Operations
Post-market monitoring, six-level oversight pyramid, break-glass procedures, AI literacy, serious incident reporting, and decommissioning.
118 articles in this section
1.
Post-Market Monitoring (S.12)
Post-market monitoring is the continuous compliance obligation that runs from the moment a high-risk AI system enters…
2.
PMM Plan (Art. 72(3))
Data Collection Strategy The PMM plan's data collection strategy specifies what data is collected, from which sources,…
3.
Performance Monitoring
Accuracy Metrics The Technical SME computes the system's core accuracy metrics continuously on production data. The…
4.
Fairness Monitoring
Fairness Metrics Selection rate ratios, equalised odds, predictive parity, and calibration within groups are computed…
5.
Data Drift Monitoring
Input Drift The Technical SME compares the distribution of incoming data against the training data distribution using…
6.
Operational Monitoring
Availability & Uptime vs SLO(
7.
Availability & Uptime vs SLO
Availability & Uptime vs SLO The engineering team measures system availability against a defined SLO documented in the…
8.
Inference Latency
Inference Latency Latency monitoring tracks mean response times and tail latencies (95th and 99th percentiles).…
9.
Error Rate Tracking by Type
Error Rate Tracking by Type Errors are classified by type, each with different compliance implications. Input…
10.
Resource Utilisation & Capacity
Resource Utilisation & Capacity The engineering team tracks CPU, GPU, memory, and storage utilisation against capacity…
11.
Dependency Health
Dependency Health The AI system depends on upstream services (data sources, feature stores, external APIs) and…
12.
Operational vs Model Incident Triage
Operational vs Model Incident Triage When a monitoring alert fires, the triage process determines whether the root…
13.
Human Oversight Monitoring
Override Rate Analysis Override rates carry compliance significance in both directions. A consistently low rate (below…
14.
PMM Infrastructure Architecture
Data Collection Layer(
15.
Data Collection Layer
Data Collection Layer The data collection layer captures inference inputs, outputs, and metadata from the production…
16.
Storage Layer
Storage Layer Monitoring data is stored in a time-series database optimised for the analytical queries PMM requires:…
17.
Computation Layer
Computation Layer Metric computation runs on a scheduled basis (hourly, daily, weekly) as defined in the PMM…
18.
Alerting Layer
Alerting Layer Alerts are routed through a dedicated alerting service (PagerDuty, Opsgenie, or equivalent) that ensures…
19.
Dashboard Layer
Dashboard Layer Dashboards serve two audiences. The operational dashboard provides the Technical SME and operators with…
20.
PMM Tooling
PMM Tooling The PMM tooling landscape spans several categories. Metric collection and visualisation: Prometheus for…
21.
LLM / Generative AI Monitoring
Hallucination Detection For generative AI systems that produce factual claims, hallucination monitoring compares…
22.
Composite System Monitoring
Per-Component & Aggregate Monitoring Composite systems (combining multiple models, modalities, or pipeline stages)…
23.
Alerting & Escalation Framework
Informational Tier(
24.
Informational Tier
Informational Tier An informational alert indicates that a metric has shifted but remains within the established…
25.
Warning Tier
Warning Tier A warning alert indicates that a metric has breached its warning threshold, typically set at a level…
26.
Critical Tier
Critical Tier A critical alert indicates that a metric has breached its compliance threshold, a fundamental rights…
27.
Escalation Path Design
Escalation Path Design The AI Governance Lead(
28.
Silent Escalation Detection
Silent Escalation Detection A common failure mode is the "silent escalation," where an alert is acknowledged but no…
29.
Threshold Calibration — Derivation & Quarterly Review
Threshold Calibration — Derivation & Quarterly Review Threshold calibration determines how sensitive the alerting…
30.
Serious Incident Reporting (Art. 73)
Art. 3(49) Definition — Five Categories of Serious…
31.
