SEIDOR among the first IT consulting firms to certify AI governance

Barcelona, February 3, 2026. The technology consultancy SEIDOR has obtained the ISO/IEC 42001 certification, the first international standard specifically designed for Artificial Intelligence Management Systems, positioning itself among the first technology consultancies in Spain to externally and auditable certify AI governance under this framework.

This certification allows the company to apply a solid model of control and oversight of AI in the projects it develops for its clients, especially in critical and regulated environments.

The achievement of this recognition comes at a time when many organizations are already using AI in key business processes but lack solid frameworks to govern it, justify it, and defend its use before regulators, risk committees, or external audits. In this context, SEIDOR consolidates an approach that enables AI to be treated as the critical business infrastructure it is, managing it with the same rigor applied to security, data, or operational continuity.

ISO/IEC 42001 certifies that SEIDOR manages the full lifecycle of AI through a structured and auditable system that integrates verifiable processes for risk management, data quality and traceability, model transparency, security, human oversight, and continuous improvement. This framework facilitates the deployment of AI solutions in a controlled and scalable manner, aligned with emerging regulatory frameworks, including the European AI Act.

Governing AI as it enters the business

Unlike other approaches based on generic “responsible AI” principles, ISO/IEC 42001 requires measurable criteria and independent audits. For SEIDOR’s clients, this translates into objective evidence that AI systems are designed, developed, and operated under enforceable standards of control, security, and accountability.

This framework is especially relevant in projects where AI already has a direct impact on core processes, such as advanced analytics, intelligent automation, data‑driven decision‑making, or integration with enterprise platforms, and where regulatory, operational, or reputational risk is high.

AI integrated into corporate management and real projects

The certification acts as the operational framework for SEIDOR's Artificial Intelligence Management Policy, integrating clear roles, metrics, risk analyses, and periodic reviews by the Management Team.

According to David Pereira, Global Head of Data & AI at SEIDOR, “the greatest risk today is not using artificial intelligence, but using it without a clear framework for control, traceability, and human oversight.” Pereira added that “ISO/IEC 42001 enables us to transfer this governance model directly to client projects, helping them move from experimentation to industrial AI adoption with technical, regulatory, and trust guarantees.”

SEIDOR’s AI systems and services are also integrated into its Information Security Management System (ISMS), certified under major international standards for security, continuity, and data protection (ISO 20000‑1, ISO 22301, ISO 27001, ISO 27701, ISO 27017, and ISO 27018), reinforcing a cross‑cutting approach to security, continuity, and data protection that also applies to AI. This system consolidates Privacy by Design, Security by Design, and AI Safety by Design practices already implemented in the company and extends them consistently across AI projects.

A global and scalable model

The certification strengthens SEIDOR’s global operating model by unifying AI policies, processes, and controls under a common international standard that can be reused across countries and business units. This enables the company to offer AI consulting and delivery services backed by certifiable and homogeneous governance on a global scale.

The certified management system currently includes Spain, the United Kingdom, Ireland, and Peru. Its deployment is part of a wave‑based strategy initiated in 2025 with Belgium and Peru, aligned with the corporate roadmap to expand these capabilities to the rest of the countries where the company operates. This approach is supported by the company’s corporate certification portfolio, which includes ISO 27001, 27017, 27018, 27701, 22301, ISO 20000‑1, and ENS Alto.