EU AI Act Compliance Starter Pack
High-risk AI (High-Risk AI) conformity assessment, technical documentation, post-market monitoring (PMS), fundamental rights impact assessment (FRIA) matrix.
$299
Email to Order →
Skip lengthy, expensive traditional consulting. Get battle-tested AI risk management and compliance policy documents in one click — integrate them into your operations in minutes. PDF + Word + Notion formats included.
Every AI-deploying company needs governance documentation but can't justify enterprise consulting fees. We've packaged the artifacts — frameworks, policies, checklists, runbooks — that would normally take $30,000+ of consulting to produce, into self-serve template kits aligned with 2026 audit baselines. Adapt them to your context, layer in your evidence, and approach regulators with confidence. Includes 12 months of major-version revisions.
Eleven standalone kits covering EU, US, Japan, China, and global standards — every one shipping with PDF + editable Word + Notion workspace, plus a one-page Implementation Guide. 12 months of major-version revisions and core framework update pushes included, so your documents stay aligned as standards evolve.
High-risk AI (High-Risk AI) conformity assessment, technical documentation, post-market monitoring (PMS), fundamental rights impact assessment (FRIA) matrix.
Govern · Map · Measure · Manage playbook with role assignments, evidence templates, and quarterly review cadence.
Aligned with Japan METI & MIC joint AI Guidelines. Includes AI provider/user self-assessment forms, governance committee charter, ISO 42001 cross-mapping matrix. The mandatory pass for Japan-bound deployments and Japanese gov/SOE RFPs.
Aligned with China's Interim GenAI Service Management Measures and TC260 GenAI Service Basic Security Requirements. Includes algorithm filing self-assessment report templates, dual-review training corpus checklists, content safety interception policies, and user anti-addiction & complaint-response mechanisms. The end-to-end compliance loop for launching and commercializing AI services in China. Documentation drafts only; filing-agency service not included.
Annex A control mapping, Statement of Applicability (SoA) template, evidence collection matrix, internal audit and gap analysis playbook.
Defensive playbook for each of the 10 LLM risks — prompt injection, insecure output, training data poisoning, and more.
NIST SP 800-218 implementation SOPs. Includes AI code-review checklists, secure build environment policy, open-source model vetting standard. Core engineering foundation for US gov/enterprise contracts and stringent supply-chain audits.
Auto-fillable inventory of your AI components — models, training data, dependencies, third-party APIs. Required by ISO 42001 and EU AI Act.
IR playbooks for prompt injection, jailbreak, and data leakage events — aligned with the NIST SP 800-61 Rev. 2 incident response lifecycle (Containment, Eradication, Recovery). Includes regulator notification templates (e.g., GDPR 72-hour compliance) and post-mortem framework. Drop-in compatible with Jira / ServiceNow ticketing.
60 questions for evaluating SaaS AI vendors. Data residency, model provenance, incident history, sub-processors — answers drive your buy/no-buy decision.
HIPAA-mapped policies for medical AI deployments. PHI handling, BAA templates, FDA SaMD (Software as a Medical Device) AI/ML regulatory baseline, clinical decision support oversight.
Four curated combinations addressing core enterprise security pain points — by team (compliance, engineering, procurement) or by all-in flagship. Up to 39% off list prices.
Turn abstract regulation into out-of-the-box evidence. Every template deeply maps to recognized international baselines — so the security policies you deploy today withstand the most rigorous compliance review tomorrow.
Deep coverage across 8 core regulatory and engineering standards:
Templates provide a battle-tested security governance baseline aligned with the listed standards. Each enterprise must localize the documents to its specific business context, layer in implementation evidence, and obtain its own legal review. The templates do not constitute legal counsel, regulatory certification, or a guarantee of compliance. For procedures that require on-site review, sample inspection, or oral examination by regulators (e.g. China CAC GenAI filing, EU AI Act notified-body certification), the templates provide written documentation drafts only — they do not include filing-agency, registration-agency, or certification-agency services. Final outcomes are determined solely by the regulator's review.
Financial services (DORA / GLBA), critical infrastructure, or proprietary internal AI architectures? Beyond the standard compliance baselines, we offer high-level strategic advisory and architecture review to a select few enterprise clients. Due to extremely limited capacity, this service is by application only.