Step 4: Comply
Achieve Compliance
Learn about EU AI Act requirements, controls, and gap analysis methodology to achieve and maintain compliance.
High-Risk AI System Requirements (Articles 9-15)
These are the mandatory requirements for providers of high-risk AI systems under the EU AI Act.
Sample Data: This shows example requirements. View your actual requirements in the AI System Inventory.
Article 9
Risk Management System
Establish, implement, document and maintain a risk management system
- Identify and analyze known and foreseeable risks
- Estimate and evaluate risks from intended use and misuse
- Adopt risk management measures
- +2 more requirements
12 controls
Article 10
Data and Data Governance
Training, validation and testing data shall be subject to data governance
- Relevant, representative, and error-free data
- Appropriate statistical properties
- Bias examination and mitigation
- +2 more requirements
10 controls
Article 11
Technical Documentation
Draw up technical documentation before placing on market
- General description of the AI system
- Detailed description of elements and development process
- Monitoring, functioning and control information
- +2 more requirements
15 controls
Article 12
Record-Keeping
Automatic recording of events (logs) throughout lifetime
- Automatic logging capabilities
- Recording of period of use
- Reference database for input data
- +2 more requirements
8 controls
Article 13
Transparency
Designed to enable deployers to interpret output and use appropriately
- Instructions for use in appropriate format
- Identity and contact details of provider
- Characteristics, capabilities and limitations
- +2 more requirements
10 controls
Article 14
Human Oversight
Designed to be effectively overseen by natural persons
- Enable human oversight during use
- Ability to understand AI capabilities
- Ability to interpret AI output
- +2 more requirements
8 controls