Q
WARI
DashboardControlsConnectorsEvidence VaultSubmission PacksTasks
← Back to Marketing Site

Controls Dashboard

Manage and monitor all compliance controls

Risk Management Plan

✓ Pass

Maintain documented RM program for each high-risk AI system.

ID: AIA-09-RM-01•Framework: AI Act (EU)•Frequency: Annual+OnChange•Owner: Head of Risk

Continuous Risk Review

✗ Fail

Update RM when training data/model/process changes.

ID: AIA-09-RM-02•Framework: AI Act (EU)•Frequency: Monthly•Owner: AI-Lead

Dataset Quality Criteria

⏳ Needs Evidence

Maintain documented dataset lineage & quality criteria.

ID: AIA-10-DS-01•Framework: AI Act (EU)•Frequency: Quarterly•Owner: Data-Ops

Dataset Bias Assessment

✓ Pass

Perform documented bias/equality assessment on training data.

ID: AIA-10-DS-02•Framework: AI Act (EU)•Frequency: Annual•Owner: ML-Ethics

Technical Documentation Package

✗ Fail

Maintain Annex IV-aligned technical documentation bundle.

ID: AIA-11-TD-01•Framework: AI Act (EU)•Frequency: Continuous•Owner: Eng-Lead

Logging & Traceability

⏳ Needs Evidence

Capture and retain automatic logs of AI system events & outcomes.

ID: AIA-13-LOG-01•Framework: AI Act (EU)•Frequency: Weekly•Owner: DevOps

Human-Oversight Policy

✓ Pass

Define human-in-loop review steps & escalation for high-risk AI.

ID: AIA-14-HUM-01•Framework: AI Act (EU)•Frequency: Annual+OnChange•Owner: Compliance-Mgr

AI-Cybersecurity Controls

✗ Fail

Implement secure-by-design & threat-model for high-risk AI.

ID: AIA-15-CYB-01•Framework: AI Act (EU)•Frequency: Annual•Owner: SecOps

Post-Market Monitoring

⏳ Needs Evidence

Collect post-market incidents & performance monitoring reports.

ID: AIA-61-COM-01•Framework: AI Act (EU)•Frequency: Monthly•Owner: QA-Mgr

Registration w/ EU Database

✓ Pass

Ensure AI system registered in EU database before placing on market.

ID: AIA-65-REG-01•Framework: AI Act (EU)•Frequency: Per-Release•Owner: Reg-Affairs

Software Bill of Materials

✗ Fail

Provide SBOM for all compiled binaries & 3rd-party libs.

ID: FDA-SBOM-01•Framework: FDA Cyber (US)•Frequency: Per-Release•Owner: Eng-Lead

Patching & Vuln-Mgmt Plan

⏳ Needs Evidence

Maintain documented coordinated vuln-disclosure & patch process.

ID: FDA-PATCH-02•Framework: FDA Cyber (US)•Frequency: Monthly•Owner: SecOps

SBOM Monitoring for Updates

✓ Pass

Continuously monitor SBOM for new disclosed vulns.

ID: FDA-MON-03•Framework: FDA Cyber (US)•Frequency: Daily•Owner: SecOps

Device Labeling Cyber Info

✗ Fail

Provide cyber-related labeling incl. update/patch procedures.

ID: FDA-LBL-04•Framework: FDA Cyber (US)•Frequency: Per-Release•Owner: Reg-Affairs

Threat Model & Mitigation

⏳ Needs Evidence

Maintain structured threat-model & mitigation tracking.

ID: FDA-THRT-05•Framework: FDA Cyber (US)•Frequency: Annual•Owner: Security-Arch