Workflow Overview
High-risk AI systems must undergo a conformity assessment before being placed on the EU market or put into service. Depending on the Annex III category, this can be either a third-party assessment by an EU-designated Notified Body, or a provider-led internal assessment for systems not subject to mandatory third-party review. In either case, the result must be captured in a technical dossier and kept for at least 10 years. ActLoom tracks each dossier from draft through to issued status, records the notified body reference when applicable, and archives all supporting evidence.
What this module helps you control
Assessment readiness
You can see whether the evidence set is complete before you engage a notified body or sign internally.
Version discipline
Each dossier can stay tied to a specific system version so you know exactly which release the CE path covers.
Audit traceability
The dossier becomes the place where technical evidence, declarations, and registration references stay linked together.
| Operational aspect | What to know in ActLoom |
|---|---|
| Prerequisites | The AI system should already be classified as high-risk or otherwise in a conformity pathway, with a stable version and supporting evidence available. |
| Main inputs | Assessment type, covered version, evidence attachments, notified body information when needed, CE status, and EU database registration details. |
| Main outputs | Conformity dossier, declaration support, CE-readiness tracking, and linked registration references. |
| Who typically uses it | Provider-side compliance, legal, quality, notified-body coordinators, and product release stakeholders. |
| Plan access | Conformity workflows are intended for Business and Pro plans where dossier and technical-document readiness are enabled. |
| Relevant routes | /api/conformity/dossiers, /api/conformity/dossiers/[id]/status, /api/conformity/dossiers/[id]/inspection-zip, /api/ai-systems/[id]/eu-registration |
Dossier record fields
| Field | Description | Required |
|---|---|---|
| AI System | The registered AI system this dossier covers | Yes |
| Dossier version | Version number linked to a specific model version | Yes |
| Assessment type | INTERNAL_ASSESSMENT or NOTIFIED_BODY_ASSESSMENT | Yes |
| Notified body name | Official name of the EU-designated assessment body | If third-party |
| Notified body reference | Official certificate or notification number issued by the body | If third-party |
| Status | DRAFT / IN_REVIEW / ISSUED / WITHDRAWN | Auto-managed |
| Evidence attachments | Technical documentation, risk assessment, test results, QMS records | Yes |
| Issue date | ISO date when the dossier was granted ISSUED status | Auto-set on issue |
| Valid until | Expiry date if applicable (for periodic re-certification schemes) | No |
Conformity Assessment Workflow
Create Dossier
Open AI System → Conformity Dossiers tab → New Dossier. Select assessment type (internal or notified body) and link a system version.
Attach Evidence
Upload technical documentation, risk assessments (FRIA + impact assessment), test results, dataset documentation, and quality management records.
Submit to Notified Body
If third-party assessment is required, set status to IN_REVIEW and enter the notified body name. ActLoom tracks time spent in review.
Issue Dossier
Once the assessment is complete, set status to ISSUED. ActLoom records the issue date and locks the evidence set for audit integrity.
Declaration of Conformity
ActLoom auto-generates a draft EU Declaration of Conformity (DoC) pre-filled with system details, dossier reference, applicable standards, and signatory fields.
Conformity Dossiers
Recruitment AI v2.1
TÜV SÜD (#0123)
Credit Risk Scorer
BSI (#0344)
Fraud Detection ML
Not required