Introduction: The World's First Horizontal AI Law
Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence, commonly known as the EU AI Act, is the world's first comprehensive, horizontal statute governing the development, placing on the market, putting into service and use of artificial intelligence systems. It was published in the Official Journal of the European Union on 12 July 2024 and entered into force on 1 August 2024, with obligations phasing in over a staggered timeline that runs to 2 August 2027. Unlike sector-specific rules, the AI Act applies across every economic sector and adopts a risk-based, product-safety architecture layered onto a fundamental-rights protection mission.
This CyberSigma Knowledge Center deep-dive is written for two audiences simultaneously: the auditor or conformity assessor who must evaluate an organisation's evidence against the Regulation's articles and annexes, and the implementer, CISO, Data Protection Officer or AI governance lead who must operationalise those obligations. The Act is a legal instrument, not a certifiable management-system standard like ISO/IEC 42001, so 'compliance' here means demonstrable conformity with directly applicable legal duties, backed by technical documentation, testing records and governance evidence that would withstand scrutiny from a national market surveillance authority or a notified body.
Copyright and source note
The EU AI Act (Regulation (EU) 2024/1689) is an official act of the European Union. The consolidated and authentic text is published free of charge on EUR-Lex in all official languages; EU legislation is not subject to third-party copyright restrictions but must be cited accurately. This guide is original CyberSigma commentary and interpretation. It paraphrases obligations and does not reproduce the verbatim legal text. Always verify against the authentic EUR-Lex version and subsequent delegated/implementing acts, harmonised standards and Commission guidance, which continue to evolve.
What is the EU AI Act
The EU AI Act is a directly applicable Regulation, meaning it takes legal effect in all 27 Member States without transposition into national law (though Member States must designate authorities and set penalty regimes). Its stated objective is to promote the uptake of trustworthy, human-centric AI while ensuring a high level of protection of health, safety and fundamental rights enshrined in the Charter of Fundamental Rights of the European Union, including democracy, the rule of law and environmental protection, against the harmful effects of AI systems.
The Act defines an 'AI system' (Article 3(1)) in alignment with the OECD definition: a machine-based system designed to operate with varying levels of autonomy, that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers from the input it receives how to generate outputs such as predictions, content, recommendations or decisions that can influence physical or virtual environments. This inference-based definition is deliberately technology-neutral and excludes simpler traditional software and purely rule-based systems that do not infer.
The Act's central innovation is a four-tier risk pyramid. Systems posing an unacceptable risk are prohibited outright (Article 5). High-risk systems (Articles 6-49 and Annexes I and III) are permitted subject to stringent ex-ante conformity requirements. Systems posing limited or transparency risk (Article 50) carry disclosure duties. Minimal-risk systems are largely unregulated. Layered orthogonally onto this pyramid is a dedicated regime for general-purpose AI (GPAI) models, including those with systemic risk (Chapter V, Articles 51-56).
| Attribute | Detail |
|---|
| Instrument | Regulation (EU) 2024/1689 |
| Common name | EU AI Act |
| Issuer | European Parliament and Council of the European Union |
| Entered into force | 1 August 2024 |
| Legal nature | Directly applicable Regulation (no national transposition) |
| Regulatory model | Risk-based, product-safety (New Legislative Framework) plus fundamental-rights protection |
| Extraterritorial reach | Yes, based on output used in the EU and market placement |
| Enforcement | National market surveillance authorities, notified bodies, European AI Office, AI Board |
| Maximum fine | EUR 35 million or 7% of total worldwide annual turnover (prohibited practices) |
Who Must Comply: Scope and Applicability
The Act assigns distinct obligations to a chain of operators. Correctly classifying your organisation's role is the first and most consequential scoping decision, because the same entity can hold multiple roles across different systems, and a deployer that substantially modifies a high-risk system or markets it under its own name can be re-classified as a provider (Article 25).
