AI risk and lifecycle management |

How to improve security around this topic

In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.

Here's a list of tasks that help you improve your information and cyber security related to

AI risk and lifecycle management

Task name

Priority

Task completes

Complete these tasks to increase your compliance in this policy.

Critical

Staff guidance and training procedure in AI literacy

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Staff guidance and training procedure in AI literacy

This task helps you comply with the following requirements

Article 4: Ensuring personnel have a sufficient level of AI literacy AI Act (Base)

Leadership commitment to the effective management of AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Leadership commitment to the effective management of AI systems

This task helps you comply with the following requirements

Article 4: Ensuring personnel have a sufficient level of AI literacy AI Act (Base)

Maintaining a log of AI literacy training

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Maintaining a log of AI literacy training

This task helps you comply with the following requirements

Article 4: Ensuring personnel have a sufficient level of AI literacy AI Act (Base)

Appointment of personnel to monitor changes to AI system classifications

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Appointment of personnel to monitor changes to AI system classifications

This task helps you comply with the following requirements

Article 25.1-2: Conditions to be considered a provider of high-risk AI systems AI Act (Base)

Conformity assessment and registration of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Conformity assessment and registration of high-risk AI systems

This task helps you comply with the following requirements

Article 16: Obligations for providers of high-risk AI systems AI Act (Base)

Technical documentation for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Technical documentation for high-risk AI systems

This task helps you comply with the following requirements

Article 16: Obligations for providers of high-risk AI systems AI Act (Base)

Article 11: Technical documentation AI Act (Base)

Post-market monitoring and corrective actions for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Post-market monitoring and corrective actions for high-risk AI systems

This task helps you comply with the following requirements

Article 16: Obligations for providers of high-risk AI systems AI Act (Base)

Quality management equivalencies for financial institutions

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Quality management equivalencies for financial institutions

This task helps you comply with the following requirements

Article 17.4: Quality management systems for financial institutions AI Act (Base)

Conformity process for distributors of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Conformity process for distributors of high-risk AI systems

This task helps you comply with the following requirements

Article 24: Declaration of conformity for distributors of high-risk AI systems AI Act (Base)

Operational process for deployed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Operational process for deployed high-risk AI systems

This task helps you comply with the following requirements

Article 26.1-4: Technical and organisational obligations for deployers of high-risk AI-systems AI Act (Base)

Process for monitoring high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for monitoring high-risk AI systems

This task helps you comply with the following requirements

Article 26.5: Monitoring the operation of deployed high-risk AI systems AI Act (Base)

Maintaining a log of monitoring activities of deployed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Maintaining a log of monitoring activities of deployed high-risk AI systems

This task helps you comply with the following requirements

Article 26.5: Monitoring the operation of deployed high-risk AI systems AI Act (Base)

Log retention policy for deployed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Log retention policy for deployed high-risk AI systems

This task helps you comply with the following requirements

Article 26.6: Minimum log retention periods in deployed high-risk AI systems AI Act (Base)

Impact assessment procedure for AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Impact assessment procedure for AI systems

This task helps you comply with the following requirements

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems AI Act (Base)

Article 9.2: Risk management system planning, processes and maintenance AI Act (Base)

Article 9.9: Considering the impact on vulnerable groups in risk management AI Act (Base)

Fundamental rights assessment -report publishing, informing and maintenance

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Fundamental rights assessment -report publishing, informing and maintenance

This task helps you comply with the following requirements

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems AI Act (Base)

Evaluation of AI risk management measures in the risk management phase

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Evaluation of AI risk management measures in the risk management phase

This task helps you comply with the following requirements

Article 9.4: Considerations for risk management measures AI Act (Base)

Acceptance of overall residual AI risk

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Acceptance of overall residual AI risk

This task helps you comply with the following requirements

Article 9.5: Risk management measures AI Act (Base)

Mitigation and control measures for AI risks

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Mitigation and control measures for AI risks

This task helps you comply with the following requirements

Article 9.5: Risk management measures AI Act (Base)

Testing plan for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Testing plan for high-risk AI systems

