Content library
AI risk and lifecycle management
AI risk assessment process establishment and management
AI governance
AI risk and lifecycle management

AI risk assessment process establishment and management

Start free trial

Task description

AI risk assessment process establishment and management

The organization should establish and maintain a process for assessing AI risks. This process must be guided by the organization's AI policy and AI objectives, ensuring that subsequent assessments yield consistent, valid, and comparable results.

The process should identify risks that could either help or hinder the achievement of the organization's AI objectives. Risk analysis should involve evaluating the potential consequences for the organization, people, and society, assessing the probability of these risks where possible, and establishing the levels of these risks.

Thhe process should also inlcude evaluating AI risks by comparing the analysis results against the defined risk criteria and prioritizing the identified risks for subsequent treatment. Documented information concerning the AI risk assessment process and its results should be maintained.

Requirements connected to the task

Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Staff guidance and training procedure in AI literacy
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 4: Ensuring personnel have a sufficient level of AI literacy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Staff guidance and training procedure in AI literacy
Leadership commitment to the effective management of AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 4: Ensuring personnel have a sufficient level of AI literacy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Leadership commitment to the effective management of AI systems
Maintaining a log of AI literacy training
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 4: Ensuring personnel have a sufficient level of AI literacy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Maintaining a log of AI literacy training
Appointment of personnel to monitor changes to AI system classifications
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 25.1-2: Conditions to be considered a provider of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Appointment of personnel to monitor changes to AI system classifications
Conformity assessment and registration of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 16: Obligations for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Conformity assessment and registration of high-risk AI systems
Technical documentation for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 16: Obligations for providers of high-risk AI systems
AI Act (Base)
Article 11: Technical documentation
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Technical documentation for high-risk AI systems
Post-market monitoring and corrective actions for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 16: Obligations for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Post-market monitoring and corrective actions for high-risk AI systems
Quality management equivalencies for financial institutions
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 17.4: Quality management systems for financial institutions
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Quality management equivalencies for financial institutions
Conformity process for distributors of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 24: Declaration of conformity for distributors of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Conformity process for distributors of high-risk AI systems
Operational process for deployed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.1-4: Technical and organisational obligations for deployers of high-risk AI-systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Operational process for deployed high-risk AI systems
Process for monitoring high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.5: Monitoring the operation of deployed high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for monitoring high-risk AI systems
Maintaining a log of monitoring activities of deployed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.5: Monitoring the operation of deployed high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Maintaining a log of monitoring activities of deployed high-risk AI systems
Log retention policy for deployed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.6: Minimum log retention periods in deployed high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Log retention policy for deployed high-risk AI systems
Impact assessment procedure for AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
3
requirements

