Conformity assessment readiness checklist
Use the checklist to test whether role, risk status, route assumptions, technical documentation, and review questions are ready.
Download XLSX checklist → Markdown companionConformity assessment markdown outline
Use this text outline for route-readiness notes, evidence gaps, and legal or notified-body review preparation.
Download Markdown →What this checklist is for
This checklist helps teams prepare for the conformity assessment conversation under Article 43 of Regulation (EU) 2024/1689. It does not select the route for you. It organises the facts needed to discuss internal control, notified-body involvement, substantial modification, standards, and evidence readiness with qualified reviewers.
Route-readiness questions
| Question area | What to confirm | Evidence to collect |
|---|---|---|
| Role and scope | Is the organisation acting as provider, deployer, importer, distributor, product manufacturer, authorised representative, or a mix? | Contracts, labels, intended purpose, modification records, distribution facts. |
| High-risk basis | Why is the system high-risk, and which Annex III or product-safety route is relevant? | Classification rationale, use case, sector/product mapping, exclusion analysis. |
| Documentation readiness | Is technical documentation coherent enough for internal or external assessment? | Annex IV-style evidence map, risk file, test reports, logs, instructions for use. |
| Standards and specifications | Which harmonised standards, common specifications, or alternative methods are being used or tracked? | Standards register, gap analysis, rationale for alternative controls. |
| Change control | Would a planned or implemented change require renewed assessment or qualified review? | Change log, risk impact, performance comparison, approval record. |
Checklist sections
Confirm high-risk basis, role, intended purpose, market placement, and deployment facts.
Capture why the team believes internal control, notified-body involvement, or another route may apply.
Check whether technical documentation, risk management, data governance, testing, logs, oversight, and post-market records exist.
Record standards used, gaps, common specifications, and unresolved technical interpretation points.
List prerequisites before relying on declarations, labelling, or market placement claims.
Document counsel, product-safety, conformity-assessment, and technical reviewer questions before final route reliance.
What this checklist does not decide
This checklist does not determine legal status, certify the AI system, confirm CE marking readiness, or decide whether a notified body is required. It is a structured readiness gate for evidence preparation and qualified route review.
Related EU AI Compass tools
FAQ
Is this a legal conformity assessment?
No. It is a readiness checklist. It helps prepare facts and evidence for qualified legal, product-safety, technical, or notified-body review.
Does every high-risk AI system require a notified body?
No single rule should be assumed from this checklist. The applicable route depends on the system, legal basis for high-risk status, standards, product-safety context, and other facts. Qualified review is required before reliance.
When should the checklist be rerun?
Rerun it after substantial design, model, data, intended-purpose, integration, deployment-context, performance, standards, or legal-guidance changes.
Source and review note
This page is educational and should be reviewed against Regulation (EU) 2024/1689, European Commission materials, national authority guidance, sector rules, and qualified legal or conformity-assessment advice where relevant. It does not confirm legal compliance and is not legal advice.