marketing.docsPage.Artifacts — ActLoom Documentation

Artifacts

This page documents the concrete outputs ActLoom produces or maintains: records, scores, plans, dossiers, evidence packs, incident files, monitoring histories, trust assets, and training certificates. It is the best entry point when a team thinks in deliverables rather than modules.

What this page helps you answer

Which feature owns an artifact

Useful when a report or dossier exists but the team is unsure which workflow should update it next.

Who should maintain it

Useful for assigning accountability across compliance, legal, quality, product, and engineering roles.

How it leaves the platform

Useful when you need to understand what can be shared publicly, exported privately, or synced through APIs.

Artifact Catalog

Artifact	Primary owner	Source module	Supporting modules	What it is for	Typical export surface
AI system registry record	Compliance lead or product owner	AI Systems	Team, AI Act Reference, Compliance Assessment	Defines scope, intended purpose, role, owner, and the legal context every downstream workflow depends on.	System views, shared internal records, API syncs
Compliance score and gap backlog	Compliance lead	Compliance Assessment	AI Systems, Governance, Evidence Vault	Turns legal obligations into a measurable readiness baseline and an ordered remediation queue.	Dashboards, reports, API-driven status sync
Remediation plan	Compliance owner with engineering or operations contributors	Compliance Assessment -> Remediation	Team, Governance, Integrations/API	Converts findings into owned actions, due dates, and concrete implementation steps.	Task lists, webhook events, external workflow sync
Technical documentation pack	Compliance, legal, quality	Documents	AI Systems, Compliance Assessment, Conformity	Packages technical and legal evidence into a controlled output for audit, diligence, or internal review.	Generated reports, locked files, downloadable bundles
FRIA package	Deployer compliance team	Conformity / FRIA workflows	AI Systems, Documents, Governance	Captures scenario analysis, rights-impact reasoning, and approval records for high-risk deployment contexts.	FRIA draft, approval trail, supporting evidence
Conformity dossier	Provider legal or quality owner	Conformity	Documents, Evidence Vault, Governance	Maintains the dossier required to support declaration readiness, CE status, and registration posture.	Dossier exports, declaration references, registration fields
Incident case file	Incident responder or compliance operator	Incident Management	Post-Market, Documents, Integrations/API	Preserves chronology, severity decisions, authority deadlines, and corrective follow-up in one place.	Authority-ready packet, API payloads, external ticket links
Monitoring plan and event timeline	QA, product operations, compliance	Post-Market Monitoring	Incident Management, Governance	Shows how the team watches deployed systems, records operational signals, and escalates when thresholds are crossed.	Review history, event logs, monitoring summaries
Trust page or diligence room	Sales, legal, compliance	Trust Center	Documents, AI Systems, Security	Curates selected proof for external viewers without exposing the full operational workspace.	Public page, private diligence share, trust badge
AI literacy certificate	HR or programme owner	AI Literacy	Team, Governance, Documents	Provides dated evidence that people in scope completed the expected training path.	Certificate files, completion records, renewal reminders

Artifact Lifecycle

How a credible artifact is produced in ActLoom

1. Create source context

Start with the AI system, scope, owner, and role so every later output has a valid foundation.

2. Assess and decide

Determine obligations, status, and missing controls before publishing any external proof.

3. Generate or compile

Turn current system and assessment state into a report, dossier, trust surface, or certificate.

4. Control and review

Lock, share, archive, or route the artifact while preserving freshness and traceability.

Artifacts are only as strong as their source records

ActLoom can generate polished outputs, but those outputs only remain credible if the source system record, assessment state, and evidence chain are current. A stale dossier or trust page creates risk, not confidence.

Ownership And Review Model

Artifact family	Primary owner	Typical reviewer	When to revisit
Inventory and classification records	Compliance or product owner	Legal or governance lead	When purpose, deployment, owner, or role changes
Assessment and remediation artifacts	Compliance lead	Engineering, legal, control owners	After evidence updates, major launches, or reopened gaps
Conformity and technical packs	Quality or legal owner	Executive approver or certification-facing reviewer	Before market placement, major releases, or external review cycles
Incident and monitoring files	Incident owner or QA lead	Compliance, legal, executive sponsor	Immediately after events, escalations, and corrective actions
Trust and training artifacts	Sales/compliance owner or HR owner	Security, legal, executive reviewer	Before external sharing and on every renewal or posture change

Export And Sharing Surfaces

Surface	Best used for	Typical artifacts
In-app records	Operational work where freshness matters more than presentation	System records, assessments, gaps, governance registers
Generated documents and reports	Audits, diligence, board review, or internal review packages	Technical docs, gap reports, monitoring summaries, dossiers
Public or private trust surfaces	Selective external sharing without workspace access	Trust pages, badges, curated evidence, summary exports
API and webhook payloads	Automation, data sync, release control, downstream ticketing	System data, assessment state, incidents, release gate outcomes

Before sharing an artifact externally

Check that the underlying AI system and assessment records are still current.
Confirm the artifact references the right version, owner, and deployment context.
Make sure sensitive internal notes or incomplete evidence are not being exposed through the chosen surface.
Prefer controlled trust or locked-report flows when recipients do not need full workspace access.