| Operator role (Article 3) | Definition and who it captures |
|---|
| Provider | Develops an AI system or GPAI model, or has one developed, and places it on the market or puts it into service under its own name or trademark, whether for payment or free of charge. Bears the heaviest obligations. |
| Deployer | A natural or legal person using an AI system under its authority, except where used in a purely personal non-professional activity. Formerly termed 'user'. |
| Importer | Located or established in the EU, places on the market an AI system bearing the name/trademark of a person established in a third country. |
| Distributor | In the supply chain, other than provider or importer, that makes an AI system available on the EU market. |
| Product manufacturer | Places on the market or into service an AI system together with their product and under their own name, where the AI is a safety component under Annex I sectoral law. |
| Authorised representative | Established in the EU, mandated in writing by a non-EU provider to carry out obligations on its behalf. |
Territorial scope (Article 2)
- Providers placing AI systems on the market or putting them into service in the EU, irrespective of whether they are established in the EU or a third country.
- Deployers of AI systems that have their place of establishment or are located within the EU.
- Providers and deployers established in a third country where the output produced by the AI system is used in the EU, a deliberately broad extraterritorial hook.
- Importers and distributors of AI systems, and EU-based product manufacturers integrating AI.
- Affected persons located in the EU benefit from certain rights (e.g. Article 86 right to explanation of individual decision-making).
Key exclusions from scope
- AI systems developed and used exclusively for military, defence or national security purposes.
- AI systems used by public authorities in third countries or international organisations under international cooperation for law enforcement/judicial cooperation with the EU (subject to safeguards).
- AI systems and models specifically developed and put into service for the sole purpose of scientific research and development.
- Research, testing and development activity prior to placing on the market (except real-world testing).
- AI released under free and open-source licences, unless placed on the market or put into service as high-risk, prohibited, or subject to Article 50 transparency, or is a GPAI model with systemic risk.
- Purely personal, non-professional use by natural persons.
Structure of the EU AI Act
The Regulation comprises 113 Articles organised into 13 Chapters, supported by 180 recitals and 13 Annexes. The annexes are operationally critical: Annex III lists the eight high-risk use-case areas, Annex I lists Union harmonisation legislation, and Annexes IV, VII, VIII and XI define technical documentation, conformity assessment and registration content. The table below maps the principal chapters and the obligations they carry.
| Chapter / Articles | Domain | Core content |
|---|
| Chapter I (Art. 1-4) | General provisions | Subject matter, scope, definitions, AI literacy obligation |
| Chapter II (Art. 5) | Prohibited AI practices | Eight categories of unacceptable-risk practices |
| Chapter III (Art. 6-49) | High-risk AI systems | Classification, requirements, provider/deployer duties, conformity assessment, registration |
| Chapter IV (Art. 50) | Transparency obligations | Disclosure for certain limited-risk systems (chatbots, deepfakes, emotion/biometric categorisation) |
| Chapter V (Art. 51-56) | General-purpose AI models | GPAI obligations, systemic-risk classification, codes of practice |
| Chapter VI (Art. 57-63) | Measures in support of innovation | Regulatory sandboxes, real-world testing, SME support |
| Chapter VII (Art. 64-70) | Governance | European AI Office, AI Board, advisory forum, scientific panel, national authorities |
| Chapter VIII (Art. 71) | EU database | Registration of high-risk systems in the EU database |
| Chapter IX (Art. 72-94) | Post-market monitoring, information sharing, market surveillance | Monitoring plans, serious incident reporting, enforcement |
| Chapter X (Art. 95) | Codes of conduct | Voluntary codes for non-high-risk systems |
| Chapter XI (Art. 96-101) | Delegation and committee | Delegated acts, Commission powers, GPAI fines |
| Chapter XII (Art. 99-101) | Penalties | Administrative fines tiers |
| Chapter XIII (Art. 102-113) | Final provisions | Amendments, entry into force, phased application dates |
Implementation timeline (Article 113)
| Date | Obligation becoming applicable |
|---|
| 1 August 2024 | Regulation enters into force |
| 2 February 2025 | Chapter I (general provisions) and Chapter II (prohibitions on unacceptable-risk practices); AI literacy duty (Art. 4) |
| 2 August 2025 | GPAI model obligations (Chapter V), governance bodies (Chapter VII), notified bodies, confidentiality, most penalties provisions |
| 2 August 2026 | General application of the Regulation, including Annex III high-risk obligations and Article 50 transparency |
| 2 August 2027 | High-risk obligations for AI systems that are safety components of products under Annex I sectoral legislation; GPAI models placed on market before Aug 2025 must be compliant |
Master Assessment Checklist
This is the operational heart of the guide. Each subsection below corresponds to a distinct obligation cluster in the Regulation. For each, the assessor verifies the stated control and collects the typical evidence. No obligation area is omitted. Where the Regulation cross-references an annex, the annex is named so that documentation can be traced back to the legal source.
