ProcedureReady to Usev2.0

AI System Classification Procedure

Step-by-step process for classifying AI systems according to EU AI Act risk categories including prohibited practices (Article 5), high-risk (Annex III), GPAI classification (Articles 51-56), and limited/minimal risk systems.

30 min

Read Time

Intermediate

Level

Owner:AI Act Program Manager

Effective:2025-08-01

Standard:STD-AI-001

Category:Classification

Topics:Risk classificationArticle 5 prohibitedAnnex III assessmentGPAI classificationSystemic risk

PROC-AI-CLS-001

AI System Classification Procedure

STD-AI-001: AI System Classification Standard

Draft

Controls Covered

CLS-001CLS-002CLS-003CLS-004CLS-005CLS-006CLS-007

Effective Date

[To be filled]

Next Review

[To be filled]

Purpose & Scope

Purpose

This procedure establishes the mandatory, step-by-step process for classifying all AI systems according to the EU AI Act's risk categories (prohibited, high-risk, limited-risk, minimal-risk, and General Purpose AI). Its purpose is to ensure that every AI system is accurately classified before development begins and is re-evaluated throughout its lifecycle, guaranteeing that the appropriate compliance obligations are applied consistently and correctly.

Applies To

All systems meeting the EU AI Act definition of an "AI system"
All General Purpose AI (GPAI) models per Articles 51-56
All AI systems at any lifecycle stage (design, development, deployment, operation)
All AI systems developed internally or by third parties on behalf of the organization
All AI systems integrated from upstream GPAI providers

Does Not Apply To

AI systems used exclusively for personal, non-professional activity
AI systems used exclusively for military, defense, or national security purposes

Procedure Steps

Controls

KPIs

Roles Defined

Table of Contents

AI Risk Management Procedure

Data Governance Procedure

AI System Classification Procedure

Purpose

Applies To

Does Not Apply To

Platform

Resources

Community