Panorays, recognised globally for its Third-Party Cyber Risk and Compliance Management platform, has revealed that it has obtained ISO/IEC 42001:2023 certification, the world’s inaugural standard dedicated to Artificial Intelligence Management Systems. This accomplishment signals the company’s continued leadership in trusted and well-governed AI-driven TPCRM solutions.
As artificial intelligence becomes more deeply woven into cyber defence and vendor-risk processes, businesses are increasingly insisting on solutions that demonstrate clear governance and responsible operation. ISO 42001 sets out these expectations, establishing a universal reference point for ethical and transparent AI use in security applications.
Panorays’ successful certification confirms that the AI engines supporting its vendor-risk evaluations, external attack-surface surveillance, and intelligence workflows operate under stringent protocols focusing on transparency, supervisory control, risk mitigation, and systematic improvement.
ISO 42001 Certification Scope – AI Capabilities Across the Panorays Platform
The certification covers Panorays’ full AI-enabled TPCRM SaaS platform, including:
- Accelerating questionnaire completion by suggesting answers from previously completed questionnaires, uploaded certifications, external intelligence, and a searchable knowledge base of past responses.
- Verifying third-party questionnaire responses by analyzing documents, certifications, and attestations with AI.
- Detecting digital assets across the supply chain using an affiliation model, identifying all third- and Nth-party connections while minimizing false positives.
- Predicting the likelihood of supplier breaches by benchmarking industry performance and past incidents.
- Enriching supplier information during External Attack Surface assessments by extracting metadata like certifications from public sources.
- Classifying cyber news and dark web mentions for each supplier, highlighting only the items most relevant and critical to the business.
With ISO 42001 now alongside Panorays’ ISO 27001 and SOC 2 Type II certifications, the company delivers one of the most comprehensive compliance and AI-governance frameworks in the TPCRM industry.
“ISO 42001 is more than a certification; it is validation that Panorays is leading the TPCRM industry into the next era of trusted, governed and responsible AI,” said Ahikam Harush, VP of Information Systems & CISO at Panorays.
“Enterprises today demand AI that accelerates vendor-risk decisions without compromising transparency or control. Panorays delivers exactly that. We are not just adopting AI, we are shaping how AI should operate in third-party cyber risk, accountable, explainable, and aligned with global regulatory expectations.”
Advancing the Future of AI-Driven Third-Party Cyber Risk Management
As supply chains grow more complex and AI becomes central to cybersecurity operations, the need for verified governance frameworks has never been greater. Panorays’ ISO 42001 certification positions the company at the forefront of this transformation by:
- Delivering full-lifecycle TPCRM with AI transparency and oversight
- Aligning with emerging regulations such as the EU AI Act
- Enabling faster, more accurate vendor assessments backed by governed AI
- Providing trusted threat intelligence instead of black-box automation
- Streamlining questionnaire management by automating responses, improving collaboration between evaluators and mitigators, and enhancing overall operational efficiency.
With this achievement, Panorays strengthens its position as a preferred vendor for global enterprises and regulated industries requiring a secure, governed, and future-proof approach to AI in vendor-risk management.
Learn More
To learn more about Panorays’ ISO 42001–certified AI capabilities and how our TPCRM platform can strengthen your vendor-risk program, visit www.panorays.com.
To see Panorays in action, or request a demo at: panorays.com/request-a-demo
