Let's start with the basics.
Select the statements that are important to your organisation.
Good practice note: While the EU AI Act (Article 26) requires you to assign natural persons to AI oversight roles, it does not strictly require you to document their names in the framework itself — unless you are deploying high-risk or biometric AI systems.
However, ISO/IEC 42001 (Clause 5.3, Annex A.3.2) requires documented evidence of named individuals with their positions for audit and certification purposes.
We recommend including names and positions for best-practice compliance.
That's okay — you're not alone. Most organisations are still working this out.
Under the EU AI Act (Article 26), if you deploy high-risk AI systems, you are legally required to assign human oversight to named natural persons with the right competence and authority.
ISO/IEC 42001 (Clause 5.3) also requires you to formally assign and document AI governance roles as part of certification.
For now, we'll note this as a pending action item in your framework. You can come back and assign roles later.
The following practices you selected are prohibited under the EU AI Act (Article 5) and carry significant legal risk:
Organisations found to engage in these practices may face fines of up to 35 million or 7% of global turnover.
By continuing, you acknowledge that your organisation currently engages in one or more practices that are prohibited under the EU AI Act (Article 5).
This framework is provided as a generic AI governance tool only and does not constitute legal advice. You should seek independent legal counsel regarding your compliance obligations.
By proceeding, you accept full responsibility for ensuring your AI practices comply with all applicable laws and regulations.
You've built the foundation of your AI Compliance Framework. To save your progress and continue building, create a free account.
Skip for now — I'll register later
Your framework progress will be saved to your account.
Create a free account to see your complete framework