April 2026. The SG certified list is still very small — that matters for any SG business thinking about AI credentialing.

It is not mandatory for anything in Singapore today. But government, banks, and GLCs are increasingly asking their AI vendors for proof of 42001-aligned practices as part of procurement, the same way they already ask for ISO 27001 proof.

Why we wrote Lyra the way we did

Lyra is the CRM + ERP we run Altronis on — designed to be driven by AI agents rather than clicked by humans. When we built it, the rules we wrote for ourselves ended up being almost a direct restatement of the 42001 control set. This post walks the mapping.

Clause-by-clause, where Lyra lands

A.5 — Assessing impacts of AI systems

42001 asks: the organisation must assess the impact of each AI system on individuals, groups, and society, and keep that assessment current.

Lyra does: every AI-generated artifact (proposals, contracts, invoices, email drafts, meeting prep briefs) gets a SENTINEL quality check that scores the output on a rubric and produces a structured verdict. The verdict is cached on the record with a timestamp. Bad scores trigger human review before the artifact can move to the next state.

A.6.1 — AI system lifecycle

42001 asks: the organisation must define and manage the lifecycle of each AI system — requirements, design, verification, deployment, operation, retirement.

Lyra does: the email response pipeline is an explicit state machine. Inbound email lands in connector_staging (state new), gets classified, auto-drafted into comm_drafts (pending), moves through reviewing → approved → sent. Every transition is logged, reversible, and auditable.

A.6.2 — Human oversight

42001 asks: the organisation must ensure human oversight commensurate with risk. Decisions with material impact should be reviewable and overridable by a human.

Lyra does: no outbound communication is ever sent automatically. Every draft sits in state=pending until the owner clicks approve. Paid-flips on invoices require an explicit owner_confirmed=true flag from a UI click — automations, crons, and agent tool-calls cannot silently mark an invoice paid. The policy is enforced in the Pydantic layer, not just the UI.

A.7 — Data governance

42001 asks: data used by AI systems must be identified, quality-controlled, retained and disposed of under defined policies, and its provenance must be traceable.

Lyra does: every record has a source_message_id pointing at the originating email/ message, a created_by field identifying the agent or human that wrote it, and entries in audit_log for every subsequent modification. Retention policies are configurable per collection. Data never leaves the customer tenant.

A.8 — Information for interested parties

42001 asks: the organisation must be able to explain to users, regulators, and affected parties how its AI systems make decisions.

Lyra does: every mutation writes an audit_log row with changed_by, field_name, old_value, new_value, and reason. If an auditor asks "who changed this invoice status to paid and why" — the answer is one SQL query away.

A.9 — Responsible use

42001 asks: deployed AI must be used responsibly, with safeguards against misuse, bias, and unintended consequences.

Lyra does: noise/marketing emails are classified and archived automatically rather than drafted against. No contact without a matched company auto-generates a reply. Confidence-gated extraction (receipt detection, auto-contact creation) requires threshold scores before the system writes. Everything below the threshold queues for human review rather than silently guessing.

A.10 — Third-party and customer relationships

42001 asks: third-party AI components must be identified, risk-assessed, and documented. Customers must be informed when AI is involved in decisions affecting them.

Lyra does: the model chain (zai GLM-5.1 primary, NVIDIA NIM fallback, local Qwen on Strix Halo as the last resort) is documented in LYRA_KNOWLEDGE.md with versioned model IDs. Every AI-generated artifact carries a model and provider field so auditors can trace back to which model produced which output.

What alignment is not

Alignment is not certification. Certification is a formal status awarded by a SAC-accredited certification body after Stage 1 readiness and Stage 2 main audits, valid for three years with annual surveillance, and costs an organisation our size roughly SGD 15-30K plus 3-6 months of calendar time. Altronis has not been through that process. Lyra has not been through that process. Saying a system is aligned with 42001 means the architecture reflects the standard's control set; it does not mean anyone has attested to compliance on our behalf.

Most Singapore businesses evaluating AI vendors today do not need a certified counterpart — the SG certified list is still short enough that requiring it would disqualify almost everyone. What they do need is a vendor whose system is designed to pass a 42001 audit if and when one is commissioned. That is the honest claim this post supports. Not more.

How we use this at Altronis

When clients ask how their AI vendor should handle data governance, model provenance, or audit evidence, we do not hand them a compliance questionnaire. We deploy Lyra into their tenant and the questionnaire answers are generated from the running system. That is the difference between an AI builder who understood governance after the fact and one who built the system to be governable from day one.

Frequently asked

What is ISO/IEC 42001 and why does it matter for Singapore?

ISO/IEC 42001:2023 is the first international AI Management System standard. Singapore's SAC has accredited certification bodies for it, which means it will be the de-facto AI governance benchmark for SG enterprises and government tenders within the next 24 months. If you are deploying AI in regulated industries, this is the framework auditors will check against.

Does ISO 42001 require certification or is alignment enough?

Alignment is sufficient for most SG SMEs today. Formal certification matters when you bid for government contracts or work with banks under MAS technology-risk guidelines. Lyra is designed for clause-level alignment so audit readiness is incremental, not a cliff-edge project.

How does an agent-driven CRM like Lyra map to AI Management System clauses?

Audit trails (every agent action logged with input, output, prompt version, and human override) satisfy clauses 8.2 and 9.1. Owner-gated approvals (agent-proposed actions require named human sign-off above thresholds) satisfy clauses 8.3 and 5.3. Versioned prompts and model registry satisfy clause 6.1. Walk-through with examples is in the body of this post.

What is the difference between ISO 42001 and AI Verify?

AI Verify is Singapore's IMDA-led testing toolkit for fairness, robustness, and explainability metrics. ISO 42001 is the management-system standard for the organisation that builds, deploys, and operates AI. They complement each other: AI Verify checks the model, ISO 42001 checks the team and processes around it.