5.1 Prohibited AI practices (Article 5)
| What to verify | Typical evidence |
|---|
| No AI system deploys subliminal, manipulative or deceptive techniques that materially distort behaviour causing significant harm | AI use-case inventory with prohibition screening; DPIA/FRIA screening records |
| No exploitation of vulnerabilities due to age, disability or specific socio-economic situation | Vulnerability-population risk assessment; screening sign-off |
| No social scoring by public or private actors leading to detrimental/unjustified treatment | Data-use governance review; scoring-system register |
| No AI-based risk assessment predicting criminal offending solely on profiling/personality | Law-enforcement use-case exclusion attestation |
| No untargeted scraping of facial images to build/expand facial recognition databases | Data provenance records; scraping-source audit |
| No emotion recognition in workplace or education (except medical/safety) | Emotion-inference system inventory; justification records |
| No biometric categorisation inferring sensitive attributes (race, political, religious, sexual orientation) | Biometric-system classification review |
| No real-time remote biometric identification in public spaces for law enforcement outside narrow authorised exceptions | Legal-basis and judicial-authorisation evidence (law enforcement only) |
5.2 AI literacy (Article 4)
| What to verify | Typical evidence |
|---|
| Providers and deployers ensure a sufficient level of AI literacy of staff and persons operating AI on their behalf | AI literacy training programme; attendance/completion records |
| Literacy measures account for technical knowledge, experience, education and the deployment context | Role-based training matrix; needs-analysis document |
| Ongoing awareness of opportunities, risks and possible harms of AI | Awareness communications; refresher schedule |
5.3 High-risk classification (Article 6, Annex I and III)
| What to verify | Typical evidence |
|---|
| Correct classification against Annex I (safety components) and Annex III (eight use-case areas) | High-risk classification determination per system; rationale record |
| Where Annex III applies, assessment of the Article 6(3) derogation (no significant risk to health/safety/rights) | Documented derogation assessment; registration of the exemption decision |
| Systems performing profiling of natural persons are always treated as high-risk within Annex III areas | Profiling-flag review in system inventory |
5.4 Risk management system (Article 9)
| What to verify | Typical evidence |
|---|
| A continuous, iterative risk management system runs across the entire lifecycle | Risk management plan and procedure; version history |
| Identification and analysis of known and reasonably foreseeable risks to health, safety, fundamental rights | Risk register with likelihood/impact; residual-risk statements |
| Adoption of risk mitigation measures and testing against preliminarily defined metrics | Mitigation action log; test protocols and results |
| Consideration of risks to vulnerable groups and persons under 18 | Vulnerable-group impact analysis |
5.5 Data and data governance (Article 10)
| What to verify | Typical evidence |
|---|
| Training, validation and testing datasets meet quality criteria and are relevant, representative, error-free and complete as far as possible | Data governance policy; dataset datasheets; quality metrics |
| Examination for possible biases likely to affect health/safety or cause discrimination | Bias assessment reports; mitigation measures |
| Appropriate data governance and management practices (collection, provenance, labelling, gap analysis) | Data lineage records; annotation guidelines |
| Processing of special-category data for bias detection only where strictly necessary with safeguards | Legal-basis assessment; Article 10(5) safeguards documentation |
5.6 Technical documentation (Article 11, Annex IV)
| What to verify | Typical evidence |
|---|
| Technical documentation is drawn up before market placement and kept up to date | Annex IV technical file; document-control record |
| Documentation demonstrates the system meets Chapter III Section 2 requirements | Requirement-to-evidence traceability matrix |
| General description, development process, monitoring, and risk-management details are present | Completed Annex IV template covering all required headings |
