What this guide will cover
- The ISO/IEC 42001 clauses procurement should test against, with the artefacts to ask for
- The NIS2 / GDPR / AI Act overlap, and one vendor questionnaire that satisfies all three
- The difference between alignment, certification, and "in progress"
- A defensible procurement template for regulated UK and EU buyers
In the meantime, see the Sovereignty guide for related procurement criteria around CLOUD Act exposure.