This task helps you comply with the following requirements

Article 9.8: Testing frequency and metrics AI Act (Base)

Documentation of AI system design and development

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Documentation of AI system design and development

This task helps you comply with the following requirements

Article 10.2: Management of training, validation and testing data sets AI Act (Base)

Logging capabilities for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Logging capabilities for high-risk AI systems

This task helps you comply with the following requirements

Article 12: Record-keeping (logs)AI Act (Base)

Amount, competence and adequacy of human oversight personnel

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Amount, competence and adequacy of human oversight personnel

This task helps you comply with the following requirements

Article 14: Effective human oversight of high-risk AI-systems AI Act (Base)

Management of AI-specific cybersecurity risks

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Management of AI-specific cybersecurity risks

This task helps you comply with the following requirements

Article 15.5: Cybersecurity and resilience against manipulation attempts AI Act (Base)

AI cybersecurity incident response plan

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

AI cybersecurity incident response plan

This task helps you comply with the following requirements

Article 15.5: Cybersecurity and resilience against manipulation attempts AI Act (Base)

Verification process for imported high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Verification process for imported high-risk AI systems

This task helps you comply with the following requirements

Article 23: Declaration of conformity for importers of high-risk AI systems AI Act (Base)

Handling non-conformities in imported high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Handling non-conformities in imported high-risk AI systems

This task helps you comply with the following requirements

Article 23: Declaration of conformity for importers of high-risk AI systems AI Act (Base)

Internal control procedure for conformity assessment

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Internal control procedure for conformity assessment

This task helps you comply with the following requirements

Article 43.1: Conformity assessment procedure for providers of high-risk AI systems AI Act (Base)

Internal conformity assessment procedure for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Internal conformity assessment procedure for high-risk AI systems

This task helps you comply with the following requirements

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III AI Act (Base)

Process for managing substantial modifications to AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for managing substantial modifications to AI systems

This task helps you comply with the following requirements

Article 43.4: Conditions for high-risk AI systems to undergo a new conformity assessment procedure AI Act (Base)

Policy on CE marking responsibility and usage for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Policy on CE marking responsibility and usage for high-risk AI systems

This task helps you comply with the following requirements

Article 48: CE markings for high-risk AI systems AI Act (Base)

Management of serious incidents during real-world AI testing

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Management of serious incidents during real-world AI testing

This task helps you comply with the following requirements

Article 60.7: Reporting of serious incidents connected to real-world testing of high-risk AI systems AI Act (Base)

Registration of AI systems before market placement

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Registration of AI systems before market placement

This task helps you comply with the following requirements

Article 49: Registration of AI systems AI Act (Base)

Considering AI risks in the ISMS

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Considering AI risks in the ISMS

This task helps you comply with the following requirements

Article 9.1: Establishing a risk management system for high-risk AI systems AI Act (Base)

AI risk assessment process establishment and management

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

AI risk assessment process establishment and management

This task helps you comply with the following requirements

Article 9.2: Risk management system planning, processes and maintenance AI Act (Base)

Adopting a code of practice for general-purpose AI models

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Adopting a code of practice for general-purpose AI models

This task helps you comply with the following requirements

Article 53.4: Codes of practice for providers of general-purpose AI models AI Act (GPAI)

Appointment of an authorised representative for GPAI model providers from outside the EU

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Appointment of an authorised representative for GPAI model providers from outside the EU

This task helps you comply with the following requirements

Article 54: Authorised representatives of providers of general-purpose AI models AI Act (GPAI)

Evaluating and managing systemic risk in GPAI models

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Evaluating and managing systemic risk in GPAI models

This task helps you comply with the following requirements

Article 55: Obligations for providers of general-purpose AI models with systemic risk AI Act (GPAI)

Process for cooperating with competent authorities

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for cooperating with competent authorities

This task helps you comply with the following requirements

Article 52.3: Cooperation with competent authorities for providers of general purpose AI models AI Act (GPAI)

Support for authorised representatives of GPAI model providers

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Support for authorised representatives of GPAI model providers

This task helps you comply with the following requirements

Article 54: Authorised representatives of providers of general-purpose AI models AI Act (GPAI)

