Content library
AI data and model governance
Provision of model documentation to competent authorities
AI governance
AI data and model governance

Provision of model documentation to competent authorities

Start free trial

Task description

Provision of model documentation to competent authorities

GPAI model providers should draw up, maintain and make available documentation enabling AI system providers to:

The documentation should cover, at a minimum:

  • Understand the model’s capabilities, performance characteristics and limitations
  • Identify appropriate use cases and foreseeable misuse
  • Implement necessary risk management, human oversight and compliance measures under the AI Act

Disclosure should be structured to protect intellectual property rights, confidential business information and trade secrets in accordance with EU and national law. Access controls, licensing terms and confidentiality mechanisms should also be defined and documented.

Requirements connected to the task

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models
AI Act (GPAI models)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
AI system data quality standards
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.1: Quality criteria of training data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
AI system data quality standards
Data set validation for high-risk AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.3: Relevance, representativeness, and completeness of data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data set validation for high-risk AI systems
Data set documentation for AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.3: Relevance, representativeness, and completeness of data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data set documentation for AI systems
Security and privacy measures for special category data
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.5: Exceptional processing of special categories of personal data
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Security and privacy measures for special category data
Process for evaluating the necessity of using special category data
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.5: Exceptional processing of special categories of personal data
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Process for evaluating the necessity of using special category data
Log retention for provided high-risk AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 19: Retention of automatically generated logs for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Log retention for provided high-risk AI systems
Data governance for high-risk AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 17.1 (QMS procedures): Quality management procedures
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data governance for high-risk AI systems
Documentation of AI models
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Documentation of AI models
Provision of model documentation to competent authorities
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Provision of model documentation to competent authorities
Data provenance procedure for AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.2: Management of training, validation and testing data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data provenance procedure for AI systems
Data preparation and quality assurance for AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.2: Management of training, validation and testing data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data preparation and quality assurance for AI systems
AI data gap identification and management
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.2: Management of training, validation and testing data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
AI data gap identification and management
Data quality criteria for high-risk AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.3: Relevance, representativeness, and completeness of data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data quality criteria for high-risk AI systems
Contextual relevance assessment of AI data sets
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.4: Contextual characteristics of data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Contextual relevance assessment of AI data sets
Justification for special category data processing in AI bias correction records
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.5: Exceptional processing of special categories of personal data
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Justification for special category data processing in AI bias correction records
Deletion of special categories of personal data for AI bias correction
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.5: Exceptional processing of special categories of personal data
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Deletion of special categories of personal data for AI bias correction
Technical limitations on re-use of special category data
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.5: Exceptional processing of special categories of personal data
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Technical limitations on re-use of special category data
Test data management for high-risk AI systems without model training
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.6: Applicability of data requirements to non-training high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Test data management for high-risk AI systems without model training
Identification and mitigation of AI model flaws
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 15.5: Cybersecurity and resilience against manipulation attempts
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Identification and mitigation of AI model flaws
Log retention for high-risk AI systems provided by financial institutions
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 19: Retention of automatically generated logs for high-risk AI systems
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Log retention for high-risk AI systems provided by financial institutions
Data management procedures for AI system development
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.1: Quality criteria of training data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data management procedures for AI system development
Data preparation criteria and methods
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.1: Quality criteria of training data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data preparation criteria and methods
Documentation of open-source usage in GPAI model development
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Documentation of open-source usage in GPAI model development
Cybersecurity measures for the protection of GPAI models with systemic risk
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 55: Obligations for providers of general-purpose AI models with systemic risk
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Cybersecurity measures for the protection of GPAI models with systemic risk
Identification and traceability of AI products and services
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 17.1 (QMS policy): Quality management policy
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Identification and traceability of AI products and services
Data preparation process for high-risk AI systems
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 10.3: Relevance, representativeness, and completeness of data sets
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Data preparation process for high-risk AI systems
Secure handling of property belonging to stakeholders in the development of AI products and services
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 17.1 (QMS instructions): Quality management instructions
AI Act (Base)
See all related requirements and other information from tasks own page.
Go to >
Secure handling of property belonging to stakeholders in the development of AI products and services
Public summary of training data for GPAI models
Critical
High
Normal
Low
AI data and model governance
1
requirements

Examples of other requirements this task affects

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models
AI Act (GPAI)
See all related requirements and other information from tasks own page.
Go to >
Public summary of training data for GPAI models

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Get your compliance
foundation in minutes.

Learn what an AI-powered ISMS looks like in practice.
Start a free trial and see your compliance work launch in minutes.

Start free trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templatesTrust center
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessmentsInternal audits
Resources
AcademyWebinarsBlogHelp articlesVideo coursesTrust centerContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security