Cyberday.ai
Go to Finnish site
Get started
Login
Help categories
Getting started
Cyberday essentials
Settings and admin actions
Workspace administration
Workflows and AI
Risk management, auditing and advanced
Show all helps
Video courses
Basics of Cyberday
Show all videos
Search
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Unfortunately something went wrong. You can contact us at team@cyberday.ai.
Available only in EN

Workflow: AI governance

Back

AI governance is the workflow for managing your obligations under the EU AI Act and ISO 42001 — inventorying AI systems, classifying their risk, running impact assessments, and producing the documentation regulators expect.

🆕 What's new: AI governance is a new workflow in this release. Nothing you've built previously is affected — it appears alongside your existing workflows when you activate the relevant frameworks, with starter content drafted by Cyberday's AI.

When this workflow appears

AI governance is visible when you have ISO 42001 or the EU AI Act active among your frameworks. Activate either and the workflow appears in the Workflows list on the Dashboard. Deactivate both and it returns to the framework-specific catalogue.

Setting it up

AI governance is a framework-specific workflow — there's no separate guided setup. The workflow is available directly; configuration (owner, AI-related documentation, related tasks) is handled inline on the page when relevant.

What's on the page

Main metrics

A single trend line: your EU AI Act / ISO 42001 compliance score over time, sourced directly from the compliance view. This is the one metric the workflow optimises against — there are no separate operational counters for AI governance.

Documentation

The documentation that backs your AI governance practice, organised into two groups:

Assets

  • AI systems — the AI systems in use across the organisation
  • AI models — the underlying models the systems use
  • AI data sets — the data used to train, validate, and operate the systems

Records

  • AI objectives — your stated objectives for AI use
  • AI system impact assessments — assessments of risk, fairness, and effect on rights
  • Conformity assessments — assessments against EU AI Act conformity obligations

Each documentation row shows the total item count, items still to work on, the related ISMS theme, and the responsible owner.

Tasks

Below the documentation, the workflow page lists the operational tasks tied to AI governance — system registration routines, high-risk system documentation, human oversight definitions, transparency obligations. Each task shows its theme, status (Untreated / Partly done / Mostly done / Fully done), owner, priority (Low / Normal / High / Critical), and due date.

Reports

The audit-ready outputs AI governance produces:

  • AI policy and objectives — the foundational document for your AI management system
  • AI risk management description and scope — how AI risk is identified, assessed, and treated
  • AI System Impact Assessments — the per-system impact records
  • AI systems lifecycle policy — the lifecycle approach from procurement to retirement

Reports refresh from your live data, so they're always current.

How it connects to other workflows

AI systems sit in Asset inventory alongside other systems. Risks identified during AI impact assessments flow into Risk management. Significant changes to AI systems — new model versions, scope changes, retraining — should run through Change management.

Content

Related help articles

Explore more help content

Workflows and AI

How to utilize workflows and AI features

Getting started

Understand the very basics of Cyberday

Risk management, auditing and advanced

Going further in your information security work by utilizing advanced features

Workspace administration

How to collaborate with other users in your security team

Cyberday essentials

Get detailed help articles for different main features of Cyberday

Settings and admin actions

User management, organization settings and other admin actions in Cyberday
Effortless compliance improvement
Widest framework library in EU
Extensive support

Get your compliance
foundation in minutes.

Learn what an AI-powered ISMS looks like in practice.
Start a free trial and see your compliance work launch in minutes.

Start free trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templatesTrust center
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessmentsInternal audits
Resources
AcademyWebinarsBlogHelp articlesVideo coursesTrust centerContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security