Examples of other requirements this task affects

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems
AI Act (Base)
Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)
Article 9.9: Considering the impact on vulnerable groups in risk management
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Impact assessment procedure for AI systems
Fundamental rights assessment -report publishing, informing and maintenance
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Fundamental rights assessment -report publishing, informing and maintenance
Evaluation of AI risk management measures in the risk management phase
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.4: Considerations for risk management measures
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Evaluation of AI risk management measures in the risk management phase
Acceptance of overall residual AI risk
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.5: Risk management measures
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Acceptance of overall residual AI risk
Mitigation and control measures for AI risks
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.5: Risk management measures
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Mitigation and control measures for AI risks
Testing plan for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.8: Testing frequency and metrics
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Testing plan for high-risk AI systems
Documentation of AI system design and development
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 10.2: Management of training, validation and testing data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Documentation of AI system design and development
Logging capabilities for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 12: Record-keeping (logs)
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Logging capabilities for high-risk AI systems
Amount, competence and adequacy of human oversight personnel
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 14: Effective human oversight of high-risk AI-systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Amount, competence and adequacy of human oversight personnel
Management of AI-specific cybersecurity risks
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 15.5: Cybersecurity and resilience against manipulation attempts
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Management of AI-specific cybersecurity risks
AI cybersecurity incident response plan
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 15.5: Cybersecurity and resilience against manipulation attempts
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
AI cybersecurity incident response plan
Verification process for imported high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 23: Declaration of conformity for importers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Verification process for imported high-risk AI systems
Handling non-conformities in imported high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 23: Declaration of conformity for importers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Handling non-conformities in imported high-risk AI systems
Internal control procedure for conformity assessment
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.1: Conformity assessment procedure for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Internal control procedure for conformity assessment
Internal conformity assessment procedure for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Internal conformity assessment procedure for high-risk AI systems
Process for managing substantial modifications to AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.4: Conditions for high-risk AI systems to undergo a new conformity assessment procedure
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for managing substantial modifications to AI systems
Policy on CE marking responsibility and usage for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 48: CE markings for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Policy on CE marking responsibility and usage for high-risk AI systems
Management of serious incidents during real-world AI testing
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 60.7: Reporting of serious incidents connected to real-world testing of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Management of serious incidents during real-world AI testing
Registration of AI systems before market placement
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 49: Registration of AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Registration of AI systems before market placement
Considering AI risks in the ISMS
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.1: Establishing a risk management system for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Considering AI risks in the ISMS
AI risk assessment process establishment and management
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
AI risk assessment process establishment and management
Adopting a code of practice for general-purpose AI models
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 53.4: Codes of practice for providers of general-purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Adopting a code of practice for general-purpose AI models
Appointment of an authorised representative for GPAI model providers from outside the EU
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 54: Authorised representatives of providers of general-purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Appointment of an authorised representative for GPAI model providers from outside the EU
Evaluating and managing systemic risk in GPAI models
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 55: Obligations for providers of general-purpose AI models with systemic risk
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Evaluating and managing systemic risk in GPAI models
Process for cooperating with competent authorities
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 52.3: Cooperation with competent authorities for providers of general purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Process for cooperating with competent authorities
Support for authorised representatives of GPAI model providers
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 54: Authorised representatives of providers of general-purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Support for authorised representatives of GPAI model providers
Awareness and mitigation of automation bias in AI system use
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 4: Ensuring personnel have a sufficient level of AI literacy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Awareness and mitigation of automation bias in AI system use
Unit or role-specific AI literacy program
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 4: Ensuring personnel have a sufficient level of AI literacy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Unit or role-specific AI literacy program
Implementing changes to AI system classifications
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 25.3: Manufacturer conditions for AI systems as safety components of products
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Implementing changes to AI system classifications
Code of conduct for organisations deploying or providing AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 95.3: Code of conduct for providers or deployers of AI systems and their organisations
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Code of conduct for organisations deploying or providing AI systems
Process for managing classification changes for AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 25.1-2: Conditions to be considered a provider of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for managing classification changes for AI systems
Automatic log-generation for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 16: Obligations for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Automatic log-generation for high-risk AI systems
Cooperation with national competent authorities for providers of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 16: Obligations for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Cooperation with national competent authorities for providers of high-risk AI systems
Termination clause in the authorised representative's mandate
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 22: Authorised representatives of high-risk AI system providers
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Termination clause in the authorised representative's mandate
Appointment and responsibilities of the authorised representative of providers of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 22: Authorised representatives of high-risk AI system providers
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Appointment and responsibilities of the authorised representative of providers of high-risk AI systems
Secure storage and transport of distributed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 24: Declaration of conformity for distributors of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Secure storage and transport of distributed high-risk AI systems
Notification procedure for risks in distributed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 24: Declaration of conformity for distributors of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Notification procedure for risks in distributed high-risk AI systems
Incident reporting for deployed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.5: Monitoring the operation of deployed high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Incident reporting for deployed high-risk AI systems
Monitoring equivalencies for high-risk AI systems deployed by financial institutions
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 26.5: Monitoring the operation of deployed high-risk AI systems
AI Act (Base)
Article 26.6: Minimum log retention periods in deployed high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Monitoring equivalencies for high-risk AI systems deployed by financial institutions
Technical implementation of AI system log retention
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.6: Minimum log retention periods in deployed high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Technical implementation of AI system log retention
Registration of high-risk AI system registration before deployment
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.8: Registration of deployed high-risk AI systems for public authorities and union institutions
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Registration of high-risk AI system registration before deployment
Verifying the registration of deployed high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.8: Registration of deployed high-risk AI systems for public authorities and union institutions
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Verifying the registration of deployed high-risk AI systems
Notification of fundamental rights impact assessment
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Notification of fundamental rights impact assessment
Internal governance and complaint mechanisms for AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Internal governance and complaint mechanisms for AI systems
Use of previous impact assessments for AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Use of previous impact assessments for AI systems
Review of explanation obligations for AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 86: Right to explanation of individual decision-making
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Review of explanation obligations for AI systems
Identification and documentation of risks in AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 17.1 (QMS instructions): Quality management instructions
AI Act (Base)
Article 9.1: Establishing a risk management system for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Identification and documentation of risks in AI systems
Documentation of linked risks for identified incidents in AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.1: Establishing a risk management system for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Documentation of linked risks for identified incidents in AI systems
Evaluation process and documentation of significant changes to high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 9.1: Establishing a risk management system for high-risk AI systems
AI Act (Base)
Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Evaluation process and documentation of significant changes to high-risk AI systems
Evaluation of risks from foreseeable misuse of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Evaluation of risks from foreseeable misuse of high-risk AI systems
Defining and documenting risk management metrics for AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.5: Risk management measures
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Defining and documenting risk management metrics for AI systems
Testing of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.6: Testing for risk management measures and compliance
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Testing of high-risk AI systems
Definition of testing metrics and thresholds for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.8: Testing frequency and metrics
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Definition of testing metrics and thresholds for high-risk AI systems
Unified technical documentation for AI systems in regulated products
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 11: Technical documentation
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Unified technical documentation for AI systems in regulated products
Simplified technical documentation for SMEs and start-ups
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 11: Technical documentation
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Simplified technical documentation for SMEs and start-ups
Specification of AI system log content
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 12: Record-keeping (logs)
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Specification of AI system log content
Built-in human oversight mechanisms for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 14: Effective human oversight of high-risk AI-systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Built-in human oversight mechanisms for high-risk AI systems
Analysis of human oversight measures for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 14: Effective human oversight of high-risk AI-systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Analysis of human oversight measures for high-risk AI systems
Technical requirements for AI system performance and security
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 15.1: Accuracy, robustness and cybersecurity of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Technical requirements for AI system performance and security
Measures against feedback loops in learning AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 15.4: Robustness against errors and mitigation of feedback loops
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Measures against feedback loops in learning AI systems
Conformity assessment process for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 17.1 (QMS policy): Quality management policy
AI Act (Base)
Article 43.1: Conformity assessment procedure for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Conformity assessment process for high-risk AI systems
Submission of the quality management system and technical documentation to a notified body
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.1: Conformity assessment procedure for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Submission of the quality management system and technical documentation to a notified body
Pre-market Declaration of Conformity preparation for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Pre-market Declaration of Conformity preparation for high-risk AI systems
Verification and documentation of the internal conformity assessment
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Verification and documentation of the internal conformity assessment
CE marking for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
CE marking for high-risk AI systems
Process for conformity assessment of AI systems under existing legislation
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.3: Conformity assessment procedure for providers of high-risk AI systems covered by EU harmonisation legislation
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for conformity assessment of AI systems under existing legislation
Specific documentation for combined conformity assessments
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.3: Conformity assessment procedure for providers of high-risk AI systems covered by EU harmonisation legislation
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Specific documentation for combined conformity assessments
Selection of a Notified Body for combined assessments
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 43.3: Conformity assessment procedure for providers of high-risk AI systems covered by EU harmonisation legislation
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Selection of a Notified Body for combined assessments
Creation, management and maintenance of declarations of conformity for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 47: EU declaration of conformity
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Creation, management and maintenance of declarations of conformity for high-risk AI systems
Process for CE marking of high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 48: CE markings for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for CE marking of high-risk AI systems
Register of CE marking for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 48: CE markings for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Register of CE marking for high-risk AI systems
Process for cooperation with competent authorities
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 17.1 (QMS instructions): Quality management instructions
AI Act (Base)
Article 21: Cooperation with competent authorities
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for cooperation with competent authorities
Creating post-market monitoring plans for high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 17.1 (QMS instructions): Quality management instructions
AI Act (Base)
Article 72: Post-market monitoring and monitoring plan for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Creating post-market monitoring plans for high-risk AI systems
Process for post-market data collection and analysis
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)
Article 72: Post-market monitoring and monitoring plan for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for post-market data collection and analysis
Procedure for serious AI incident reporting
Critical
High
Normal
Low
AI risk and lifecycle management
2
requirements