5.7 Record-keeping and logging (Article 12)
| What to verify | Typical evidence |
|---|
| Automatic recording of events (logs) over the system's lifetime | Logging design specification; sample log extracts |
| Logs enable traceability appropriate to the intended purpose and support post-market monitoring | Log retention policy; traceability demonstration |
| For remote biometric identification, logs capture reference database, input and identification results | Biometric logging configuration evidence |
5.8 Transparency and information to deployers (Article 13)
| What to verify | Typical evidence |
|---|
| System operation is sufficiently transparent to enable deployers to interpret and use output | Design documentation of interpretability features |
| Instructions for use provide identity of provider, characteristics, capabilities, limitations and performance | Instructions-for-use document; accessibility check |
| Human oversight measures and expected lifetime/maintenance are specified | Oversight and maintenance section of instructions |
5.9 Human oversight (Article 14)
| What to verify | Typical evidence |
|---|
| System is designed to be effectively overseen by natural persons during use | Human-oversight design specification |
| Oversight enables monitoring, interpreting output, deciding not to use, and intervening or stopping (stop button) | Oversight procedure; UI evidence of override/stop controls |
| Measures address automation bias, especially for identification systems requiring two-person verification | Automation-bias mitigation record; four-eyes rule evidence |
5.10 Accuracy, robustness and cybersecurity (Article 15)
| What to verify | Typical evidence |
|---|
| Appropriate levels of accuracy achieved and declared metrics stated in instructions | Accuracy test reports; declared metric values |
| Resilience to errors, faults, inconsistencies and environmental interaction (robustness) | Robustness/stress-test results; fail-safe design records |
| Resilience against attempts to alter use or performance by third parties (adversarial, data/model poisoning, evasion) | Security testing; adversarial red-team report; model-integrity controls |
| Feedback loops in continuous-learning systems are addressed to avoid biased outputs | Continuous-learning risk controls documentation |
5.11 Quality management system (Article 17)
| What to verify | Typical evidence |
|---|
| Providers operate a documented quality management system (QMS) | QMS manual; policies and procedures register |
| QMS covers regulatory compliance strategy, design control, testing, data management, risk management, post-market monitoring, incident reporting and record-keeping | QMS scope matrix mapped to Article 17(1)(a)-(m) |
| Accountability and management framework defined | Responsibility assignment; management review minutes |
5.12 Conformity assessment, declaration and CE marking (Articles 43, 47, 48)
| What to verify | Typical evidence |
|---|
| Appropriate conformity assessment procedure completed (internal control Annex VI or notified-body Annex VII) | Conformity assessment records; notified-body certificate where applicable |
| EU declaration of conformity drawn up and retained for 10 years (Annex V) | Signed EU declaration of conformity |
| CE marking affixed visibly, legibly and indelibly (physical or digital) | CE-marking evidence; notified-body identification number where relevant |
| Reassessment triggered by substantial modification | Change-control log linking modifications to reassessment |
5.13 Registration in the EU database (Articles 49, 71)
| What to verify | Typical evidence |
|---|
| Provider registers the high-risk system in the EU database before market placement | EU database registration confirmation; Annex VIII data |
| Public-authority deployers register their use of Annex III high-risk systems | Deployer registration record |
| Article 6(3) exemption decisions are registered | Exemption registration entry |
5.14 Provider obligations (Article 16)
| What to verify | Typical evidence |
|---|
| Provider ensures compliance with all Chapter III requirements and indicates name/contact on the system | Provider identification labelling; compliance attestation |
| Corrective actions taken and authorities informed where non-conformity found | Corrective action procedure; notification records |
