ETD-HUB

6: How Must Documentation be Maintained?

Asked: 4 months, 4 weeks ago By: Catalink Views: 155 Catalink Case Study: IRIS

The current EU AI Act mandates that technical documentation must be kept for 10 years after the system is placed on the market. What are the key contents of this technical documentation (Articles 11 and 18) that the IRIS must maintain, and how does this documentation practically assist regulators in assessing liability?

19 Answers

Answered: 3 months, 1 week ago By: Chiamakaokorie
-
Answered: 3 months, 1 week ago By: Tundefasina
Key contents include: System purpose and design Training data description and bias mitigation Performance and risk assessments Human oversight measures Logging and monitoring mechanisms This documentation enables regulators to trace failures, assign responsibility, and assess compliance.
Answered: 3 months, 1 week ago By: Zainabodogwu2
Under the EU AI Act, providers of high-risk systems like IRIS must compile technical documentation before placing the product on the market and keep it up to date, and must then retain it for 10 years so regulators can assess compliance with safety, data governance, performance and risk requirements.
Deleuze replied: Assuming IRIS is treated as a high-risk AI system because it is used as a safety-related driver monitoring component, Articles 11 and 18 require IRIS’s provider to maintain a “regulatory evidence file”, not merely a general technical manual. Article 11 requires technical documentation before the system is placed on the market or put into service, and it must be kept up to date so competent authorities and notified bodies can assess compliance. Article 18 then requires the provider to keep that documentation available to national competent authorities for 10 years after market placement or putting into service.
Answered: 3 months, 1 week ago By: Oliverharrow
Have to keep the data in for 10 years as this allows regulators in assessing liability in case anything happens in the future
Answered: 3 months, 1 week ago By: Ngozioshoba
Technical documentation records how IRIS was built, trained, and tested. This helps regulators understand the system and investigate issues if something goes wrong. It serves as proof that safety and fairness were taken seriously.
Catalink replied: yeah I think we must describe how IRIS was developed, including the use of any pre-trained models, Vision Transformer architectures, third-party tools, model components, system architecture, computational resources, and the rationale for key design choices. For IRIS, this should explain why particular facial features, physiological signals, thresholds, or multimodal fusion methods were selected, and what the model is optimised for, for example, reducing false negatives in drowsiness detection.
Answered: 3 months, 1 week ago By: Efeadelaja
IRIS must retain documentation on system purpose, design, training data, risk management, performance, human oversight, and conformity records, enabling regulators to trace failures, verify compliance, and assign liability if harm occurs.
Testificate replied: Definitely the documentation should describe the training, validation, and testing datasets, including provenance, scope, main characteristics, how the data was obtained and selected, labelling procedures, and cleaning methods. For IRIS, this is especially important because the ethical and safety concern is demographic bias. The file should therefore document the racial, skin tone, age, gender, facial-feature, lighting, camera-angle, and driving-condition diversity of the datasets, including any synthetic data used.
Answered: 3 months, 1 week ago By: Meilincai
This form the database for the stern improvement and case study
Answered: 3 months, 1 week ago By: Kelechinwosu
​Risk Management: A log of all foreseeable risks (e.g., system failure in low light) and the technical steps taken to mitigate them.
Answered: 3 months, 1 week ago By: Beatricelorne
Personal details and physiological states of people inferred by DMS
Answered: 3 months, 1 week ago By: Zainabodogwu32
Under Articles 11 and 18, IRIS must maintain technical documentation for at least 10 years after market placement. This documentation must include: A detailed system description, intended purpose, and operational context. Model architecture and design choices, including algorithms used. Data governance documentation, covering training, validation, and testing datasets. Risk management records, identifying known risks and mitigation measures. Performance evaluation results, including bias and robustness testing. Human oversight mechanisms and user instructions. Change logs and updates, including post-deployment modifications. EU Declaration of Conformity and, where applicable, notified body assessments. This documentation allows regulators to: Reconstruct how decisions were made, Assess whether reasonable care was taken, Determine whether harm resulted from design flaws, misuse, or unforeseeable circumstances.
Answered: 3 months, 1 week ago By: Miles_Hatcher
It gives regulators traceability and evidence to check compliance, investigate failures.
Answered: 3 months, 1 week ago By: Aminaolorun
In form of tickets
Answered: 3 months, 1 week ago By: Ifeanyiakare
Intended purpose and system description Model architecture and development process Training, validation, and testing data governance Risk management and bias mitigation measures Performance, accuracy, and fairness metrics Human oversight and safety controls Post market monitoring and update procedures EU declaration of conformity and conformity assessment records Why this matters for liability This documentation gives regulators traceability allowing them to assess whether harm or bias was foreseeable, whether risks were properly mitigated, and whether IRIS was compliant at deployment. In liability cases, it serves as evidence of due diligence (or lack thereof) and enables enforcement actions, fines, or product withdrawal.
Answered: 3 months, 1 week ago By: Kunleekwueme
Data subjects has the rights to request restrictions on personal data if the controllers process of their data is inaccurate. When the processing is unlawful
Answered: 3 months, 1 week ago By: Sadeogunlana
IRIS must maintain a technical file containing system architecture, data provenance, risk mitigation logs, and validation results to provide regulators with a traceable "black box" audit trail for determining whether an accident was caused by a design flaw or human error.
Answered: 3 months, 1 week ago By: Tomashbrook
They must maintain their goal to collect diverse and unbiased data. I don't think the documentation provided exempt them from liability. They need more information on their documentation for the regulators.

Your Answer

Login to add your answer!

We’d love to hear your thoughts — share a meaningful answer by logging in.