Panorays, a leading name in Third-Party Cyber Risk and Compliance Management, has announced that it has formally achieved certification under ISO/IEC 42001:2023, the first globally recognised benchmark for Artificial Intelligence Management Systems. The achievement enhances Panorays’ reputation as a highly dependable platform grounded in responsible AI.
As AI rapidly advances within cybersecurity and supplier-risk landscapes, organisations are placing greater emphasis on platforms that deliver innovation backed by principled oversight and clarity. ISO 42001 responds by outlining comprehensive requirements for trustworthy and accountable AI across global operations.
The certification confirms that Panorays applies rigorous oversight to the AI used in its vendor security reviews, attack-surface scanning, and risk-intelligence functions, meeting high standards for risk governance, transparency, and ongoing optimisation.
ISO 42001 Certification Scope – AI Capabilities Across the Panorays Platform
The certification covers Panorays’ full AI-enabled TPCRM SaaS platform, including:
- Accelerating questionnaire completion by suggesting answers from previously completed questionnaires, uploaded certifications, external intelligence, and a searchable knowledge base of past responses.
- Verifying third-party questionnaire responses by analyzing documents, certifications, and attestations with AI.
- Detecting digital assets across the supply chain using an affiliation model, identifying all third- and Nth-party connections while minimizing false positives.
- Predicting the likelihood of supplier breaches by benchmarking industry performance and past incidents.
- Enriching supplier information during External Attack Surface assessments by extracting metadata like certifications from public sources.
- Classifying cyber news and dark web mentions for each supplier, highlighting only the items most relevant and critical to the business.
With ISO 42001 now alongside Panorays’ ISO 27001 and SOC 2 Type II certifications, the company delivers one of the most comprehensive compliance and AI-governance frameworks in the TPCRM industry.
“ISO 42001 is more than a certification; it is validation that Panorays is leading the TPCRM industry into the next era of trusted, governed and responsible AI,” said Ahikam Harush, VP of Information Systems & CISO at Panorays.
“Enterprises today demand AI that accelerates vendor-risk decisions without compromising transparency or control. Panorays delivers exactly that. We are not just adopting AI, we are shaping how AI should operate in third-party cyber risk, accountable, explainable, and aligned with global regulatory expectations.”
Advancing the Future of AI-Driven Third-Party Cyber Risk Management
As supply chains grow more complex and AI becomes central to cybersecurity operations, the need for verified governance frameworks has never been greater. Panorays’ ISO 42001 certification positions the company at the forefront of this transformation by:
- Delivering full-lifecycle TPCRM with AI transparency and oversight
- Aligning with emerging regulations such as the EU AI Act
- Enabling faster, more accurate vendor assessments backed by governed AI
- Providing trusted threat intelligence instead of black-box automation
- Streamlining questionnaire management by automating responses, improving collaboration between evaluators and mitigators, and enhancing overall operational efficiency.
With this achievement, Panorays strengthens its position as a preferred vendor for global enterprises and regulated industries requiring a secure, governed, and future-proof approach to AI in vendor-risk management.
Learn More
To learn more about Panorays’ ISO 42001–certified AI capabilities and how our TPCRM platform can strengthen your vendor-risk program, visit www.panorays.com.
To see Panorays in action, or request a demo at: panorays.com/request-a-demo