| Documentation kept for 10 years and made available to authorities on request | Retention schedule; access-request log |
5.15 Deployer obligations (Article 26 and Fundamental Rights Impact Assessment Article 27)
| What to verify | Typical evidence |
|---|
| Deployer uses the system per instructions, assigns competent human oversight, ensures input data relevance | Deployment SOP; oversight staffing records; input-data controls |
| Monitoring of operation and suspension/notification on risk or serious incident | Operational monitoring logs; incident-escalation records |
| Fundamental Rights Impact Assessment performed by public bodies and certain private deployers before use | Completed FRIA (Article 27); notification to authority |
| Affected persons informed where high-risk AI is used to make decisions about them | Notice/disclosure records to affected persons |
5.16 Transparency obligations (Article 50)
| What to verify | Typical evidence |
|---|
| Users are informed when interacting with an AI system (chatbots) unless obvious | Chatbot disclosure UI evidence |
| AI-generated or manipulated synthetic content is marked in a machine-readable format as artificially generated | Content-watermarking/provenance metadata (e.g. C2PA) evidence |
| Deepfakes and AI-generated text on public-interest matters are disclosed as such | Deepfake/labelling policy and samples |
| Emotion recognition and biometric categorisation subjects are informed | Subject-notification records |
5.17 General-purpose AI models (Articles 53-55)
| What to verify | Typical evidence |
|---|
| GPAI providers draw up and maintain technical documentation (Annex XI) for the model | Model card / technical documentation package |
| Information and documentation provided to downstream providers who integrate the model (Annex XII) | Downstream integration documentation |
| Policy in place to comply with EU copyright law, including text-and-data-mining opt-outs | Copyright compliance policy; opt-out honouring records |
| Sufficiently detailed public summary of training content published | Published training-data summary |
| GPAI with systemic risk: model evaluation, adversarial testing, systemic-risk assessment, serious-incident reporting to AI Office, cybersecurity protection | Systemic-risk evaluation reports; red-team results; incident notifications; security controls |
5.18 Post-market monitoring and incident reporting (Articles 72, 73)
| What to verify | Typical evidence |
|---|
| Providers establish a post-market monitoring system proportionate to risk with a documented plan | Post-market monitoring plan; collected performance data |
| Serious incidents reported to the relevant market surveillance authority without undue delay | Incident register; notification timestamps |
| Reporting deadlines observed: generally within 15 days; 2 days for widespread infringement/serious disruption of critical infrastructure; 10 days where death is involved | Incident-timeline evidence mapped to Article 73(2)-(4) |
Scoping and Materiality / Tiering
Scoping under the AI Act is driven by the risk pyramid rather than by data volume or revenue thresholds. The materiality assessment answers two questions for every AI system in the inventory: what risk tier does it occupy, and what is our operator role for it. These two axes together determine the applicable obligation set.
| Risk tier | Treatment | Primary obligations |
|---|
| Unacceptable risk | Prohibited (Article 5) | Cease/do not deploy; eight banned practices |
| High risk | Permitted with controls (Annex I / III) | Full Chapter III requirements, conformity assessment, registration |
| Limited / transparency risk | Permitted with disclosure (Article 50) | Inform users; label synthetic content and deepfakes |
| Minimal risk | Largely unregulated | Voluntary codes of conduct (Article 95) |
| GPAI model | Cross-cutting (Chapter V) | Documentation, copyright, training summary |
| GPAI with systemic risk | Enhanced (Article 55) | Evaluation, red-teaming, incident reporting, cybersecurity |
The systemic-risk threshold for GPAI is presumed where the cumulative amount of compute used for training exceeds 10^25 floating-point operations (FLOP), or where the Commission designates a model based on capability criteria. Materiality for high-risk classification hinges on Annex III use-case fit and the Article 6(3) 'no significant risk' derogation, which cannot be claimed where the system profiles natural persons.
