Requirement scope by risk tier
If an appβs tier is set incorrectly, the wrong requirements light up. Confirm the tier before reading status.
The 18 mapped requirements
These are grouped roughly along the Actβs structure. Observatory tracks them individually; the grouping is for readability.Risk management and quality (Articles 9, 17)
Data and data governance (Article 10)
Technical documentation (Articles 11, 12, 13)
Human oversight (Article 14)
Accuracy and robustness (Article 15)
Post-market monitoring (Article 61)
Notifications (Article 62)
Status semantics
Each requirement evaluates to:- Met β all backing controls have approved, in-date evidence
- Partial β some controls met, others have gaps
- Gap β at least one control has no current evidence
- Out of scope β risk tier doesnβt trigger this requirement
Producing the audit pack
The EU AI Act view supports a one-click export of the audit pack:- Per-requirement evidence list with timestamps
- Backing telemetry summaries
- Assessment results
- Gap analysis with remediation plan
Related resources
Gap analysis & heatmap
Cross-framework view that includes EU AI Act.
NIST AI RMF
Many EU AI Act requirements overlap with NIST controls.