Examples of other requirements this task affects

Article 17.1 (QMS instructions): Quality management instructions
AI Act (Base)
Article 73: Incident reporting procedure for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Procedure for serious AI incident reporting
Record of serious AI incidents and corrective actions
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 73: Incident reporting procedure for providers of high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Record of serious AI incidents and corrective actions
Process for authority notifications on AI testing
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 60.8: Notification of national market authorities where real-world testing is conducted
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for authority notifications on AI testing
Registration of AI systems in critical infrastructure
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 49: Registration of AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Registration of AI systems in critical infrastructure
Process for managing modifications to high-risk AI systems
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 17.1 (QMS policy): Quality management policy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for managing modifications to high-risk AI systems
Process for notifying stakeholders about AI system non-compliance
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 20: Corrective actions and duty of information
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for notifying stakeholders about AI system non-compliance
AI system event logging planning and implementation
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 12: Record-keeping (logs)
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
AI system event logging planning and implementation
Defining AI roles and responsibilities
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 26.1-4: Technical and organisational obligations for deployers of high-risk AI-systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Defining AI roles and responsibilities
Mitigation and control measures for residual AI risks
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 9.2: Risk management system planning, processes and maintenance
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Mitigation and control measures for residual AI risks
Confidentiality of GPAI model information and documentation
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 55: Obligations for providers of general-purpose AI models with systemic risk
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Confidentiality of GPAI model information and documentation
Copyright compliance policy for GPAI model training
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Copyright compliance policy for GPAI model training
Alternative compliance demonstration for GPAI models
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 53.4: Codes of practice for providers of general-purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Alternative compliance demonstration for GPAI models
Compliance with harmonised standards for GPAI models
Critical
High
Normal
Low
AI risk and lifecycle management
1
requirements

Examples of other requirements this task affects

Article 53.4: Codes of practice for providers of general-purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Compliance with harmonised standards for GPAI models

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Get your compliance
foundation in minutes.

Learn what an AI-powered ISMS looks like in practice.
Start a free trial and see your compliance work launch in minutes.

Start free trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templatesTrust center
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessmentsInternal audits
Resources
AcademyWebinarsBlogHelp articlesVideo coursesTrust centerContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security