AI Governance Isn't Optional Anymore —What ISO 42001 Auditors Look For

Trustworthy AI: De-risk Adoption of Business AI — with Pamela Gupta

Most organizations have AI policies. Few have AI governance that holds up under audit. There's a difference — and that difference is where legal exposure, regulatory risk, and operational failure live.

In this episode, I sit down with Dallas Bishoff, the newly appointed U.S. Vice-Chair of ISO Steering Committee 27 (Information Security, Cybersecurity & Privacy) and one of the first ISO 42001 Lead Auditors in the world. Dallas is both writing the rules and auditing against them — a rare perspective that every AI governance leader needs to hear.

We go deep on:

— The business case for ISO 42001 beyond compliance — what CEOs and boards actually need to understand — What auditors look for on day one of an AI governance audit — and what tells them within the first hour whether governance is real or theater — Red flags that expose paper governance programs with no operational teeth — How ISO 42001 handles third-party and vendor AI risk — where most enterprise AI exposure actually lives — The convergence of ITIL v5 (released January 2026) and ISO 42001 — why keeping IT service management and AI governance in silos is a costly mistake — Whether ISO 42001 is equipped for agentic AI — systems that act autonomously without human oversight — The medical device wake-up call: layering AI governance on top of existing quality management standards after AI-enabled surgical devices were linked to serious patient harm — Global regulatory pressure from the EU AI Act and what multinational organizations should prioritize now

I also discuss how my AI TIPS™ framework complements ISO 42001 to create a complete governance stack. 

If you're a board director, CISO, privacy officer, or compliance leader evaluating AI governance readiness — this is the conversation you need to hear.

Guest: Dallas Bishoff — U.S. Vice-Chair, ISO SC27 | ISO 42001 Lead Auditor | Author, ISO 42001 Pro Tips Newsletter

Host: Pamela Gupta — Creator, AI TIPS™ Framework | Founder, Trusted AI | CISSP, CISM, CSSLP | 2025 Joseph J. Wasserman Award, ISACA

Subscribe and follow Pamela Gupta on LinkedIn for weekly AI governance intelligence.

Can Trustworthy AI help De-Risk adoption of AI? ‘Can Trustworthy AI can be  instrumental in helping organizations gain a competitive edge and  promote better business outcomes, including accelerated innovation with AI’.?
With extensive experience in global industry leadership in areas of Business Strategy, Technology, and Cybersecurity, Pamela helps clients in creating a strategic approach to achieving business value with AI by adopting a holistic risk based approach to AI Trust. She defined 8 essential pillars of trustworthy AI.  Read more details at Trustedai.ai website.

Her insights have shaped the way we look at the impact of Cyberwarfare on Business, strategies for efficient digital transformation, and governance views on Algorithmic failures.

Join Pamela as she delves into her signature framework, AI TIPS, standing for Artificial Intelligence Trust, Integrity, Pillars and Sustainability. This podcast is all about operationalizing governance and building Trustworthy AI systems from the ground up. 

For questions or comments on this podcast reach out to me.