375+ requirements.
32 modules. Zero gaps.

Guided wizard evaluating Article 6 and Annex III. Produces a risk tier and tailors downstream requirements. Versioned rules engine updatable without code deployment.

Structured, section-by-section questionnaires mapped to Annex IV and Annex XI. Branching logic, collaborative section assignment, inline regulatory guidance, evidence attachment.

Upload schema files; Claude evaluates column semantics, identifies GDPR Article 9 special categories, detects proxy variables, and produces a Data Sensitivity Report that pre-populates Article 10 questionnaire sections.

Article 27 Fundamental Rights Impact Assessment for deployers. Domain-specific risk templates, affected population mapping, operational context inputs, residual risk register, and review triggers.

Real-time scoring against the full regulatory requirements matrix. Heat-map visualisation, prioritised remediation, and cross-AISDP consistency checking for provider/deployer pairs.

Certification scopes, eligibility evaluation, digital signing, and an append-only certification ledger. EU Declaration of Conformity wizard (Annex V, Article 47) with notified body conformity assessment workflow.

Article 72 monitoring plans, incident recording (Article 73), external monitoring data API, configurable threshold alerting, automated AISDP review triggers, and Article 12 structured log ingestion.

Renders approved content into Annex IV, Annex XI, Instructions for Use, Transparency Notice, Annex VIII registration data, and a signed Submission Package ZIP with evidence bundle and manifest.

Article 4 literacy support. Role-separated knowledge base, glossary, paragraph-level regulatory guidance, Canvas LMS full integration with LTI 1.3 delivery, Gradebook sync, and credential ledger.

Conversational RAG interface. Describe your AI system; receive a preliminary risk assessment with inline citations to Articles, Annexes, and recitals. Two-stage citation validation. Seamless handoff to the Risk Classification Engine.

Continuous risk management: identify, analyse, estimate, evaluate, mitigate. Mitigation linkage to questionnaire sections. Automated review triggers on reclassification.

Structured workflow for deployer-specific obligations. Triggered on "deployer" role declaration. Produces a deployer compliance record separate from the provider's AISDP.

Converts a saved Navigator assessment into sprint-ready tasks pushed to Jira, Trello, or Asana. Each obligation becomes a discrete task with regulatory reference, suggested assignee role, and priority.

Internal operator tool for adding regulatory source material to the Navigator corpus. Supports EU AI Act, GDPR, NIS2, and national transpositions. Review-before-activation workflow.

Role-based access control supporting 41 roles across seven functional groups: NAV, AIS, OPS, TRN, CRT, PLT, EXT. Permissions enforced at the API layer.

Multi-stage approval pipelines with routing by documentation section, risk classification, and role. Escalation timers, delegation, parallel and sequential stages, regulatory deadline awareness.

Full versioning of all AISDP entries. Section-level diffing, restore from any point, automated change log generation for Annex IV Section 6 lifecycle documentation.

Multi-channel delivery (in-app, email, webhook), user preferences, digest scheduling, storm batching, delivery tracking, and tenant-branded email templates.

Formal handover workflow for Article 25 value chain obligations. Provider confirms delivery of instructions for use; deployer acknowledges acceptance. Integrated with cross-tenant AISDP sharing.

Full-text search across AI systems, questionnaire content, evidence metadata, and the knowledge base. Command palette for keyboard-driven navigation.

Tenant-configurable primary colour (with WCAG contrast validation), logo, favicon, login greeting, and custom domain support.

Self-service sign-up, email verification, MFA enrolment, plan selection, tenant provisioning under 60 seconds, first-run setup wizard, invitation-based onboarding, and trial management.