EU AI Act High-Risk System Playbook
Classify use cases against Annex III, build the Article 9 risk management system, and compile the Annex IV technical file your conformity assessment will depend on.
How the playbook runs.
Each phase is operated jointly by our compliance agents and our specialists. Agents carry the mechanical steps; specialists own the judgement calls and the sign-off at the boundary between phases.
- 01ClassificationAnnex III and prohibited-practice screen
- 02Article 9 RMS stand-up
- 03Article 10–15 control coverage
- 04Annex IV compilation
What you hold at the end.
Signed, dated, tamper-evident, portable. The artifact set reads in PDF, Excel and JSON — and without a platform login. Your practitioners keep working even if we walk away.
The regimes this playbook answers.
One playbook, mapped clause-by-clause to every framework in scope. Open any framework below for the primary-source detail and the controls we land against it.
The agents that touch this playbook.
Each agent is bounded, instrumented and auditable. Actions are logged. Thresholds are reviewed. A specialist holds the pen at every decision point that carries supervisory weight.
- Risk Tiering AgentClassifies use cases against the regime under review (Annex III, Article 9 triggers, material-risk thresholds) and documents the rationale.
- Control Mapping AgentPulls the relevant clause-level obligations and aligns them to your existing control register.
- Validation AgentAssembles validation, accuracy and robustness evidence against the clause the regulator will read.
- Evidence Engine AgentCompiles the technical documentation and risk management file into the artifact the conformity route depends on.
Start this playbook on your portfolio.
Tell us which estate it runs against and which supervisory conversation it needs to answer. We will walk from first discovery to a signed artifact — with the agents doing the assembly and our specialists owning the sign-off.