Awareness and mitigation of automation bias in AI system use

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Awareness and mitigation of automation bias in AI system use

This task helps you comply with the following requirements

Article 4: Ensuring personnel have a sufficient level of AI literacy AI Act (Base)

Unit or role-specific AI literacy program

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Unit or role-specific AI literacy program

This task helps you comply with the following requirements

Article 4: Ensuring personnel have a sufficient level of AI literacy AI Act (Base)

Implementing changes to AI system classifications

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Implementing changes to AI system classifications

This task helps you comply with the following requirements

Article 25.3: Manufacturer conditions for AI systems as safety components of products AI Act (Base)

Code of conduct for organisations deploying or providing AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Code of conduct for organisations deploying or providing AI systems

This task helps you comply with the following requirements

Article 95.3: Code of conduct for providers or deployers of AI systems and their organisations AI Act (Base)

Process for managing classification changes for AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for managing classification changes for AI systems

This task helps you comply with the following requirements

Article 25.1-2: Conditions to be considered a provider of high-risk AI systems AI Act (Base)

Automatic log-generation for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Automatic log-generation for high-risk AI systems

This task helps you comply with the following requirements

Article 16: Obligations for providers of high-risk AI systems AI Act (Base)

Cooperation with national competent authorities for providers of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Cooperation with national competent authorities for providers of high-risk AI systems

This task helps you comply with the following requirements

Article 16: Obligations for providers of high-risk AI systems AI Act (Base)

Termination clause in the authorised representative's mandate

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Termination clause in the authorised representative's mandate

This task helps you comply with the following requirements

Article 22: Authorised representatives of high-risk AI system providers AI Act (Base)

Appointment and responsibilities of the authorised representative of providers of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Appointment and responsibilities of the authorised representative of providers of high-risk AI systems

This task helps you comply with the following requirements

Article 22: Authorised representatives of high-risk AI system providers AI Act (Base)

Secure storage and transport of distributed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Secure storage and transport of distributed high-risk AI systems

This task helps you comply with the following requirements

Article 24: Declaration of conformity for distributors of high-risk AI systems AI Act (Base)

Notification procedure for risks in distributed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Notification procedure for risks in distributed high-risk AI systems

This task helps you comply with the following requirements

Article 24: Declaration of conformity for distributors of high-risk AI systems AI Act (Base)

Incident reporting for deployed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Incident reporting for deployed high-risk AI systems

This task helps you comply with the following requirements

Article 26.5: Monitoring the operation of deployed high-risk AI systems AI Act (Base)

Monitoring equivalencies for high-risk AI systems deployed by financial institutions

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Monitoring equivalencies for high-risk AI systems deployed by financial institutions

This task helps you comply with the following requirements

Article 26.5: Monitoring the operation of deployed high-risk AI systems AI Act (Base)

Article 26.6: Minimum log retention periods in deployed high-risk AI systems AI Act (Base)

Technical implementation of AI system log retention

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Technical implementation of AI system log retention

This task helps you comply with the following requirements

Article 26.6: Minimum log retention periods in deployed high-risk AI systems AI Act (Base)

Registration of high-risk AI system registration before deployment

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Registration of high-risk AI system registration before deployment

This task helps you comply with the following requirements

Article 26.8: Registration of deployed high-risk AI systems for public authorities and union institutions AI Act (Base)

Verifying the registration of deployed high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Verifying the registration of deployed high-risk AI systems

This task helps you comply with the following requirements

Article 26.8: Registration of deployed high-risk AI systems for public authorities and union institutions AI Act (Base)

Notification of fundamental rights impact assessment

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Notification of fundamental rights impact assessment

This task helps you comply with the following requirements

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems AI Act (Base)

Internal governance and complaint mechanisms for AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Internal governance and complaint mechanisms for AI systems

This task helps you comply with the following requirements

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems AI Act (Base)

Use of previous impact assessments for AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Use of previous impact assessments for AI systems

This task helps you comply with the following requirements

Article 27.1-4: Fundamental rights impact assessment prior to deployment of high-risk AI systems AI Act (Base)