Art. 3(49) Definition — Five Categories of Serious Incident
Art. 3(49) Definition — Five Categories of Serious Incident Article 3(49) defines a serious incident as an incident or…
32.
Reporting Timelines (2/10/15 Days)
Reporting Timelines (2/10/15 Days) The reporting regime is tiered by severity. Two days from awareness: widespread…
33.
Detection Infrastructure
Detection Infrastructure The PMM system is configured to detect events that could constitute serious incidents.…
34.
Triage Process
Triage Process Any detection event triggers a predefined triage process completed within 24 hours. The triage assesses…
35.
Evidence Preservation (Art. 73(6))
Evidence Preservation (Art. 73(6)) Article 73(6) explicitly prohibits the provider from altering the AI system in a way…
36.
Initial Report Content (Art. 73(5))
Initial Report Content (Art. 73(5)) The initial report is prepared using the Commission's September 2025 draft…
37.
Reporting Execution
Reporting Execution The incident lead prepares the initial report. The Legal and Regulatory Advisor reviews for…
38.
Investigation & Corrective Action
Investigation & Corrective Action Following the initial report, Article 73(6) requires the provider to investigate,…
39.
Cross-Regime Interaction (Art. 73(9))
Cross-Regime Interaction (Art. 73(9)) High-risk AI systems in sectors with existing equivalent reporting obligations…
40.
Serious Incident Register
Serious Incident Register The serious incident register tracks every event assessed against the Article 3(49) criteria,…
41.
Deployer Monitoring Support
Instructions for Use Guidance (Art. 26(4))(
42.
Instructions for Use Guidance (Art. 26(4))
Instructions for Use Guidance (Art. 26(4)) The deployer's Article 26 monitoring obligation is only as effective as the…
43.
Deployer Feedback Channels
Deployer Feedback Channels Structured feedback channels make it easy for deployers to report issues. A dedicated web…
44.
Limited-Visibility Deployments — Telemetry Agents
Limited-Visibility Deployments — Telemetry Agents Many high-risk systems are deployed by third-party deployers who…
45.
Limited-Visibility Deployments — Callback APIs
Limited-Visibility Deployments — Callback APIs Callback APIs provide a structured channel for deployers to report…
46.
Limited-Visibility Deployments — Synthetic Monitoring
Limited-Visibility Deployments — Synthetic Monitoring Synthetic monitoring is the mechanism entirely within the…
47.
Periodic Deployer Audits & Satisfaction Surveys
Periodic Deployer Audits & Satisfaction Surveys Periodic audits, where the provider's PMM team visits the deployer site…
48.
Cross-Deployer Pattern Analysis
Cross-Deployer Pattern Analysis Individual deployer reports may appear minor in isolation, but patterns across multiple…
49.
Quarterly PMM Reviews
Review Agenda The AI Governance Lead(
50.
Feedback Loop to Governance
Feedback Loop Metrics (Meta-Monitoring) The Technical SME monitors the feedback loop itself. Key metrics include time…
51.
Change Impact Assessment
Substantial Modification Threshold Check per Change Every system change identified through the PMM feedback loop is…
52.
PMM Data Retention & Privacy
Lawful Basis (GDPR Art. 6(1)(f) + AI Act Art. 72) PMM monitoring data frequently contains personal data: inference…
53.
PMM Resource Planning
Personnel (0.25–0.5 FTE per System) PMM requires dedicated analytical capacity. The PMM analyst (or team, for larger…
54.
PMM as Continuous Compliance
PMM That Collects Without Acting Is Non-Compliant Article 72 requires a PMM system that "actively and systematically"…
55.
PMM Artefacts
Monthly PMM Reports(
56.
Monthly PMM Reports
Monthly PMM Reports Monthly PMM reports document the monitoring results for each reporting period: metric values across…
57.
Quarterly Review Minutes
Quarterly Review Minutes Quarterly review minutes document the governance meeting's agenda, attendees, discussion,…
58.
