EU AI Act checklist
EU AI Act checklist for companies
A practical checklist for companies organizing AI inventory, policy, literacy, ownership, and risk records before formal EU AI Act review.
Buyer
EU-facing companies, operations teams, legal operations, and AI governance owners
Problem
Teams often discuss AI Act readiness before they have the basic facts: what AI is used, who owns it, what data is involved, and how employees are trained.
What to look for
- Inventory of AI systems used, bought, embedded, or piloted.
- Policy, AI literacy, restricted-use, vendor-review, and management-action records.
- Clear owner assignments before involving counsel or outside compliance support.
Red flags
- The company discusses compliance without an AI inventory.
- Employee AI literacy has no owner or completion record.
- AI vendors are approved without data-use or training-use evidence.
FAQ
Is a checklist enough for EU AI Act compliance?
No. A checklist helps organize internal facts and gaps before legal or compliance review.
What should companies do first?
Inventory AI systems, define owners, establish employee rules, document training, and identify high-risk or sensitive uses.