Strategic Readiness: Navigating and Preparing for the EU AI Act
Author: Elija Leib, Federica Pizzuti, Oliver Deiters
In our
previous articles
we examined the complexities of the EU AI Act, focusing on its approach and the impact on organizations. With the imminent application of the EU AI Act in early 2026, organizations need a strategic roadmap to guarantee seamless compliance.
Below, we delve into the strategic preparations organizations must make and how we can support you in this transformative process. Let's explore the detailed steps organizations can take to prepare effectively:
When does it apply?
After entry into force in early 2024, the AI Act will apply:
- 6 months for prohibited AI systems
- 12 months for General Purpose AI
- 24 months for high risk AI systems
- 36 months for high risk AI systems that are covered under specific product safety laws
- Codes of practice must be ready 9 months after entry into force.
First steps
First of all, it is important to determine which role an organization has, as the obligations for providers, deployers and manufacturers differ significantly.
Then the use case of the AI system should be examined to determine whether it falls under one of the high-risk use cases listed below.
Conformity Assessment
For high-risk applications a conformity assessment is necessary. Depending on the use-case organizations can choose between an internal assessment or an external assessment by an independent third party. In several cases an external assessment by a notified body is mandatory.
If the AI system is used as a safety component of a product that falls under specific product safety rules that include third party assessments, like medical devices or some types of machinery, the assessment has to include an independent assessment of the AI system as well.
Many organizations opt for an involvement of independent third parties in the safety assessment of their AI assessments outside of legal requirements, because it provides a certain level of assurance that minimizes risk for the organization and the consumer. This makes organizations more attractive for investors and minimizes risks for insurances.
How we can help you
DEKRA offers professional advisory and training services to assist companies in the successful deployment of AI technology while ensuring safety and security. Our experts provide guidance on implementing upcoming AI regulations and assessing their impact on business and product portfolio. We equip organizations with the knowledge and expertise to navigate AI deployment effectively and compliantly.
- Pre-Assessment on AI safety and security risk mitigation
- Pre-Assessment on AI Management System implementation
- Training on governance and safe usage of Generative AI tools (e.g., ChatGPT) at work environment
- Risks of AI
- Training on European AI regulation (EU AI Act)
- Training on good practices for development of safe and secure AI solutions
Are you ready to turn knowledge into strategic action? Let's shape the future together!