Annual Oversight Audit Report
Annual Oversight Audit Report The Internal Audit Assurance Lead's annual audit report tests whether the PMM…
59.
Serious Incident Reports & Register
Serious Incident Reports & Register The serious incident reports archive retains every report submitted to competent…
60.
AISDP Version Updates
AISDP Version Updates Each material change to the system, its documentation, or its operational context triggered by…
61.
Updated Risk Register Entries
Updated Risk Register Entries PMM findings that reveal new risks or change the assessment of existing risks trigger…
62.
Operational Oversight (S.13)
Operational oversight ensures that human control over AI systems remains effective throughout production operation. The…
63.
Six-Level Oversight Pyramid
This section covers the following topics: Level 1: Technical…
64.
Level 1: Technical Monitoring
Level 1: Technical Monitoring — Personnel & Function Level 1 of the oversight…
65.
Level 2: AI System Operators
Level 2: AI System Operators — Personnel & Function Level 2 comprises the human operators who interact with the AI…
66.
Level 3: Product Management & Business
Level 3: Product Management & Business — Personnel & Function Level 3 comprises product managers, business unit heads,…
67.
Level 4: Compliance, Legal & Data Protection
Level 4: Compliance, Legal & Data Protection — Personnel & Function Level 4 comprises the AI Governance…
68.
Level 5: Executive Leadership
Level 5: Executive Leadership — Personnel & Function Level 5 comprises the CEO, CTO, CRO, and board members with AI…
69.
Level 6: External Oversight
Level 6: External Oversight — Bodies & Organisation's Role Level 6 comprises national competent…
70.
Break-Glass Procedures
Who Can Trigger Break-Glass (Level 2 or Above)(
71.
Who Can Trigger Break-Glass (Level 2 or Above)
Who Can Trigger Break-Glass (Level 2 or Above) The break-glass procedure(
72.
In-Application Stop Button
In-Application Stop Button The primary break-glass(
73.
Infrastructure Kill Switch
Infrastructure Kill Switch The secondary break-glass(
74.
Feature Flag Pattern
Feature Flag Pattern Feature flags (LaunchDarkly, Unleash, Flagsmith) provide a clean implementation pattern for the…
75.
Immediate Actions (Halt, Hold, Notify Deployers)
Immediate Actions (Halt, Hold, Notify Deployers) When break-glass(
76.
Notification Chain
Notification Chain The break-glass(
77.
Resumption Criteria
Resumption Criteria The break-glass procedure(
78.
Non-Retaliation for Break-Glass
Non-Retaliation for Break-Glass The organisation's AI governance policy explicitly protects any individual who triggers…
79.
Annual Break-Glass Testing
Annual Break-Glass Testing The Technical Owner tests the break-glass…
80.
Escalation Without Reprisal
Whistleblower Protection (Directive 2019/1937) The organisation extends its existing whistleblower protection…
81.
AI Literacy (Art. 4)
Tiered Programme — Five Levels The AI Governance…
82.
Continuous Oversight Governance
Quarterly Oversight Reviews — Six Agenda Items The AI Governance…
83.
Oversight Across Boundaries
Provider-Deployer Boundary An oversight gap arises because the provider cannot observe how the deployer uses the…
84.
Oversight Fatigue Countermeasures
Personnel Rotation (6–12 Month Cycles) Personnel responsible for daily oversight tasks (reviewing dashboards, triaging…
85.
Portfolio Scaling
Shared Monitoring Infrastructure & Cross-System Analysis Monitoring infrastructure, evidence repositories, document…
86.
Corporate Governance Integration
Board Risk Committee — AI Compliance Reporting For organisations with material AI exposure, the board receives periodic…
87.
Oversight Artefacts
Operator Training & Certification Records(
88.
Operator Training & Certification Records
Operator Training & Certification Records Training and certification records document each person in the oversight…
89.
Break-Glass Test Records
Break-Glass Test Records Break-glass(
90.