Review of explanation obligations for AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Review of explanation obligations for AI systems

This task helps you comply with the following requirements

Article 86: Right to explanation of individual decision-making AI Act (Base)

Identification and documentation of risks in AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Identification and documentation of risks in AI systems

This task helps you comply with the following requirements

Article 17.1 (QMS instructions): Quality management instructions AI Act (Base)

Article 9.1: Establishing a risk management system for high-risk AI systems AI Act (Base)

Documentation of linked risks for identified incidents in AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Documentation of linked risks for identified incidents in AI systems

This task helps you comply with the following requirements

Article 9.1: Establishing a risk management system for high-risk AI systems AI Act (Base)

Evaluation process and documentation of significant changes to high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Evaluation process and documentation of significant changes to high-risk AI systems

This task helps you comply with the following requirements

Article 9.1: Establishing a risk management system for high-risk AI systems AI Act (Base)

Article 9.2: Risk management system planning, processes and maintenance AI Act (Base)

Evaluation of risks from foreseeable misuse of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Evaluation of risks from foreseeable misuse of high-risk AI systems

This task helps you comply with the following requirements

Article 9.2: Risk management system planning, processes and maintenance AI Act (Base)

Defining and documenting risk management metrics for AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Defining and documenting risk management metrics for AI systems

This task helps you comply with the following requirements

Article 9.5: Risk management measures AI Act (Base)

Testing of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Testing of high-risk AI systems

This task helps you comply with the following requirements

Article 9.6: Testing for risk management measures and compliance AI Act (Base)

Definition of testing metrics and thresholds for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Definition of testing metrics and thresholds for high-risk AI systems

This task helps you comply with the following requirements

Article 9.8: Testing frequency and metrics AI Act (Base)

Unified technical documentation for AI systems in regulated products

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Unified technical documentation for AI systems in regulated products

This task helps you comply with the following requirements

Article 11: Technical documentation AI Act (Base)

Simplified technical documentation for SMEs and start-ups

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Simplified technical documentation for SMEs and start-ups

This task helps you comply with the following requirements

Article 11: Technical documentation AI Act (Base)

Specification of AI system log content

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Specification of AI system log content

This task helps you comply with the following requirements

Article 12: Record-keeping (logs)AI Act (Base)

Built-in human oversight mechanisms for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Built-in human oversight mechanisms for high-risk AI systems

This task helps you comply with the following requirements

Article 14: Effective human oversight of high-risk AI-systems AI Act (Base)

Analysis of human oversight measures for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Analysis of human oversight measures for high-risk AI systems

This task helps you comply with the following requirements

Article 14: Effective human oversight of high-risk AI-systems AI Act (Base)

Technical requirements for AI system performance and security

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Technical requirements for AI system performance and security

This task helps you comply with the following requirements

Article 15.1: Accuracy, robustness and cybersecurity of high-risk AI systems AI Act (Base)

Measures against feedback loops in learning AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Measures against feedback loops in learning AI systems

This task helps you comply with the following requirements

Article 15.4: Robustness against errors and mitigation of feedback loops AI Act (Base)

Conformity assessment process for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Conformity assessment process for high-risk AI systems

This task helps you comply with the following requirements

Article 17.1 (QMS policy): Quality management policy AI Act (Base)

Article 43.1: Conformity assessment procedure for providers of high-risk AI systems AI Act (Base)

Submission of the quality management system and technical documentation to a notified body

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Submission of the quality management system and technical documentation to a notified body

This task helps you comply with the following requirements

Article 43.1: Conformity assessment procedure for providers of high-risk AI systems AI Act (Base)

Pre-market Declaration of Conformity preparation for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Pre-market Declaration of Conformity preparation for high-risk AI systems

This task helps you comply with the following requirements

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III AI Act (Base)

Verification and documentation of the internal conformity assessment

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Verification and documentation of the internal conformity assessment

This task helps you comply with the following requirements

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III AI Act (Base)

CE marking for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

CE marking for high-risk AI systems

This task helps you comply with the following requirements

Article 43.2: Conformity assessment procedure for providers of high-risk AI systems listed in Annex III AI Act (Base)

