Labsco
CSOAI-ORG logo

ISO 27001 AI Security MCP

β˜… 1

from CSOAI-ORG

ISO 27001 information security compliance β€” control assessment, risk treatment, SoA generation by MEOK AI Labs

πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedFreeNeeds API keys

MCP Scorecard: 90/100

Iso 27001 Ai MCP

βš–οΈ Built by MEOK AI Labs / CSOAI. Need this applied to your system fast? Book a 30-min Founder Office Hour (Β£29) β†’ https://meok.ai/work Β· Full governance platform β†’ https://meok.ai

MEOK AI Labs EU AI Act License PyPI

MEOK AI Labs MCP Server

MEOK AI Labs MCP Server


✨ Features

  • MCP protocol compliant
  • Easy installation
  • Well-documented API
  • Production-ready
  • Active maintenance

πŸ“– Documentation

πŸ›‘οΈ Compliance

This MCP server is built with EU AI Act compliance built-in:

  • βœ… Article 9 β€” Risk Management System
  • βœ… Article 13 β€” Transparency & Instructions for Use
  • βœ… Article 15 β€” Bias Detection & Testing
  • βœ… Article 26 β€” FRIA Support (where applicable)
  • βœ… Article 50 β€” AI Content Watermarking (where applicable)

Need help getting compliant? Book a free 15-min diagnostic β†’

🏒 Enterprise

Need custom development, SLA guarantees, or white-label deployment?

  • Pro: $99/mo β€” Full MCP suite + EU AI Act tracking
  • Enterprise: $499/mo β€” Custom dev + SLA + Dedicated support

View Pricing β†’ | Contact Sales β†’

🀝 Part of the MEOK Ecosystem

This server is part of the MEOK AI Labs ecosystem β€” 300+ MCP servers for sovereign AI governance.

DomainPurpose
councilof.aiEU AI Act compliance marketplace
safetyof.aiAI safety & monitoring
meok.aiSovereign AI platform
cobolbridge.aiLegacy modernization

πŸ“œ License

MIT Β© CSOAI-ORG


<p align="center"> <sub>Built with πŸ’œ by <a href="https://meok.ai">MEOK AI Labs</a> Β· UK Companies House 16939677</sub> </p> mcp-name: io.github.CSOAI-ORG/iso-27001-ai-mcp

ISO 27001 AI MCP

ISO/IEC 27001:2022 compliance assessment for AI systems β€” 93 Annex A controls across 4 themes, ISO 27005 risk assessment, Statement of Applicability generation, incident classification, and ISO 42001 bridge.

PyPI npm License: MIT smithery

What This Does

ISO/IEC 27001:2022 is the international standard for Information Security Management Systems (ISMS). Its Annex A contains 93 controls organized into 4 themes: Organizational (37 controls), People (8), Physical (14), and Technological (34). Certification requires demonstrating that your ISMS meets clauses 4–10 and that your Statement of Applicability (SoA) addresses all relevant controls.

For AI systems, ISO 27001 is foundational β€” but it needs extension. This server audits your ISMS against all 93 controls, performs ISO 27005 risk assessments with AI-specific threat scenarios, generates gap analyses with prioritized remediation roadmaps, produces SoAs, classifies security incidents, and bridges to ISO 42001 for AI-specific governance.

Tools

ToolDescriptionParameters
audit_ismsAudits your ISMS against all 93 Annex A controls. Returns per-theme compliance status (PASS/PARTIAL/FAIL), gap identification, critical gap flagging for high-priority controls (A.5.1, A.5.15, A.8.5, A.8.24, etc.), and certification readiness assessment.organization_context, scope_description, controls_implemented
risk_assessmentPerforms ISO 27005 information security risk assessment. Evaluates 10 AI-relevant threat categories (adversarial attacks, model theft, training data breach, supply chain compromise, insider threat, etc.), calculates likelihood Γ— impact risk scores, and produces a treatment plan with specific Annex A control recommendations.system_description, assets, threat_scenarios, existing_controls
gap_analysisCompares your current controls to ISO 27001 requirements. Supports three targets: "full" (all 93 controls), "core" (critical subset), or "ai-focused" (AI-relevant controls only). Returns prioritized remediation roadmap in 3 phases: Critical (0–30 days), Standard (30–90 days), Remaining (90–180 days).current_controls, target_certification, focus_themes
crosswalk_to_aiMaps ISO 27001 controls to ISO 42001 AI-specific requirements. Shows how existing ISMS controls extend to AI governance (model security, training data protection, AI incident management) and identifies where AI-specific controls are needed.controls, focus_area
generate_soaGenerates a Statement of Applicability per clause 6.1.3(d). Documents all 93 controls as Implemented, Excluded (with justification), or Not Yet Addressed. Required artifact for ISO 27001 certification audits.organization_name, controls_implemented, controls_excluded, exclusion_justifications
incident_classificationClassifies security incidents per controls A.5.24–A.5.28. Determines severity (LOWβ†’CRITICAL), priority (P1–P3), notification requirements, and response procedures. Includes AI-specific incident categories: adversarial attacks, data poisoning, model theft, prompt injection, bias incidents.incident_description, affected_assets, detection_method, data_breach, ai_system_involved

Related Servers

ServerPurpose
iso-42001-aiAI management system β€” Annex A controls and Annex B risk assessment
gdpr-compliance-aiGDPR DPIA, data subject rights, breach notification
eu-ai-act-complianceEU AI Act risk classification and Annex IV documentation
soc2-compliance-aiSOC 2 Trust Service Criteria and control matrix
csoai-governance-crosswalk12 compliance frameworks mapped through 52 articles

Pricing

  • Free tier: 10 calls/day per tool
  • Pro: Β£79/mo β€” unlimited calls + cryptographically signed compliance attestations

License

MIT Β© MEOK AI Labs

<!-- BUY-LADDER:START -->

πŸ’Έ Try MEOK in 30 seconds β€” instant buy ladder

TierPriceWhat you getStripe
Smoke testΒ£1Signed sample MCP-Hardening report + Article 50 PDFhttps://buy.stripe.com/5kQ6oJ0xS3ce8sl7ew8k91j
Quick KitΒ£9EU AI Act Article 50 implementation guide (C2PA + EU-Icon)https://buy.stripe.com/5kQ6oJ0xS3ce8sl7ew8k91j
Founder CallΒ£2930-min 1-on-1 with the founderhttps://buy.stripe.com/5kQ6oJ0xS3ce8sl7ew8k91j

Refundable. UK Stripe β€” VAT-clean. Builds on the 81-MCP MEOK fleet. Verify any signed report at https://meok.ai/verify.

<!-- BUY-LADDER:END -->