Implementation Approach
A defensible programme is delivered in phases. Each phase produces deliverables that later become audit evidence, so the sequence is designed to build the technical file and governance record incrementally rather than retrofitting documentation.
Phase 1: Discovery and AI inventory
- Activities: enumerate all AI systems and GPAI models across the organisation, including shadow AI and third-party embedded AI; capture purpose, data, operator role and lifecycle stage.
- Activities: establish AI governance sponsorship, an AI governance board and an accountable owner.
- Deliverables: authoritative AI system inventory/register; governance charter; RACI.
Phase 2: Classification and gap assessment
- Activities: classify each system against Article 5, Annex III, Annex I and GPAI criteria; document derogations under Article 6(3); assess operator role per system.
- Activities: perform a requirement-by-requirement gap analysis against Chapter III and Article 50.
- Deliverables: classification determinations; prioritised gap register with remediation owners and dates.
Phase 3: Control build-out
- Activities: implement risk management (Art. 9), data governance (Art. 10), logging (Art. 12), human oversight (Art. 14), accuracy/robustness/security (Art. 15); establish the QMS (Art. 17).
- Activities: conduct FRIAs (Art. 27) and DPIAs; embed transparency features (Art. 50).
- Deliverables: implemented controls; Annex IV technical documentation; QMS manual; FRIA/DPIA records.
Phase 4: Conformity and registration
- Activities: select and complete the conformity assessment route (Annex VI internal control or Annex VII notified body); draw up the EU declaration of conformity; affix CE marking.
- Activities: register high-risk systems and any exemptions in the EU database.
- Deliverables: conformity assessment records; signed declaration; CE marking; EU database registration confirmations.
Phase 5: Operate, monitor and improve
- Activities: run post-market monitoring per plan; operate serious-incident reporting with mapped deadlines; manage substantial-modification change control; deliver ongoing AI literacy.
- Activities: schedule periodic internal audits and management reviews; track KPIs.
- Deliverables: post-market monitoring reports; incident register; change-control records; audit reports and corrective actions.
Maturity / Capability Model
The Act does not define a maturity scale, but CyberSigma applies a five-level capability model to benchmark an organisation's AI governance readiness and to sequence investment. This model complements the ISO/IEC 42001 AI management system approach.
| Level | Name | Characteristics |
|---|
| 1 | Initial / ad hoc | No AI inventory; classification undocumented; shadow AI prevalent; no accountability |
| 2 | Developing | Partial inventory; some classification; policies drafted; reactive risk handling |
| 3 | Defined | Complete inventory and classification; QMS documented; FRIAs performed; technical files started |
| 4 | Managed | Conformity assessments completed; CE marking and registration done; post-market monitoring operating; KPIs tracked |
| 5 | Optimising | Continuous improvement; automated logging and monitoring; systemic-risk controls; integrated with ISO 42001; audit-ready at all times |
Assessment and Audit Approach
- Confirm scope: identify all operator roles and territorial triggers, and freeze the AI system inventory to be assessed.
- Verify prohibited-practice screening: test that no system falls under Article 5 and that screening is documented.
- Validate classification: independently re-perform Annex III/Annex I classification and challenge any Article 6(3) derogations.
- Examine technical documentation: trace each Chapter III requirement (Art. 9-15) to Annex IV documentation and test evidence.
- Assess governance controls: review the QMS (Art. 17), risk management (Art. 9), data governance (Art. 10) and human oversight (Art. 14) in operation, not just on paper.
- Test conformity artefacts: verify the conformity assessment route, EU declaration of conformity, CE marking and EU database registration.
- Review deployer duties: confirm FRIAs (Art. 27), instructions-for-use compliance, affected-person notices and operational monitoring.
- Evaluate transparency: sample chatbot disclosures, synthetic-content labelling and deepfake notices under Article 50.
- Inspect GPAI obligations where relevant: documentation, copyright policy, training summary and, for systemic risk, evaluations and incident reporting.