Feature Coverage Snapshot

Feature	App area	Main output
systemInventory	Dashboard -> AI Systems	AI system record, owner mapping, role context
riskClassificationTriage	AI Systems classification flow and Dashboard -> Compliance	Risk category, legal reasoning, applicable obligations, assessment scope
complianceScoring	Compliance dashboard and charts	Score, trend history, readiness baseline
gapAnalysis	Compliance assessment results	Prioritized gaps, effort, next actions
aiRemediation	Compliance -> Remediation	Plan summary, tasks, due dates, owners
technicalDocs	Reports and document generation	Annex IV docs, risk docs, technical files
friaWorkflows	Dashboard -> FRIA	FRIA draft, scenarios, approvals, evidence
conformityDossiers	Conformity dossier workflows	Dossier, declaration, CE readiness status
incidentManagement	Dashboard -> Incidents	Incident log, SLA clock, authority reporting data
postMarketMonitoring	Dashboard -> Post-market	Monitoring plan, events timeline, review schedule
governanceAimsIso	Dashboard -> Governance and compliance overlap analysis	Audits, objectives, NC register, SoA, reviews, overlap view, reused controls
gpaiCompliance	GPAI profile and red-team routes	Model profile, red-team records, systemic-risk evidence
aiLiteracy	Dashboard -> AI Literacy Training	Assignments, scores, certificates, renewal dates
evidenceVault	Evidence and document surfaces	Evidence files, snapshots, integrity verification
reportingHub	Dashboard -> Reports	Reports, board packs, schedules, locks, exports, shared links
releaseGates	Release-gate API and governance workflows	Gate decisions, dry-runs, exceptions, audit trail
complianceFrameworks	Company settings and compliance engine	Framework scope, reusable controls, cross-framework coverage
trustCenterPublicPrivate	Settings -> Trust Center and private trust routes	Public trust page, private diligence page, badge, reusable trust URL
trustBadge	Settings -> Trust Center	Badge embed and reusable external trust signal
teamRoles	Dashboard -> Members	Invites, membership state, role allocation
integrations	Settings -> Integrations/API	Connected providers, synced tickets, published pages
webhooks	Settings -> API & Webhooks	Webhook endpoints, delivery history, subscribed events
restApi	Settings -> API & Webhooks	Scoped machine credentials and API workflows
sharedLinks	Reports and shared pages	Shared report URLs and external review access
notificationsCenter	Dashboard header and settings activity	Unread notifications, activity feed, follow-up visibility
milestonesSync	Jira sync and milestone tracking	Milestones linked to sprints and system readiness
sso	Settings -> SSO	SSO config, managed identity entry point
multiCompany	Workspace switching and dashboard context	Company switching, isolated workspaces
prioritySupport	Customer operations and enterprise support	Faster support path and coordination

Related Sections

Documents

Go deeper into report generation, vault behavior, controlled exports, and document lifecycle.

Feature Index

Use this when you know the feature or workflow name and need the fastest route to the right docs page.

Use Cases

Read by operational goal when you need to assemble multiple artifacts for one real-world outcome.

API Domains

Use this when artifacts need to be exported, synced, or generated through technical integrations.

Ready to get started?

Join hundreds of companies using ActLoom to simplify AI Act compliance. Start your free assessment today — no credit card required.

Start Free Assessment View Pricing

Questions? Contact us at support@actloom.com

Artifact

Primary owner

Source module

Supporting modules

What it is for

Typical export surface

AI system registry record

Compliance lead or product owner

AI Systems

Team, AI Act Reference, Compliance Assessment

Defines scope, intended purpose, role, owner, and the legal context every downstream workflow depends on.

System views, shared internal records, API syncs

Compliance score and gap backlog

Compliance lead

Compliance Assessment

AI Systems, Governance, Evidence Vault

Turns legal obligations into a measurable readiness baseline and an ordered remediation queue.

Dashboards, reports, API-driven status sync

Remediation plan

Compliance owner with engineering or operations contributors

Compliance Assessment -> Remediation

Team, Governance, Integrations/API

Converts findings into owned actions, due dates, and concrete implementation steps.

Task lists, webhook events, external workflow sync

Technical documentation pack

Compliance, legal, quality

Documents

AI Systems, Compliance Assessment, Conformity

Packages technical and legal evidence into a controlled output for audit, diligence, or internal review.

Generated reports, locked files, downloadable bundles

FRIA package

Deployer compliance team

Conformity / FRIA workflows

AI Systems, Documents, Governance

Captures scenario analysis, rights-impact reasoning, and approval records for high-risk deployment contexts.

FRIA draft, approval trail, supporting evidence

Conformity dossier

Provider legal or quality owner

Conformity

Documents, Evidence Vault, Governance

Maintains the dossier required to support declaration readiness, CE status, and registration posture.