Process for conformity assessment of AI systems under existing legislation

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for conformity assessment of AI systems under existing legislation

This task helps you comply with the following requirements

Article 43.3: Conformity assessment procedure for providers of high-risk AI systems covered by EU harmonisation legislation AI Act (Base)

Specific documentation for combined conformity assessments

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Specific documentation for combined conformity assessments

This task helps you comply with the following requirements

Article 43.3: Conformity assessment procedure for providers of high-risk AI systems covered by EU harmonisation legislation AI Act (Base)

Selection of a Notified Body for combined assessments

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Selection of a Notified Body for combined assessments

This task helps you comply with the following requirements

Article 43.3: Conformity assessment procedure for providers of high-risk AI systems covered by EU harmonisation legislation AI Act (Base)

Creation, management and maintenance of declarations of conformity for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Creation, management and maintenance of declarations of conformity for high-risk AI systems

This task helps you comply with the following requirements

Article 47: EU declaration of conformity AI Act (Base)

Process for CE marking of high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for CE marking of high-risk AI systems

This task helps you comply with the following requirements

Article 48: CE markings for high-risk AI systems AI Act (Base)

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Register of CE marking for high-risk AI systems

This task helps you comply with the following requirements

Article 48: CE markings for high-risk AI systems AI Act (Base)

Process for cooperation with competent authorities

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for cooperation with competent authorities

This task helps you comply with the following requirements

Article 17.1 (QMS instructions): Quality management instructions AI Act (Base)

Article 21: Cooperation with competent authorities AI Act (Base)

Creating post-market monitoring plans for high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Creating post-market monitoring plans for high-risk AI systems

This task helps you comply with the following requirements

Article 17.1 (QMS instructions): Quality management instructions AI Act (Base)

Article 72: Post-market monitoring and monitoring plan for high-risk AI systems AI Act (Base)

Process for post-market data collection and analysis

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for post-market data collection and analysis

This task helps you comply with the following requirements

Article 9.2: Risk management system planning, processes and maintenance AI Act (Base)

Article 72: Post-market monitoring and monitoring plan for high-risk AI systems AI Act (Base)

Procedure for serious AI incident reporting

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Procedure for serious AI incident reporting

This task helps you comply with the following requirements

Article 17.1 (QMS instructions): Quality management instructions AI Act (Base)

Article 73: Incident reporting procedure for providers of high-risk AI systems AI Act (Base)

Record of serious AI incidents and corrective actions

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Record of serious AI incidents and corrective actions

This task helps you comply with the following requirements

Article 73: Incident reporting procedure for providers of high-risk AI systems AI Act (Base)

Process for authority notifications on AI testing

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for authority notifications on AI testing

This task helps you comply with the following requirements

Article 60.8: Notification of national market authorities where real-world testing is conducted AI Act (Base)

Registration of AI systems in critical infrastructure

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Registration of AI systems in critical infrastructure

This task helps you comply with the following requirements

Article 49: Registration of AI systems AI Act (Base)

Process for managing modifications to high-risk AI systems

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for managing modifications to high-risk AI systems

This task helps you comply with the following requirements

Article 17.1 (QMS policy): Quality management policy AI Act (Base)

Process for notifying stakeholders about AI system non-compliance

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Process for notifying stakeholders about AI system non-compliance

This task helps you comply with the following requirements

Article 20: Corrective actions and duty of information AI Act (Base)

AI system event logging planning and implementation

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

AI system event logging planning and implementation

This task helps you comply with the following requirements

Article 12: Record-keeping (logs)AI Act (Base)

Defining AI roles and responsibilities

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Defining AI roles and responsibilities

This task helps you comply with the following requirements

Article 26.1-4: Technical and organisational obligations for deployers of high-risk AI-systems AI Act (Base)

Mitigation and control measures for residual AI risks

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Mitigation and control measures for residual AI risks

This task helps you comply with the following requirements

Article 9.2: Risk management system planning, processes and maintenance AI Act (Base)

Confidentiality of GPAI model information and documentation

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Confidentiality of GPAI model information and documentation

