v2.4.0 | Report Errata
docs operations docs operations

Level 6: External Oversight — Bodies & Organisation’s Role Level 6 comprises national competent authorities, notified bodies, external auditors, and market surveillance bodies providing independent oversight from outside the organisation. The organisation cannot control external oversight; it can prepare for it. The Conformity Assessment Coordinator maintains readiness for regulatory inspections by ensuring the AISDP and evidence pack are current, the documentation repository is accessible, designated personnel are available to respond to inquiries, and the organisation can produce requested documentation within expected timelines. The inspection readiness posture is the organisation’s operational preparation for Level 6 engagement. Annual inspection drills, the pre-configured regulatory access IAM role, and the inspection log ensure the organisation can respond cooperatively and promptly to external oversight. Key outputs

  • Preparation for competent authority, notified body, and auditor engagement
  • Inspection readiness maintained continuously
  • Documentation accessibility and personnel availability
  • Module 7 AISDP documentation

Level 6: Annual External Audit Beyond regulatory inspections (which are at the authority’s initiative), the organisation may commission annual external audits of its AI compliance programme. An external auditor provides independent verification that the compliance framework is functioning, evidence is genuine, and the organisation’s self-assessment is not biased by familiarity. External audits are particularly valuable for organisations without a large internal audit function. The audit scope covers AISDP completeness and currency, evidence pack integrity, PMM operational effectiveness, and governance framework functioning. Findings are reported to the audit committee and entered into the Non-Conformity Register. Key outputs

  • Annual external audit of AI compliance programme
  • Independent verification of AISDP, evidence, PMM, and governance
  • Findings reported to audit committee
  • Non-Conformity Register entries for identified gaps
On This Page