May 15, 2025

Nebuly is now ISO 42001 certified

What is it, and why does it matter?

We are proud to share that Nebuly is now ISO 42001 certified! We are among the first companies globally to meet this standard, and one of very few startups to get here this quickly.

Why does this matter? If you're building with LLMs today, you need to be moving fast on innovation while often facing mounting questions about AI governance and risk. This certification gives you a foundation of trust enterprise clients, especially those in regulated sectors, can build on. "Enterprise clients, rightly so, expect strong AI Governance in place, and we're delivering it. Being one of the first companies to achieve ISO 42001 globally gives our partners a crucial advantage as regulatory requirements tighten – think about the EU AI Act coming into force in 2025. We're proud to be ahead of the curve on something that matters this much", said Julien Roux, Co-Founder at Nebuly.

We pursued this for a simple reason: the way AI is governed is changing fast, and we want to lead by example.

This milestone represents three months of intense work - from internal reviews and documentation overhauls to structural changes and rigorous audits. Along the way, we partnered with two exceptional teams: Fairly AI, who helped us align with the evolving ISO standard from the inside out, and AssuranceLab, our certification auditor.  

“We think about this as a triangle. We (Nebuly) have the knowledge about the company and our proprietary AI systems, Fairly.ai has been very helpful in providing structure in terms of how to prepare for the audit, and AssuranceLab is conducting the audit itself,” continued Julien.

The landscape is shifting

In practice, most companies using LLMs today are working without a formal framework to assess and mitigate AI risks. That gap is getting harder to ignore as regulations across the world come into force, starting with the EU AI Act in 2025. Global regulators are moving. And internally, more teams are asking the same questions:

  • Is Nebuly’s AI technology safe and trustworthy?
  • Is my data confidential handled responsibly? Is it used at all?
  • Is the AI doing what it’s supposed to do?

ISO 42001 is the first international standard that addresses these questions directly. It defines what an AI Management System should look like, beyond technical performance or security. It’s about governance, oversight, and operational maturity.

What this means for teams building with LLMs

You're building AI-powered products. Your teams are moving fast. But you’re also fielding growing scrutiny, from your CISO, your legal team, your clients, maybe even regulators.

"The technical challenges of AI get all the attention, but governance is where many projects actually succeed or fail. This certification helps us address that reality head-on," notes Diego Fiori, Co-Founder at Nebuly.

By using Nebuly, you now get a layer of trust and governance already built in. Our ISO 42001 certification means:

  • You can meet internal governance demands without reinventing the wheel
  • You reduce friction in procurement, compliance, and stakeholder reviews
  • You save time when integrating Nebuly into sensitive or regulated workflows
  • You get peace of mind that data handling, feedback loops, and AI decisions follow a verified process

In short, Nebuly becomes one less risk you need to explain.  

A note on timing

We are proud to be among the very first companies globally - and one of the only startups - to achieve this certification. That will change soon. We expect ISO 42001 to become the baseline for operating AI systems responsibly in enterprise environments.

If you're building GenAI products today, you’ll likely need to show your work soon. For Nebuly, this certification reflects what we already believed: good AI governance is about removing blind spots early, so you can move faster with more confidence. Valerio Sofi, AI Engineer at Nebuly, highlights this perspective: "The gap between AI innovation and AI governance is closing fast. ISO 42001 has helped us translate governance from abstract principles into concrete technical workflows, so that responsible AI is an embedded part of our architecture."

We’ll be sharing more about the process, what we learned, and what comes next - stay tuned.

Other Blogs

View pricing and plans

SaaS Webflow Template - Frankfurt - Created by Wedoflow.com and Azwedo.com
blog content
Keep reading
September 24, 2024

LLM Monitoring

Read full article
September 20, 2024

LLM Feedback Loop

Read full article
September 17, 2024

Analytics Agent

Read full article

Get the latest news and updates
straight to your inbox

Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.

Let's keep in touch

Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.