This task helps you comply with the following requirements

Article 55: Obligations for providers of general-purpose AI models with systemic risk AI Act (GPAI)

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Copyright compliance policy for GPAI model training

This task helps you comply with the following requirements

Article 53.1-2: Maintaining accurate and up-to-date technical information of general purpose AI models AI Act (GPAI)

Alternative compliance demonstration for GPAI models

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Alternative compliance demonstration for GPAI models

This task helps you comply with the following requirements

Article 53.4: Codes of practice for providers of general-purpose AI models AI Act (GPAI)

Compliance with harmonised standards for GPAI models

Critical

High

Normal

Low

AI governance

AI risk and lifecycle management

Compliance with harmonised standards for GPAI models

This task helps you comply with the following requirements

Article 53.4: Codes of practice for providers of general-purpose AI models AI Act (GPAI)

Complete these tasks in Cyberday ISMS ->

AI risk and lifecycle management

Other requirements of the framework

How to improve security around this topic

Staff guidance and training procedure in AI literacy

This task helps you comply with the following requirements

Leadership commitment to the effective management of AI systems

This task helps you comply with the following requirements

Maintaining a log of AI literacy training

This task helps you comply with the following requirements

Appointment of personnel to monitor changes to AI system classifications

This task helps you comply with the following requirements

Conformity assessment and registration of high-risk AI systems

This task helps you comply with the following requirements

Technical documentation for high-risk AI systems

This task helps you comply with the following requirements

Post-market monitoring and corrective actions for high-risk AI systems

This task helps you comply with the following requirements

Quality management equivalencies for financial institutions

This task helps you comply with the following requirements

Conformity process for distributors of high-risk AI systems

This task helps you comply with the following requirements

Operational process for deployed high-risk AI systems

This task helps you comply with the following requirements

Process for monitoring high-risk AI systems

This task helps you comply with the following requirements

Maintaining a log of monitoring activities of deployed high-risk AI systems

This task helps you comply with the following requirements

Log retention policy for deployed high-risk AI systems

This task helps you comply with the following requirements

Impact assessment procedure for AI systems

This task helps you comply with the following requirements

Fundamental rights assessment -report publishing, informing and maintenance

This task helps you comply with the following requirements

Evaluation of AI risk management measures in the risk management phase

This task helps you comply with the following requirements

Acceptance of overall residual AI risk

This task helps you comply with the following requirements

Mitigation and control measures for AI risks

This task helps you comply with the following requirements

Testing plan for high-risk AI systems

This task helps you comply with the following requirements

Documentation of AI system design and development

This task helps you comply with the following requirements

Logging capabilities for high-risk AI systems

This task helps you comply with the following requirements

Amount, competence and adequacy of human oversight personnel

This task helps you comply with the following requirements

Management of AI-specific cybersecurity risks

This task helps you comply with the following requirements

AI cybersecurity incident response plan

This task helps you comply with the following requirements

Verification process for imported high-risk AI systems

This task helps you comply with the following requirements

Handling non-conformities in imported high-risk AI systems

This task helps you comply with the following requirements

Internal control procedure for conformity assessment

This task helps you comply with the following requirements

Internal conformity assessment procedure for high-risk AI systems

This task helps you comply with the following requirements

Process for managing substantial modifications to AI systems

This task helps you comply with the following requirements

Policy on CE marking responsibility and usage for high-risk AI systems

This task helps you comply with the following requirements

Management of serious incidents during real-world AI testing

This task helps you comply with the following requirements

Registration of AI systems before market placement

This task helps you comply with the following requirements

Considering AI risks in the ISMS

This task helps you comply with the following requirements

AI risk assessment process establishment and management

This task helps you comply with the following requirements

Adopting a code of practice for general-purpose AI models

This task helps you comply with the following requirements

Appointment of an authorised representative for GPAI model providers from outside the EU

This task helps you comply with the following requirements

Evaluating and managing systemic risk in GPAI models

This task helps you comply with the following requirements

Process for cooperating with competent authorities

This task helps you comply with the following requirements

Support for authorised representatives of GPAI model providers