AI Act (Base)

Defining and documenting risk management metrics for AI systems

Critical

High

Normal

Low

Information and training for deployers of high-risk AI systems

Critical

High

Normal

Low

Acceptance of overall residual AI risk

Critical

High

Normal

Low

Mitigation and control measures for AI risks

Critical

High

Normal

Low

Cyber security management

Implementation and documentation of management reviews

Critical

High

Normal

Low

Assessment of residual risks

Critical

High

Normal

Low

Risk management

Article 9.6: Testing for risk management measures and compliance

High-risk AI systems shall be tested for the purpose of identifying the most appropriate and targeted risk management measures. Testing shall ensure that high-risk AI systems perform consistently for their intended purpose and that they are in compliance with the requirements set out in this Section.

Related tasks

Testing of high-risk AI systems

Critical

High

Normal

Low

Article 9.8: Testing frequency and metrics

The testing of high-risk AI systems shall be performed, as appropriate, at any time throughout the development process, and, in any event, prior to their being placed on the market or put into service. Testing shall be carried out against prior defined metrics and probabilistic thresholds that are appropriate to the intended purpose of the high-risk AI system.

Related tasks

Definition of testing metrics and thresholds for high-risk AI systems

Critical

High

Normal

Low

Testing plan for high-risk AI systems

Critical

High

Normal

Low

Article 9.9: Considering the impact on vulnerable groups in risk management

When implementing the risk management system as provided for in paragraphs 1 to 7, providers shall give consideration to whether in view of its intended purpose the high-risk AI system is likely to have an adverse impact on persons under the age of 18 and, as appropriate, other vulnerable groups.

Related tasks

Impact assessment procedure for AI systems

Critical

High

Normal

Low

Article 10.1: Quality criteria of training data sets

High-risk AI systems which make use of techniques involving the training of AI models with data shall be developed on the basis of training, validation and testing data sets that meet the quality criteria referred to in paragraphs 2 to 5 whenever such data sets are used.

Related tasks

AI system listing and applicable AI transparency obligations

Critical

High

Normal

Low

AI system data quality standards

Critical

High

Normal

Low

Data management procedures for AI system development

Critical

High

Normal

Low

Data preparation criteria and methods

Critical

High

Normal

Low

Article 10.2: Management of training, validation and testing data sets

Training, validation and testing data sets shall be subject to data governance and management practices appropriate for the intended purpose of the high-risk AI system. Those practices shall concern in particular:

the relevant design choices;
data collection processes and the origin of data, and in the case of personal data, the original purpose of the data collection;
relevant data-preparation processing operations, such as annotation, labelling, cleaning, updating, enrichment and aggregation;
the formulation of assumptions, in particular with respect to the information that the data are supposed to measure and represent;
an assessment of the availability, quantity and suitability of the data sets that are needed;
examination in view of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations;
appropriate measures to detect, prevent and mitigate possible biases identified according to point (f);
the identification of relevant data gaps or shortcomings that prevent compliance with this Regulation, and how those gaps and shortcomings can be addressed.

Related tasks

Data provenance procedure for AI systems

Critical

High

Normal

Low

Data preparation and quality assurance for AI systems

Critical

High

Normal

Low

Documentation of AI system design and development

Critical

High

Normal

Low

AI data gap identification and management

Critical

High

Normal

Low

Article 10.3: Relevance, representativeness, and completeness of data sets

Training, validation and testing data sets shall be relevant, sufficiently representative, and to the best extent possible, free of errors and complete in view of the intended purpose.

They shall have the appropriate statistical properties, including, where applicable, as regards the persons or groups of persons in relation to whom the high-risk AI system is intended to be used. Those characteristics of the data sets may be met at the level of individual data sets or at the level of a combination thereof.

Related tasks

Data quality criteria for high-risk AI systems

Critical

High

Normal

Low

Data preparation process for high-risk AI systems

Critical

High

Normal

Low

Data set validation for high-risk AI systems

Critical

High

Normal

Low

Data set documentation for AI systems

Critical

High

Normal

Low

Article 10.4: Contextual characteristics of data sets

Data sets shall take into account, to the extent required by the intended purpose, the characteristics or elements that are particular to the specific geographical, contextual, behavioural or functional setting within which the high-risk AI system is intended to be used.