- Check post-market monitoring and incident reporting: test the plan, register and deadline adherence (2/10/15-day rules).
- Report findings: rate conformity per obligation, log non-conformities with severity, and agree a remediation plan and re-test date.
Evidence Request List
- Governance: AI governance charter, RACI, management review minutes, AI literacy training records.
- Inventory and classification: AI system register, classification determinations, Article 6(3) derogation assessments, operator-role mapping.
- Risk and data: risk management plan and register, DPIAs, FRIAs, data governance policy, dataset datasheets, bias assessments, data lineage.
- Technical file: Annex IV technical documentation, requirement-traceability matrix, accuracy/robustness/security test reports, adversarial red-team results.
- Quality and operations: QMS manual and procedures, logging design and sample logs, human-oversight procedures and UI evidence.
- Conformity: conformity assessment records, notified-body certificates, EU declaration of conformity, CE-marking evidence, EU database registrations.
- Deployer artefacts: instructions for use, deployment SOPs, affected-person notices, operational monitoring logs.
- Transparency: chatbot/synthetic-content/deepfake labelling policies and samples, watermarking/provenance metadata.
- GPAI: model cards, downstream documentation (Annex XI/XII), copyright policy, published training-data summary, systemic-risk evaluations.
- Post-market: monitoring plan and reports, serious-incident register with timestamps, corrective action logs, change-control records.
Roles and Responsibilities
| Role | Responsibility under an AI Act programme |
|---|
| Executive sponsor / Board | Accountability for AI governance, risk appetite, resourcing and management review |
| AI governance lead / AI officer | Owns the programme, inventory, classification and cross-functional coordination |
| CISO / Security team | Article 15 cybersecurity, adversarial testing, model integrity, incident response |
| Data Protection Officer | DPIA/FRIA interface, special-category data safeguards (Art. 10), affected-person rights |
| Legal and compliance | Regulatory interpretation, declarations of conformity, contracts with providers/deployers |
| Product / ML engineering | Risk management, data governance, logging, human-oversight design, technical documentation |
| Quality management | QMS operation (Art. 17), conformity assessment, CE marking, document control |
| Deployer operations | Instructions-for-use adherence, oversight staffing, operational monitoring, incident escalation |
| Internal audit | Independent assurance, evidence testing, non-conformity reporting |
KPIs and Metrics to Track
- Percentage of AI systems inventoried and classified against the risk pyramid.
- Number of high-risk systems with a complete Annex IV technical file.
- Percentage of high-risk systems with valid conformity assessment, EU declaration and CE marking.
- Percentage of high-risk systems registered in the EU database before deployment.
- Number and severity of open non-conformities against Chapter III requirements.
- FRIA and DPIA completion rate for in-scope deployments.
- AI literacy training completion rate (Article 4).
- Mean time to detect and report serious incidents against the 2/10/15-day deadlines.
- Bias and accuracy metrics per high-risk model versus declared thresholds.
- Adversarial/robustness test coverage and pass rate.
- Shadow AI discovery rate and time to bring into governance.
- Percentage of GPAI usage with copyright policy and training-data summary evidence.
Readiness Checklist
- Complete AI system and GPAI inventory including third-party and embedded AI is maintained.
- Every system screened against Article 5 prohibited practices with documented outcomes.
- High-risk classification determinations and Article 6(3) derogations documented and registered.
- Risk management system (Art. 9) operating iteratively across the lifecycle.
- Data governance and bias controls (Art. 10) implemented with dataset documentation.
- Annex IV technical documentation drawn up and version-controlled.
- Automatic logging (Art. 12) enabled with retention aligned to intended purpose.
- Instructions for use and transparency to deployers (Art. 13) issued.
- Human oversight measures (Art. 14) designed, including stop controls and anti-automation-bias.
- Accuracy, robustness and cybersecurity (Art. 15) tested with adversarial evaluation.
- Quality management system (Art. 17) documented and operating.
- Conformity assessment completed, EU declaration signed, CE marking affixed.
