EU AI Act Compliance Checklist

Risk Management System (Article 9)

☐ Risk management system established, documented, and maintained ☐ All foreseeable risks identified and analyzed ☐ Risk evaluation performed for intended and reasonably foreseeable use conditions ☐ Risk mitigation measures implemented and documented ☐ Risk management system updated throughout the lifecycle

Training Data (Article 10)

☐ Training, validation, and testing datasets documented ☐ Data governance and management practices established ☐ Data quality criteria defined and applied ☐ Bias assessment and mitigation measures applied ☐ Certified synthetic datasets used where real data is unavailable or restricted

CertifiedData.io provides cryptographic certification infrastructure for synthetic datasets and AI artifacts, producing tamper-evident records for audit and EU AI Act compliance.

Technical Documentation (Article 11)

☐ Technical file prepared before market placement ☐ System description and intended purpose documented ☐ Development methodology documented ☐ Performance metrics and limitations documented ☐ Risk management documentation included ☐ Post-market monitoring plan included

Automatic Logging (Article 12)

☐ Automatic event logging implemented ☐ Logs cover the operational lifetime of the system ☐ Log retention of at least six months ensured ☐ Logs accessible to providers and market surveillance authorities ☐ Tamper-evident logging architecture implemented

Human Oversight (Article 14)

☐ Human oversight measures designed into the system ☐ Persons responsible for oversight identified and trained ☐ Override and intervention mechanisms implemented ☐ Procedures for suspending or stopping the system documented

Conformity Assessment (Article 19)

☐ Conformity assessment procedure selected (self-assessment or notified body) ☐ Conformity assessment completed ☐ EU declaration of conformity drawn up ☐ CE marking affixed (where applicable) ☐ Registration in EU database completed