Oversight Audit Reports
Oversight Audit Reports The annual oversight audit report documents the six verification areas tested, the findings,…
91.
Portfolio Compliance Dashboards
Portfolio Compliance Dashboards Portfolio dashboard snapshots are captured quarterly and retained as evidence. They…
92.
Board & Committee Reporting Materials
Board & Committee Reporting Materials Board and committee reporting materials (risk committee, audit committee,…
93.
Escalation & Override Logs
Escalation & Override Logs Escalation and override logs capture every operator escalation (date, operator, case,…
94.
Fresh Eyes Review Reports
Fresh Eyes Review Reports Fresh eyes review reports document each review: the reviewer (who was not involved in daily…
95.
System End-of-Life & Decommissioning (S.12.11)
System end-of-life planning(
96.
Regulatory Basis
Applicable Articles (Art. 3(16–17), 16, 18, 20, 49/71, 72, 73, 79) The EU AI Act addresses system…
97.
End-of-Life Triggers
Planned Retirement (Commercial, Technical, Strategic) A system reaches planned retirement when it has completed its…
98.
End-of-Life Planning
Lead Times by Trigger Type Lead times vary by trigger type. Planned retirement: six months or more, permitting…
99.
Seven Decommission Workstreams
WS1: Deployer Transition — Notification &…
100.
WS1: Deployer Transition — Notification & Arrangements
WS1: Deployer Transition — Notification & Arrangements The provider notifies all known deployers of the withdrawal…
101.
WS1: API-Served Systems (Deprecation, Sunset, Cut-Off)
WS1: API-Served Systems (Deprecation, Sunset, Cut-Off) For API-served systems, the provider implements a three-phase…
102.
WS1: Embedded/On-Premises & Workflow-Integrated Systems
WS1: Embedded/On-Premises & Workflow-Integrated Systems For embedded or on-premises systems, the provider issues a…
103.
WS2: Technical Shutdown (Controlled, Logged, Reversible)
WS2: Technical Shutdown (Controlled, Logged, Reversible) The Technical SME coordinates the technical shutdown in a…
104.
WS3: Data Lifecycle Closure
WS3: Data Lifecycle Closure Data lifecycle closure reconciles the AI Act's ten-year documentation retention with the…
105.
WS4: Downstream Decision Monitoring — Historical Outputs
WS4: Downstream Decision Monitoring — Historical Outputs Decisions made by the system during its operational lifetime…
106.
WS5: Documentation Finalisation — Final AISDP Version
WS5: Documentation Finalisation — Final AISDP Version The AI System…
107.
WS6: Archival — 10-Year Retention
WS6: Archival — 10-Year Retention The Conformity Assessment(
108.
WS7: Regulatory Notifications (EU DB, Deployers, CA)
WS7: Regulatory Notifications (EU DB, Deployers, CA) Three categories of regulatory notification accompany…
109.
Post-Decommission Obligations
10-Year Document Retention The ten-year documentation retention obligation runs from the date the system was placed on…
110.
End-of-Life Artefacts
End-of-Life Plan(
111.
End-of-Life Plan
End-of-Life Plan The end-of-life plan(
112.
Deployer Notification Records
Deployer Notification Records Deployer notification records document every notification sent: the date, recipient,…
113.
Technical Shutdown Log
Technical Shutdown Log The technical shutdown log records the sequence of actions: endpoint deactivation dates and HTTP…
114.
Data Lifecycle Closure Record
Data Lifecycle Closure Record The data lifecycle closure record documents per-data-category decisions: what was…
115.
Final AISDP Version
Final AISDP Version The final AISDP version incorporates the…
116.
Decommission Record
Decommission Record The decommission(
117.
Post-Decommission Monitoring Schedule
Post-Decommission Monitoring Schedule The post-decommission(
118.
PMM Governance & Maintenance
This section covers the following topics: Quarterly PMM Reviews(