EU AI Act high-risk obligations — August 2026

AI audit evidence your regulators will accept.

Stop assembling Word documents under pressure. Build structured, versioned evidence packs in hours — not weeks.

Start your free trial Request a demo

14-day free trial

No credit card

EU AI Act aligned

From £1,200/year. 14-day free trial, no card needed.

auditevidenceai.com/evidence-packs/cv-shortlisting

CV Shortlisting Decision

General AI Governance v1.0

Progress1/3

✓

Decision Overview

1/1 required

Human Oversight

0/2 required

Governance & Ownership

0/2 required

Supporting Evidence

+ Add supporting evidence

Human Oversight

In Progress

Section 2 of 3 · Aligned to EU AI Act Art. 14

Who is responsible for reviewing AI outputs before a decision is actioned? *

Name the role or team, not an individual

The Talent Acquisition Manager reviews all AI shortlists before...

Can a human reviewer override or reject the AI recommendation? *

Describe the override process and where it is documented

Yes — the TA Manager can reject any shortlist and must document the reason in the ATS before the decision is logged...

← Previous section

Save & Next section →

CV Shortlisting Decision · General AI Governance v1.0 · Section 2 of 3

Aligned to

EU AI Act

Art. 11, 12, 14 & 26

ISO 42001

AI Management System

NIST AI RMF

Govern · Map · Measure · Manage

NYC Local Law 144

AEDT Compliance

20%

of EU enterprises now using AI

Eurostat, 2025

44%

of UK large businesses using AI

ONS, 2026

27–92 hrs

to build one evidence pack manually

Industry estimate

The problem

One evidence pack takes up to 92 hours to build manually.

Auditors expect structured, versioned, signed-off evidence — not a folder of Word documents assembled under pressure.

Evidence scattered across systems

SharePoint, email chains, Confluence, IT tickets. When an audit lands, nobody knows where anything is or whether it is current.

One structured record per decision

Auditors ask for things you cannot produce

Human oversight logs. Override records. Bias audit dates. Most teams find the gaps only after the auditor asks.

Guided questions surface every gap before review

Word documents are not audit evidence

No version history. No sign-off trail. No audit log. What looks like documentation is a compliance liability.

Structured, versioned, audit-ready PDF output

The AuditEvidenceAI data model

One connected system.
Every layer of your AI governance.

Not a document template — a structured record that maps how your AI systems make decisions, what controls govern them, and what evidence demonstrates compliance.

AI Systeme.g. CV Screening

Decisione.g. Shortlisting

Frameworke.g. EU AI Act

Controle.g. Human Oversight

Evidencee.g. Review log

Audit Pack PDFVersioned · Signed off

The workflow

From register to audit-ready in 4 steps

A repeatable process your team can run without compliance expertise.

01

Register AI System

Name the system, set risk tier, assign owner. Creates the top-level record every evidence pack is anchored to.

02

Add Decisions

Document every business decision influenced by AI. Link it to the system. Set the jurisdiction and risk level.

03

Build Evidence Pack

Complete guided sections aligned to your chosen framework. Attach evidence. Validate against readiness checks.

04

Generate Audit Pack

Export a structured, versioned PDF. Ready for internal audit, external regulators, or board review.

Free resource

EU AI Act — what documentation do you actually need?

Plain-English breakdown of Articles 11–15. What auditors will ask for. How to prepare before August 2026.

Articles 11–15 explained

Documentation checklist

Article 14 human oversight

Compliance timeline

Penalty breakdown

Read the free guide →

Platform capabilities

Built for audit. Not internal documentation.

Every feature is designed around what your auditors will ask for — not what is easy to build.

Art. 11

Schema-driven evidence packs

Pre-built schemas for EU AI Act, NIST AI RMF, ISO 42001, HR, Payroll, and Finance decisions. Guided questions prompt exactly what auditors need.

Art. 14

Human oversight documentation

Dedicated fields for oversight roles, override processes, and monitoring cadences — directly aligned to what regulators check.

Art. 12

Audit-ready PDF export

Structured, versioned PDF with full section narrative, evidence index, readiness score, and approval record.

Art. 26

AI Systems Register

A central register of every AI system and the decisions it influences — risk tier, vendor, owner, review schedule, and linked evidence packs.

Governance

Action Required

Surfaces undocumented decisions, overdue system reviews, and incomplete packs — with a plain-English explanation of why each matters.

Art. 14

Approval attestation

Admins confirm in writing before signing off a pack. Name, role, and timestamp recorded permanently in the audit trail.

Regulatory alignment

What auditors look for. What we provide.

Evidence packs built around the exact documentation requirements each framework sets out.

EU AI Act

Articles 11–26 deployer obligations

Art. 11Technical documentation of the AI system, purpose, and outputs

Art. 12Logs and record-keeping enabling full lifecycle traceability

Art. 14Human oversight — ability to understand, monitor, and override

Art. 26Deployer obligations: oversight, log retention, worker notices

High-risk obligations apply August 2026

NYC Local Law 144

AEDT bias audit and transparency

Bias AuditIndependent audit within 12 months of use

PublicationSummary of results published on your website

NoticesCandidates notified before automated tool is used

AlternativeProcess available for those who request one

In effect for NYC hiring and promotion decisions

NIST AI RMF + ISO 42001

Risk management and management system

GovernPolicies, roles, and organisational accountability

MapAI context, risk identification, and categorisation

MeasureRisk analysis, testing, and bias evaluation

ManageControls, incident response, and continual improvement

ISO 42001 increasingly required in enterprise procurement

Who uses it

Built for the teams closest to AI decisions

Different functions, same need — structured, defensible evidence that holds up under audit.

Compliance & Risk

EU AI Act Art. 11–26

Maintain a complete registry of AI systems. Document governance obligations. Produce evidence packs before your auditors ask for them.

HR & Talent Teams

NYC Local Law 144 · EU AI Act

Evidence AI-assisted hiring decisions, bias audit dates, and candidate notices. Built for the specific obligations of automated employment decision tools.

Payroll & Finance

EU AI Act Art. 26 · ISO 42001

Document automated payroll decisions, exception handling controls, segregation of duties, and human oversight.

IT & AI Teams

NIST AI RMF · ISO 42001

Own the system registry. Track model versions, risk tiers, vendor relationships, and monitoring cadences.

August 2026 is closer than it looks

August 2026 is 4 months away.

Most compliance teams underestimate how long structured documentation takes. Start your free trial today — no credit card needed.

Aligned to EU AI Act · NIST AI RMF · ISO 42001 · NYC Local Law 144

Start your free trial or book a 20-minute demo