EU AI Act update, 8 May 2026: current law remains the baseline. The Digital Omnibus provisional agreement would move many high-risk AI obligations to 2 Dec 2027 and product-integrated high-risk AI rules to 2 Aug 2028 if formally adopted. Track status EU AI Act update: current law remains the baseline. Digital Omnibus dates apply only if formally adopted. Track status

Free · No Login · No Upload · Local-first

EU AI Act Evidence Starter Library

A practical folder of downloadable EU AI Act worksheets for first-pass evidence. Use these starters to move from discussion to a register, checklist, role matrix, notice record, training trail, vendor intake, FRIA worksheet, oversight log, incident register, and shadow AI tracker.

Browse the libraryStart with the checker

EU AI Act evidence readiness guides

Use these new guides as the operational route from inventory to evidence: audit questions, deployer deadlines, vendor handoff, Article 50 disclosure, AI agent evidence, and cross-regulation comparison. Start with the audit questions hub if you need one entry point.

30-day plan 30-Day EU AI Act Evidence Planner Weekly deployer workplan connecting inventory, role classification, vendor records, Article 50 review, oversight, incidents, and gaps. Deadline / readiness EU AI Act August 2026 Current-Law Baseline Tracker Deployer readiness tracker for Article 26, Article 50, Annex III triage, AI inventory, oversight logs, and evidence planning under the current-law August 2026 baseline. Evidence EU AI Act Evidence Checklist Evidence checklist for deployers preparing inventory, role classification, vendor files, oversight logs, Article 50 disclosures, and incident records. Vendor evidence EU AI Act Vendor Due Diligence Checklist Vendor evidence handoff checklist for deployers reviewing instructions for use, logging, oversight, change controls, and incident support. Article 50 EU AI Act Article 50 Disclosure Checklist Article 50 disclosure checklist for AI interaction notices, content marking, deepfake disclosure, biometric notices, and public-interest text review. AI agents AI Agent Deployer Evidence Checklist Under the EU AI Act Evidence checklist for deployers using AI agents, including role mapping, autonomy boundaries, oversight, logs, Article 50 triggers, and incident routing. Inventory AI System Inventory Fields for EU AI Act Readiness Field-by-field inventory guide routing AI systems to classification, deployer duties, Article 50, DPIA, FRIA, incident, and deadline evidence. Article 50 EU AI Act Article 50 Implementation Pack Article 50 hub routing transparency scenarios to validators, content marking checks, notice templates, disclosure evidence, and inventory records. Comparison EU AI Act vs Colorado AI Act: Deployer Duties Compared Deployer-focused comparison of EU AI Act and Colorado AI Act evidence, notices, impact assessments, inventory fields, and governance records. Audit / regulator questions What Auditors and Regulators Will Ask Under the EU AI Act Question-led EU AI Act evidence hub routing likely auditor and regulator questions to inventory, classification, vendor evidence, Article 50, FRIA/DPIA, incidents, and deadline planning.

What this is

A starter evidence layer for internal readiness. It helps teams collect structured inputs before legal, risk, technical, or audit review.

Privacy model

No login, no file upload, and no cloud workflow. The files download locally and the linked diagnostic tools run in the browser.

How to use it

Start with inventory, then role mapping, deployer duties, and evidence logs. Add FRIA, transparency, incident, vendor, and shadow AI records where relevant.

Downloadable evidence starters

These are starter records, not legal conclusions. Use them to collect evidence before formal review.

Inventory & scope

AI System Inventory Template

Capture AI systems, owners, vendors, role assumptions, Annex III flags, transparency triggers, oversight owners, and evidence locations.

Open template page → Deployer duties

Deployer Obligations Checklist

Map Article 26-style deployer records: oversight, input data controls, logs, notices, FRIA triggers, vendor files, and sign-off.

Open checklist → Role mapping

Compliance Matrix by Role and Article

Compare typical duties across provider, deployer, importer, distributor, GPAI, and product-manufacturer roles.

Open matrix → Transparency

Article 50 Transparency Notice Templates

Starter wording for AI interaction notices, generated-content labels, deepfake disclosures, and sensitive-use disclosures.

Open notices → AI literacy

AI Literacy Evidence Log

Track role exposure, training completion, assessment results, refresher cadence, and evidence owners for Article 4 readiness.

