EU AI Act · deadline 2 August 2026 · from DKK 15,000

EU AI Act,
a one-day overview

The EU AI Act applies in full from 2 August 2026 for high-risk AI systems. If you use AI for recruitment, credit scoring, legal advice, healthcare or automated decisions, you are in scope.

Our Quick Check takes one day. You get a complete AI system inventory, risk classification with article reference, and a 90-day roadmap you can execute yourselves. Built on 11+ years of Archer GRC platform experience.

Book a Quick Check Get the free checklist first
§ 01
Three tiers

Always start with the Quick Check

Unless you already have high exposure or are aiming for certification. Most clients find out exactly how much they need by starting with a Quick Check.

01 / 1 day

Quick Check

DKK 15,000-25,000

AI system inventory plus risk classification plus 10-page gap report plus board-readout deck. Get a clear view of where you stand and what to act on before 2 August 2026.

Best when

First overview. The executive team wants to know whether you are in scope and where to start.

02 / 4-5 days

Full Assessment

DKK 50,000-90,000

Quick Check plus full AI policy plus governance framework plus DPIA where relevant plus compliance roadmap to 2027. Board presentation included.

Best when

You are ready to act. The board wants a plan, not just an analysis.

03 / 6-10 days

ISO 42001 Readiness

DKK 80,000-150,000

A complete AIMS (AI Management System) ready for certification. Document pack, processes, registers, audit readiness against ISO/IEC 42001.

Best when

You want AI governance at enterprise level or certification. The board has given the mandate.

§ 02
Delivery

How we work in seven steps

  1. 01
    Intake
    Discovery questionnaire plus 30-minute compliance-focused conversation
  2. 02
    Brief
    We read your answers plus add sector-specific EU AI Act context
  3. 03
    Interviews
    3-5 key people (CEO, IT, DPO, users), 2-3 hours total
  4. 04
    Analysis
    AI system inventory plus risk classification with article references
  5. 05
    Review
    Jesper validates each classification (GRC precision from 11+ years of Archer experience)
  6. 06
    Walkthrough
    60 minutes with executives plus DPO plus legal
  7. 07
    Hand-over
    You can maintain compliance yourselves. Audit trail pack included
§ 03
Deliverables (Quick Check)

What you get

  • 10-page gap report (PDF plus Google Doc plus Word)
  • Complete AI system inventory (Google Sheet, editable)
  • Risk classification per system with EU AI Act article reference
  • Board-readout deck (15-20 slides) for executives and the board
  • AI Policy stub you can build on (Markdown plus Word)
  • 90-day compliance roadmap to 2 August 2026
  • 60-minute walkthrough meeting with executives plus DPO plus legal
  • Audit trail PDF documenting which AI models generated what
  • ISO 42001 readiness assessment (Full Assessment and ISO variants)
  • Mike-reviewed DPA templates for AI vendors (all variants)
What we need

What we need from you

Project owner
One person with decision authority, typically CEO or compliance officer
Interview participants
CEO, IT lead, DPO, optionally legal team and 2-3 power users of AI tools
Documents
AI tool inventory, existing AI policy, processor register, organisation chart
List of use cases
Where are you using AI to handle decisions about people?
1-2 weeks of flexibility
For interviews and review sessions
§ 04
High-risk obligations

Eight requirements you must be able to demonstrate

If you operate high-risk AI systems, these are the eight areas you must be able to document for the supervisory authority or an auditor.

01
Risk management
Establish and maintain risk assessment per high-risk system
02
Data quality
Training, validation and test data must be representative and relevant
03
Technical documentation
Complete documentation demonstrating compliance
04
Logging
Automatic event logging on high-risk systems
05
Transparency
Users must be informed when they interact with AI
06
Human oversight
People must be able to understand and override AI decisions
07
Accuracy
Consistent performance plus robustness to errors
08
Audit trail
Traceability for compliance audits
§ 05
Questions

What we are most often asked

Are we really in scope?
If you use AI to make decisions about people, such as recruitment, credit, legal advice, healthcare, education or critical infrastructure, you are in scope as high-risk. Even using external tools like ChatGPT or Claude for those purposes counts.
Why you rather than a lawyer or IT auditor?
We address the technical implementation, not the legal interpretation. Your lawyer or auditor owns the interpretation. We deliver the audit trail, AI inventory, risk classification and practical compliance that matches the enterprise-grade standard Archer GRC has set for the past 11 years. We recommend a final legal validation of the deliverables.
What happens if we do not comply?
Fines reach up to EUR 35 million or 7 percent of global revenue for prohibited practices. For high-risk: up to EUR 15 million or 3 percent. For supervisory matters: up to EUR 7.5 million or 1 percent. There is also reputational risk from EU database registration and post-market monitoring requirements.
How much time is left until 2 August 2026?
It depends on when you start. If you begin now and prioritise: 4-6 months is comfortable for a Full Assessment plus implementation. If you wait until after the summer: very tight. The regulation does not allow retroactive transition periods.
Do you use AI to produce the assessment yourselves?
Yes, and the audit trail shows exactly what. AI-generated first drafts of the inventory and report, then manual review of each classification before the client sees anything. Our entire stack is public at /en/ai-stack.
Next steps

2 August 2026 is not optional

The first conversation is confidential and without obligation. We find out together whether you are in scope, where you stand, and which tier (Quick Check / Full / ISO) fits your situation and budget.

Book a Quick Check Get the free checklist