AnuncioCronograma de implementación del EU AI Act: fechas clave para los implementadores
KLA Digital Logo
KLA Digital
Template

Post-market Monitoring Plan Template (Article 72 compliant)

Download an Article 72 compliant post-market monitoring plan template covering system identification, monitoring objectives, data collection, performance metrics, alerting, review procedures, incident response, and documentation.

Generate a reviewable post-market monitoring plan in 30-60 minutes.

For compliance, risk, product, and ML ops teams shipping agentic workflows into regulated environments.

Última actualización: 16 dic 2025 · Versión v1.0 · Muestra ficticia. No asesoramiento legal.

Download editable templateSolicitar paquete completo

Informar un problema: /contact

Contexto

Qué es este artefacto (y cuándo lo necesita)

Explicación mínima viable, escrita para auditorías, no para teoría.

The EU AI Act Article 72 requires providers of high-risk AI systems to establish and document a post-market monitoring system. This is not optional. It is a compliance requirement with specific mandates for how you monitor AI systems after deployment.

This template provides a structured 8-section approach covering system identification, monitoring objectives, data collection, performance metrics, alerting, review procedures, incident response, and documentation.

Lo necesita cuando

  • You are deploying an agent into a regulated workflow (credit, claims, KYC/AML, HR).
  • You need to prove ongoing quality, safety, and policy compliance after go-live.
  • You are preparing an Annex IV dossier or an audit readiness review.

Common failure mode

A plan that lists metrics but has no thresholds, no named owners, no alert escalation procedures, and no incident response workflow tied to exportable evidence.

Lista de verificación

Criterios de exito

Los revisores de los criterios de aceptación realmente verifican.

  • System identification links to regulatory classification and Annex IV documentation.
  • Monitoring objectives connect to identified risks with clear success criteria.
  • Data collection covers all sources with quality requirements and privacy considerations.
  • Performance metrics include technical, drift, and fairness thresholds with severity levels.
  • Alerting defines severity levels, notification matrix, and escalation procedures.
  • Review procedures include continuous monitoring, sampling, and periodic governance reviews.
  • Incident response covers definition, immediate response, investigation, and Article 73 reporting.
  • Documentation and evidence storage ensures tamper-proof retention with audit readiness.
Avance

Vista previa de la plantilla

Un extracto real en HTML para que sea indexable y revisable.

Template preview (excerpt)
## Section 4: Performance Metrics

### 4.1 Technical Performance Metrics
| Metric | Definition | Threshold | Alert Level |
|--------|------------|-----------|-------------|
| [Accuracy] | [% correct predictions] | [>95%] | [Critical if <90%] |

### 4.2 Drift Metrics
| Metric | Calculation Method | Threshold | Check Frequency |
|--------|-------------------|-----------|-----------------|
| [Feature drift] | [PSI or KL Divergence] | [PSI <0.1] | [Daily] |

## Section 5: Alerting and Escalation

### 5.1 Alert Severity Levels
| Level | Criteria | Response Time |
|-------|----------|---------------|
| Critical | [Immediate risk, compliance violation] | [15 minutes] |
| High | [Significant degradation] | [4 hours] |
Descargue el artefacto completo
Cómo hacerlo

Cómo rellenarlo (rápido)

Entradas que necesita, tiempo para completar y un ejemplo resuelto en miniatura.

Entradas que necesita

  • System identification with regulatory classification and Annex IV references.
  • Monitoring objectives connected to risk register with success criteria.
  • Data sources, collection frequency, quality requirements, and privacy considerations.
  • Performance thresholds (technical, drift, fairness) with severity levels.
  • Alerting configuration with escalation matrix and after-hours coverage.
  • Review procedures (continuous, sampling, periodic) with governance integration.
  • Incident response procedures including Article 73 regulatory reporting.

Tiempo para completar: 30-60 minutes for a defensible v1.

Mini example: alert severity

EJEMPLO
Alert Severity Levels:
| Level | Criteria | Response Time |
|-------|----------|---------------|
| Critical | System down, accuracy <90%, discriminatory outcome | 15 minutes |
| High | Accuracy <95%, drift threshold exceeded | 4 hours |
| Medium | Approaching threshold, unusual pattern | 24 hours |
| Low | Minor metric movement, informational | Next business day |
Mapeo KLA

Cómo lo genera KLA (Gobernar / Medir / Probar)

Vincula el artefacto con las funcionalidades del producto para facilitar la conversión.

Govern

  • Policy-as-code checkpoints that block or require review for high-risk actions.
  • Versioned change control for model/prompt/policy/workflow updates.

Measure

  • Risk-tiered sampling reviews (baseline + burst during incidents or after changes).
  • Near-miss tracking (blocked / nearly blocked steps) as a measurable control signal.

Prove

  • Hash-chained, append-only audit ledger with 7+ year retention language where required.
  • Evidence Room export bundles (manifest + checksums) so auditors can verify independently.

Recursos relacionados

Human oversight playbookAudit log retention policy templateEvidence pack checklistAI model card template
Preguntas frecuentes

Preguntas frecuentes

Redactado para obtener respuestas destacadas en buscadores.

Descargar

Descargar el artefacto

Markdown editable. No se requiere correo electrónico.

Download editable template