Open evidence log → Vendor governance

AI Vendor Intake and Due Diligence Template

Collect supplier, model, hosting, data, retention, subcontractor, transfer, security, and evidence questions before procurement review.

Open vendor intake → FRIA preparation

FRIA Starter Worksheet

Prepare a structured fundamental-rights impact file before using the local FRIA generator or asking counsel to review.

Open FRIA worksheet → Human oversight

Human Oversight Evidence Log

Record recommendations, overrides, escalations, reviewer identity, justification, and follow-up actions for oversight defensibility.

Open oversight log → Incident evidence

Serious Incident Register Lite

Capture incident intake, suspected seriousness, affected groups, containment, escalation, closure, and evidence status.

Open incident register → Shadow AI

Shadow AI Discovery Questionnaire and Remediation Tracker

Find unapproved AI use, capture data exposure, identify owners, and track remediation before shadow AI becomes unmanaged evidence debt.

Open shadow AI tracker →

Recommended workflow

  1. 1. Inventory: list AI systems, owners, vendors, roles, data, and evidence locations.
  2. 2. Classify: use the role matrix, quick checker, and applicability checker to separate deployer, provider, high-risk, limited-risk, and transparency obligations.
  3. 3. Evidence: attach deployer checklist, FRIA worksheet, Article 50 notice records, AI literacy log, vendor intake, and oversight records.
  4. 4. Escalate: move provider-heavy, post-market, incident, or conformity questions to qualified legal and technical review.

Use boundaries

These assets are deliberately narrow. They are not a substitute for legal advice, conformity assessment, formal quality-management implementation, or regulator-facing submissions.

They are designed to help teams stop treating EU AI Act readiness as a vague policy discussion and start building a visible evidence folder.

Provider Evidence Starter Pack

These three provider-side starters close the technical documentation, post-market monitoring, and conformity assessment gap identified in the 28 April competitive analysis. Use them after role and high-risk classification review, not as standalone legal conclusions.

Article 11 / Annex IV

Technical Documentation Starter

Map system description, design, data, testing, risk controls, oversight, logs, monitoring, and conformity evidence.

Article 72

Post-Market Monitoring Plan

Define signals, thresholds, owners, event logs, corrective actions, and incident escalation paths.

Article 43

Conformity Assessment Checklist

Prepare route questions, evidence readiness, notified-body triggers, and substantial modification review.

Tool-to-evidence pairings

Local FRIA Generator
Pair with the FRIA Starter Worksheet.Human Oversight Log
Pair with the Human Oversight Evidence Log.AI Vendor Risk Screener
Pair with the Vendor Intake Template.Shadow AI Discovery Protocol
Pair with the Shadow AI Tracker and Inventory Template.Deployer Obligation Assessment
Pair with the Deployer Checklist and Compliance Matrix.Transparency Validator
Pair with Article 50 Notice Templates.

Frequently Asked Questions

No. These templates are educational evidence starters. Use them to organise facts and records before qualified legal, technical, or conformity-assessment review.

No. The files download locally. The linked diagnostic tools run in your browser. EU AI Compass does not require account creation or file upload for these starters.

Start with the AI System Inventory Template. Then use the Compliance Matrix and Deployer Obligations Checklist to decide which evidence records matter next.

No. These are first-pass records. Formal compliance may require role classification, risk management, technical documentation, quality management, FRIA, post-market monitoring, incident reporting, conformity assessment, and legal review depending on your role and system.

Source and review note

This library is educational and should be reviewed against Regulation (EU) 2024/1689 and relevant European Commission, AI Office, national authority, and sector guidance. It does not confirm legal compliance and is not legal advice.

Named evidence packs

Use these bundles when you want a workflow, not just a single worksheet.

Evidence Pack Selector
Choose the correct pack by role, trigger, and risk path.Provider Evidence Pack Lite
Technical documentation, monitoring, conformity, QMS, declaration, and EU database readiness prompts.AI Literacy Policy Template
Complete the Article 4 policy, briefing, planner, and evidence loop.AI Literacy Manager Briefing Pack
Brief managers on Article 4 expectations, team behaviours, and evidence responsibilities.AI Incident Response Plan
Connect response plan, register, reporting checklist, and monitoring handoff.