Related tasks

Contextual relevance assessment of AI data sets

Critical

High

Normal

Low

Article 15.1: Accuracy, robustness and cybersecurity of high-risk AI systems

High-risk AI systems shall be designed and developed in such a way that they achieve an appropriate level of accuracy, robustness, and cybersecurity, and that they perform consistently in those respects throughout their lifecycle.

Related tasks

Technical requirements for AI system performance and security

Critical

High

Normal

Low

Article 15.3: Declaration of accuracy levels and metrics in instructions for use

The levels of accuracy and the relevant accuracy metrics of high-risk AI systems shall be declared in the accompanying instructions of use.

Related tasks

Documentation of AI system accuracy and metrics in user instructions

Critical

High

Normal

Low

Article 10.5: Exceptional processing of special categories of personal data

To the extent that it is strictly necessary for the purpose of ensuring bias detection and correction in relation to the high-risk AI systems in accordance with paragraph (2), points (f) and (g) of this Article, the providers of such systems may exceptionally process special categories of personal data, subject to appropriate safeguards for the fundamental rights and freedoms of natural persons. In addition to the provisions set out in Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680, all the following conditions must be met in order for such processing to occur:

the bias detection and correction cannot be effectively fulfilled by processing other data, including synthetic or anonymised data;
the special categories of personal data are subject to technical limitations on the re-use of the personal data, and state-of-the-art security and privacy-preserving measures, including pseudonymisation;
the special categories of personal data are subject to measures to ensure that the personal data processed are secured, protected, subject to suitable safeguards, including strict controls and documentation of the access, to avoid misuse and ensure that only authorised persons have access to those personal data with appropriate confidentiality obligations;
the special categories of personal data are not to be transmitted, transferred or otherwise accessed by other parties;
the special categories of personal data are deleted once the bias has been corrected or the personal data has reached the end of its retention period, whichever comes first;
the records of processing activities pursuant to Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680 include the reasons why the processing of special categories of personal data was strictly necessary to detect and correct biases, and why that objective could not be achieved by processing other data.

Related tasks

Justification for special category data processing in AI bias correction records

Critical

High

Normal

Low

Deletion of special categories of personal data for AI bias correction

Critical

High

Normal

Low

Technical limitations on re-use of special category data

Critical

High

Normal

Low

Security and privacy measures for special category data

Critical

High

Normal

Low

Process for evaluating the necessity of using special category data

Critical

High

Normal

Low

Article 10.6: Applicability of data requirements to non-training high-risk AI systems

For the development of high-risk AI systems not using techniques involving the training of AI models, paragraphs 2 to 5 apply only to the testing data sets.

Related tasks

Test data management for high-risk AI systems without model training

Critical

High

Normal

Low

Article 11: Technical documentation

1. The technical documentation of a high-risk AI system shall be drawn up before that system is placed on the market or put into service and shall be kept up-to-date.

The technical documentation shall be drawn up in such a way as to demonstrate that the high-risk AI system complies with the requirements set out in this Section and to provide national competent authorities and notified bodies with the necessary information in a clear and comprehensive form to assess the compliance of the AI system with those requirements. It shall contain, at a minimum, the elements set out in Annex IV. SMEs, including start-ups, may provide the elements of the technical documentation specified in Annex IV in a simplified manner. To that end, the Commission shall establish a simplified technical documentation form targeted at the needs of small and microenterprises. Where an SME, including a start-up, opts to provide the information required in Annex IV in a simplified manner, it shall use the form referred to in this paragraph. Notified bodies shall accept the form for the purposes of the conformity assessment.

2. Where a high-risk AI system related to a product covered by the Union harmonisation legislation listed in Section A of Annex I is placed on the market or put into service, a single set of technical documentation shall be drawn up containing all the information set out in paragraph 1, as well as the information required under those legal acts.

Related tasks

Technical documentation for high-risk AI systems

Critical

High

Normal

Low

Unified technical documentation for AI systems in regulated products

Critical

High

Normal

Low

Simplified technical documentation for SMEs and start-ups

Critical

High

Normal

Low

Article 12: Record-keeping (logs)

1. High-risk AI systems shall technically allow for the automatic recording of events (logs) over the lifetime of the system.