- High-risk systems and exemptions registered in the EU database.
- FRIAs (Art. 27) completed for public and applicable private deployers.
- Article 50 transparency, watermarking and deepfake labelling implemented.
- GPAI documentation, copyright policy and training-data summary in place where relevant.
- Post-market monitoring plan and serious-incident reporting with mapped deadlines operating.
- AI literacy programme (Art. 4) delivered and tracked.
Common Gaps and Findings
- No authoritative AI inventory, leaving shadow AI and embedded third-party AI unclassified.
- Over-reliance on the Article 6(3) derogation without a documented justification, or claiming it despite profiling.
- Risk management treated as a one-off exercise rather than an iterative lifecycle process (Art. 9).
- Datasets used without provenance, representativeness or bias assessment evidence (Art. 10).
- Human oversight designed on paper but no effective stop/override control in the interface (Art. 14).
- Accuracy metrics undeclared and no adversarial/robustness testing against poisoning or evasion (Art. 15).
- Technical documentation incomplete against Annex IV headings and not version-controlled.
- Deployers not performing FRIAs or failing to notify affected persons of automated decisions.
- AI-generated content and chatbots not disclosed or watermarked under Article 50.
- GPAI integrated downstream without copyright policy or published training-data summary.
- No post-market monitoring plan and incident reporting not aligned to the 2/10/15-day deadlines.
- AI literacy obligation (Art. 4) unaddressed for staff operating AI systems.
- Confusing operator roles, leading to missed provider obligations after substantial modification (Art. 25).
EU AI Act Mapped to Other Frameworks
| EU AI Act obligation | Related framework / control |
|---|
| Quality and AI management system (Art. 17) | ISO/IEC 42001 AI management system; ISO 9001 |
| Risk management (Art. 9) | ISO/IEC 23894 AI risk management; NIST AI RMF (GOVERN/MAP/MEASURE/MANAGE); ISO 31000 |
| Data governance and bias (Art. 10) | ISO/IEC 5259 data quality; GDPR Art. 5 principles; ISO/IEC TR 24027 bias |
| Cybersecurity and robustness (Art. 15) | ISO/IEC 27001/27002; ISO/IEC 24029 robustness; NIST SP 800-53 |
| Human oversight (Art. 14) | NIST AI RMF trustworthiness characteristics; OECD AI Principles |
| Transparency and disclosure (Art. 13, 50) | C2PA content provenance; ISO/IEC 12792 transparency taxonomy |
| Fundamental Rights Impact Assessment (Art. 27) | GDPR DPIA (Art. 35); Council of Europe HUDERIA |
| Post-market monitoring / incident reporting (Art. 72-73) | ISO/IEC 42001 monitoring; medical device / NLF vigilance; NIS2 incident reporting analogues |
| GPAI documentation (Art. 53, Annex XI/XII) | Model cards; datasheets; ISO/IEC 42001 transparency controls |
| Overall governance | ISO/IEC 38507 governance of AI; ISO/IEC 42001 Annex A controls |
How CyberSigma Helps
Partner with CyberSigma for EU AI Act conformity
CyberSigma's CERT-In empanelled auditors and PCI QSAs combine legal-grade regulatory interpretation with hands-on engineering assurance to take you from AI discovery to defensible conformity. We build your AI inventory, classify every system against the risk pyramid, run gap assessments against Chapter III, and stand up the risk management, data governance, logging, human-oversight and cybersecurity controls the Regulation demands. We author Annex IV technical documentation, prepare you for the correct conformity assessment route, draft your EU declaration of conformity and guide CE marking and EU database registration. We deliver FRIAs, GPAI documentation reviews, adversarial red-teaming for Article 15 robustness, and a post-market monitoring and serious-incident reporting capability aligned to the 2/10/15-day deadlines. Integrated with ISO/IEC 42001 and NIST AI RMF, our programme keeps you audit-ready as the phased 2025-2027 timeline lands. Talk to CyberSigma to make trustworthy AI a demonstrable, sustainable capability.