Dossier exports, declaration references, registration fields

Incident case file

Incident responder or compliance operator

Incident Management

Post-Market, Documents, Integrations/API

Preserves chronology, severity decisions, authority deadlines, and corrective follow-up in one place.

Authority-ready packet, API payloads, external ticket links

Monitoring plan and event timeline

QA, product operations, compliance

Post-Market Monitoring

Incident Management, Governance

Shows how the team watches deployed systems, records operational signals, and escalates when thresholds are crossed.

Review history, event logs, monitoring summaries

Trust page or diligence room

Sales, legal, compliance

Trust Center

Documents, AI Systems, Security

Curates selected proof for external viewers without exposing the full operational workspace.

Public page, private diligence share, trust badge

AI literacy certificate

HR or programme owner

AI Literacy

Team, Governance, Documents

Provides dated evidence that people in scope completed the expected training path.

Certificate files, completion records, renewal reminders

Artifact family

Primary owner

Typical reviewer

When to revisit

Inventory and classification records

Compliance or product owner

Legal or governance lead

When purpose, deployment, owner, or role changes

Assessment and remediation artifacts

Compliance lead

Engineering, legal, control owners

After evidence updates, major launches, or reopened gaps

Conformity and technical packs

Quality or legal owner

Executive approver or certification-facing reviewer

Before market placement, major releases, or external review cycles

Incident and monitoring files

Incident owner or QA lead

Compliance, legal, executive sponsor

Immediately after events, escalations, and corrective actions

Trust and training artifacts

Sales/compliance owner or HR owner

Security, legal, executive reviewer

Before external sharing and on every renewal or posture change

Surface

Best used for

Typical artifacts

In-app records

Operational work where freshness matters more than presentation

System records, assessments, gaps, governance registers

Generated documents and reports

Audits, diligence, board review, or internal review packages

Technical docs, gap reports, monitoring summaries, dossiers

Public or private trust surfaces

Selective external sharing without workspace access

Trust pages, badges, curated evidence, summary exports

API and webhook payloads

Automation, data sync, release control, downstream ticketing

System data, assessment state, incidents, release gate outcomes

Feature

App area

Main output

systemInventory

Dashboard -> AI Systems

AI system record, owner mapping, role context

riskClassificationTriage

AI Systems classification flow and Dashboard -> Compliance

Risk category, legal reasoning, applicable obligations, assessment scope

complianceScoring

Compliance dashboard and charts

Score, trend history, readiness baseline

gapAnalysis

Compliance assessment results

Prioritized gaps, effort, next actions

aiRemediation

Compliance -> Remediation

Plan summary, tasks, due dates, owners

technicalDocs

Reports and document generation

Annex IV docs, risk docs, technical files

friaWorkflows

Dashboard -> FRIA

FRIA draft, scenarios, approvals, evidence

conformityDossiers

Conformity dossier workflows

Dossier, declaration, CE readiness status

incidentManagement

Dashboard -> Incidents

Incident log, SLA clock, authority reporting data

postMarketMonitoring

Dashboard -> Post-market

Monitoring plan, events timeline, review schedule

governanceAimsIso

Dashboard -> Governance and compliance overlap analysis

Audits, objectives, NC register, SoA, reviews, overlap view, reused controls

gpaiCompliance

GPAI profile and red-team routes

Model profile, red-team records, systemic-risk evidence

aiLiteracy

Dashboard -> AI Literacy Training

Assignments, scores, certificates, renewal dates

evidenceVault

Evidence and document surfaces

Evidence files, snapshots, integrity verification

reportingHub

Dashboard -> Reports

Reports, board packs, schedules, locks, exports, shared links

releaseGates

Release-gate API and governance workflows

Gate decisions, dry-runs, exceptions, audit trail

complianceFrameworks

Company settings and compliance engine

Framework scope, reusable controls, cross-framework coverage

trustCenterPublicPrivate

Settings -> Trust Center and private trust routes

Public trust page, private diligence page, badge, reusable trust URL

trustBadge

Settings -> Trust Center

Badge embed and reusable external trust signal

teamRoles

Dashboard -> Members

Invites, membership state, role allocation

integrations

Settings -> Integrations/API

Connected providers, synced tickets, published pages

webhooks

Settings -> API & Webhooks

Webhook endpoints, delivery history, subscribed events

restApi

Settings -> API & Webhooks

Scoped machine credentials and API workflows

sharedLinks

Reports and shared pages

Shared report URLs and external review access

notificationsCenter

Dashboard header and settings activity

Unread notifications, activity feed, follow-up visibility

milestonesSync

Jira sync and milestone tracking

Milestones linked to sprints and system readiness

sso

Settings -> SSO

SSO config, managed identity entry point

multiCompany

Workspace switching and dashboard context

Company switching, isolated workspaces

prioritySupport

Customer operations and enterprise support

Faster support path and coordination