2. In order to ensure a level of traceability of the functioning of a high-risk AI system that is appropriate to the intended purpose of the system, logging capabilities shall enable the recording of events relevant for:

identifying situations that may result in the high-risk AI system presenting a risk within the meaning of Article 79(1) or in a substantial modification;
facilitating the post-market monitoring referred to in Article 72; and
monitoring the operation of high-risk AI systems referred to in Article 26(5).

3. For high-risk AI systems referred to in point 1 (a), of Annex III, the logging capabilities shall provide, at a minimum:

recording of the period of each use of the system (start date and time and end date and time of each use);
the reference database against which input data has been checked by the system;
the input data for which the search has led to a match;
the identification of the natural persons involved in the verification of the results, as referred to in Article 14(5).

Related tasks

Logging capabilities for high-risk AI systems

Critical

High

Normal

Low

Specification of AI system log content

Critical

High

Normal

Low

AI system event logging planning and implementation

Critical

High

Normal

Low

Article 14: Effective human oversight of high-risk AI-systems

1. High-risk AI systems shall be designed and developed in such a way, including with appropriate human-machine interface tools, that they can be effectively overseen by natural persons during the period in which they are in use.

2. Human oversight shall aim to prevent or minimise the risks to health, safety or fundamental rights that may emerge when a high-risk AI system is used in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, in particular where such risks persist despite the application of other requirements set out in this Section.

3. The oversight measures shall be commensurate with the risks, level of autonomy and context of use of the high-risk AI system, and shall be ensured through either one or both of the following types of measures:

measures identified and built, when technically feasible, into the high-risk AI system by the provider before it is placed on the market or put into service;
measures identified by the provider before placing the high-risk AI system on the market or putting it into service and that are appropriate to be implemented by the deployer.

4. For the purpose of implementing paragraphs 1, 2 and 3, the high-risk AI system shall be provided to the deployer in such a way that natural persons to whom human oversight is assigned are enabled, as appropriate and proportionate:

to properly understand the relevant capacities and limitations of the high-risk AI system and be able to duly monitor its operation, including in view of detecting and addressing anomalies, dysfunctions and unexpected performance;
to remain aware of the possible tendency of automatically relying or over-relying on the output produced by a high-risk AI system (automation bias), in particular for high-risk AI systems used to provide information or recommendations for decisions to be taken by natural persons;
to correctly interpret the high-risk AI system’s output, taking into account, for example, the interpretation tools and methods available;
to decide, in any particular situation, not to use the high-risk AI system or to otherwise disregard, override or reverse the output of the high-risk AI system;
to intervene in the operation of the high-risk AI system or interrupt the system through a ‘stop’ button or a similar procedure that allows the system to come to a halt in a safe state.

5. For high-risk AI systems referred to in point 1(a) of Annex III, the measures referred to in paragraph 3 of this Article shall be such as to ensure that, in addition, no action or decision is taken by the deployer on the basis of the identification resulting from the system unless that identification has been separately verified and confirmed by at least two natural persons with the necessary competence, training and authority.

The requirement for a separate verification by at least two natural persons shall not apply to high-risk AI systems used for the purposes of law enforcement, migration, border control or asylum, where Union or national law considers the application of this requirement to be disproportionate.

Related tasks

Built-in human oversight mechanisms for high-risk AI systems

Critical

High

Normal

Low

Amount, competence and adequacy of human oversight personnel

Critical

High

Normal

Low

Dual verification for high-risk AI identification

Critical

High

Normal

Low

Analysis of human oversight measures for high-risk AI systems

Critical

High

Normal

Low

Guidelines for human oversight of AI systems

Critical

High

Normal

Low

Article 15.4: Robustness against errors and mitigation of feedback loops

High-risk AI systems shall be as resilient as possible regarding errors, faults or inconsistencies that may occur within the system or the environment in which the system operates, in particular due to their interaction with natural persons or other systems. Technical and organisational measures shall be taken in this regard. High-risk AI systems that continue to learn after being placed on the market or put into service shall be developed in such a way as to eliminate or reduce as far as possible the risk of possibly biased outputs influencing input for future operations (feedback loops), and as to ensure that any such feedback loops are duly addressed with appropriate mitigation measures.

Related tasks

Measures against feedback loops in learning AI systems

Critical

High

Normal

Low

System error handling procedures

Critical

High

Normal

Low

Data system management