What this is
A starter evidence layer for internal readiness. It helps teams collect structured inputs before legal, risk, technical, or audit review.
Privacy model
No login, no file upload, and no cloud workflow. The files download locally and the linked diagnostic tools run in the browser.
How to use it
Start with inventory, then role mapping, deployer duties, and evidence logs. Add FRIA, transparency, incident, vendor, and shadow AI records where relevant.
Downloadable evidence starters
These are starter records, not legal conclusions. Use them to collect evidence before formal review.
AI System Inventory Template
Capture AI systems, owners, vendors, role assumptions, Annex III flags, transparency triggers, oversight owners, and evidence locations.
Open template page → Deployer dutiesDeployer Obligations Checklist
Map Article 26-style deployer records: oversight, input data controls, logs, notices, FRIA triggers, vendor files, and sign-off.
Open checklist → Role mappingCompliance Matrix by Role and Article
Compare typical duties across provider, deployer, importer, distributor, GPAI, and product-manufacturer roles.
Open matrix → TransparencyArticle 50 Transparency Notice Templates
Starter wording for AI interaction notices, generated-content labels, deepfake disclosures, and sensitive-use disclosures.
Open notices → AI literacyAI Literacy Evidence Log
Track role exposure, training completion, assessment results, refresher cadence, and evidence owners for Article 4 readiness.
Open evidence log → Vendor governanceAI Vendor Intake and Due Diligence Template
Collect supplier, model, hosting, data, retention, subcontractor, transfer, security, and evidence questions before procurement review.
Open vendor intake → FRIA preparationFRIA Starter Worksheet
Prepare a structured fundamental-rights impact file before using the local FRIA generator or asking counsel to review.
Open FRIA worksheet → Human oversightHuman Oversight Evidence Log
Record recommendations, overrides, escalations, reviewer identity, justification, and follow-up actions for oversight defensibility.
Open oversight log → Incident evidenceSerious Incident Register Lite
Capture incident intake, suspected seriousness, affected groups, containment, escalation, closure, and evidence status.
Open incident register → Shadow AIShadow AI Discovery Questionnaire and Remediation Tracker
Find unapproved AI use, capture data exposure, identify owners, and track remediation before shadow AI becomes unmanaged evidence debt.
Open shadow AI tracker →Recommended workflow
- 1. Inventory: list AI systems, owners, vendors, roles, data, and evidence locations.
- 2. Classify: use the role matrix, quick checker, and applicability checker to separate deployer, provider, high-risk, limited-risk, and transparency obligations.
- 3. Evidence: attach deployer checklist, FRIA worksheet, Article 50 notice records, AI literacy log, vendor intake, and oversight records.
- 4. Escalate: move provider-heavy, post-market, incident, or conformity questions to qualified legal and technical review.
Use boundaries
These assets are deliberately narrow. They are not a substitute for legal advice, conformity assessment, formal quality-management implementation, or regulator-facing submissions.
They are designed to help teams stop treating EU AI Act readiness as a vague policy discussion and start building a visible evidence folder.
Provider Evidence Starter Pack
These three provider-side starters close the technical documentation, post-market monitoring, and conformity assessment gap identified in the 28 April competitive analysis. Use them after role and high-risk classification review, not as standalone legal conclusions.
Technical Documentation Starter
Map system description, design, data, testing, risk controls, oversight, logs, monitoring, and conformity evidence.
Article 72Post-Market Monitoring Plan
Define signals, thresholds, owners, event logs, corrective actions, and incident escalation paths.
Article 43Conformity Assessment Checklist
Prepare route questions, evidence readiness, notified-body triggers, and substantial modification review.
Tool-to-evidence pairings
Pair with the FRIA Starter Worksheet.Human Oversight Log
Pair with the Human Oversight Evidence Log.AI Vendor Risk Screener
Pair with the Vendor Intake Template.Shadow AI Discovery Protocol
Pair with the Shadow AI Tracker and Inventory Template.Deployer Obligation Assessment
Pair with the Deployer Checklist and Compliance Matrix.Transparency Validator
Pair with Article 50 Notice Templates.
Frequently Asked Questions
No. These templates are educational evidence starters. Use them to organise facts and records before qualified legal, technical, or conformity-assessment review.
No. The files download locally. The linked diagnostic tools run in your browser. EU AI Compass does not require account creation or file upload for these starters.
Start with the AI System Inventory Template. Then use the Compliance Matrix and Deployer Obligations Checklist to decide which evidence records matter next.
No. These are first-pass records. Formal compliance may require role classification, risk management, technical documentation, quality management, FRIA, post-market monitoring, incident reporting, conformity assessment, and legal review depending on your role and system.
Source and review note
This library is educational and should be reviewed against Regulation (EU) 2024/1689 and relevant European Commission, AI Office, national authority, and sector guidance. It does not confirm legal compliance and is not legal advice.
Named evidence packs
Use these bundles when you want a workflow, not just a single worksheet.
Choose the correct pack by role, trigger, and risk path.Provider Evidence Pack Lite
Technical documentation, monitoring, conformity, QMS, declaration, and EU database readiness prompts.AI Literacy Policy Template
Complete the Article 4 policy, briefing, planner, and evidence loop.AI Incident Response Plan
Connect response plan, register, reporting checklist, and monitoring handoff.