Capabilities
The module is made up of five connected areas:AI System Registry
A catalog of every AI system your organization runs or relies on. You register each system with its purpose, use cases, and data flows. The registry is the foundation that links risk classifications, vendor assessments, and incidents to specific systems.Risk Classification
Classify each registered system against the EU AI Act and NIST AI RMF frameworks. The system analyzes your use cases and suggests a risk tier automatically. You can accept the suggestion or override it with a documented rationale.Vendor Assessments
Send structured security questionnaires to your AI vendors and track their responses. Vendors receive a secure link to complete the questionnaire directly — no account required. Responses are scored automatically and assigned a risk tier when submitted.Incident Tracking
Report and manage AI-related incidents from initial discovery through resolution. Each incident has a full lifecycle with investigation fields, remediation steps, and regulatory notification tracking — giving you a documented record for audits.Regulatory Timeline
A pre-loaded view of AI regulation deadlines drawn from the EU AI Act, Colorado AI Act, and NIST AI RMF. The system suggests which regulations apply to your organization based on your registered systems and operating jurisdictions, and tracks your compliance status per milestone.Plan availability
The AI System Registry and Risk Classification features are available on the Pro plan and above. Vendor Assessments, Incident Tracking, and Regulatory Timeline require the Business plan.