AvisCalendrier de mise en oeuvre du EU AI Act : dates clés pour les déployeurs
KLA Digital Logo
KLA Digital
Template

Post-market Monitoring Plan Template (Article 72 compliant)

Download an Article 72 compliant post-market monitoring plan template covering system identification, monitoring objectives, data collection, performance metrics, alerting, review procedures, incident response, and documentation.

Generate a reviewable post-market monitoring plan in 30-60 minutes.

For compliance, risk, product, and ML ops teams shipping agentic workflows into regulated environments.

Dernière mise à jour : 16 déc. 2025 - Version v1.0 - Exemple fictif. Ne constitue pas un avis juridique.

Download editable templateDemander le paquet complet

Signaler un problème : /contact

Contexte

Ce qu'est cet artefact (et quand vous en avez besoin)

Explication minimale viable, écrite pour les audits, pas pour la théorie.

The EU AI Act Article 72 requires providers of high-risk AI systems to establish and document a post-market monitoring system. This is not optional. It is a compliance requirement with specific mandates for how you monitor AI systems after deployment.

This template provides a structured 8-section approach covering system identification, monitoring objectives, data collection, performance metrics, alerting, review procedures, incident response, and documentation.

Vous en avez besoin quand

  • You are deploying an agent into a regulated workflow (credit, claims, KYC/AML, HR).
  • You need to prove ongoing quality, safety, and policy compliance after go-live.
  • You are preparing an Annex IV dossier or an audit readiness review.

Common failure mode

A plan that lists metrics but has no thresholds, no named owners, no alert escalation procedures, and no incident response workflow tied to exportable evidence.

Liste de contrôle

À quoi ressemble un bon résultat

Les évaluateurs des critères d'acceptation vérifient réellement.

  • System identification links to regulatory classification and Annex IV documentation.
  • Monitoring objectives connect to identified risks with clear success criteria.
  • Data collection covers all sources with quality requirements and privacy considerations.
  • Performance metrics include technical, drift, and fairness thresholds with severity levels.
  • Alerting defines severity levels, notification matrix, and escalation procedures.
  • Review procedures include continuous monitoring, sampling, and periodic governance reviews.
  • Incident response covers definition, immediate response, investigation, and Article 73 reporting.
  • Documentation and evidence storage ensures tamper-proof retention with audit readiness.
Aperçu

Aperçu du modèle

Un véritable extrait en HTML donc il est indexable et revisible.

Template preview (excerpt)
## Section 4: Performance Metrics

### 4.1 Technical Performance Metrics
| Metric | Definition | Threshold | Alert Level |
|--------|------------|-----------|-------------|
| [Accuracy] | [% correct predictions] | [>95%] | [Critical if <90%] |

### 4.2 Drift Metrics
| Metric | Calculation Method | Threshold | Check Frequency |
|--------|-------------------|-----------|-----------------|
| [Feature drift] | [PSI or KL Divergence] | [PSI <0.1] | [Daily] |

## Section 5: Alerting and Escalation

### 5.1 Alert Severity Levels
| Level | Criteria | Response Time |
|-------|----------|---------------|
| Critical | [Immediate risk, compliance violation] | [15 minutes] |
| High | [Significant degradation] | [4 hours] |
Télécharger l'artefact complet
Comment faire

Comment le remplir (rapide)

Les entrées dont vous avez besoin, le temps de compléter, et un exemple de travail miniature.

Entrées dont vous avez besoin

  • System identification with regulatory classification and Annex IV references.
  • Monitoring objectives connected to risk register with success criteria.
  • Data sources, collection frequency, quality requirements, and privacy considerations.
  • Performance thresholds (technical, drift, fairness) with severity levels.
  • Alerting configuration with escalation matrix and after-hours coverage.
  • Review procedures (continuous, sampling, periodic) with governance integration.
  • Incident response procedures including Article 73 regulatory reporting.

Temps de réalisation : 30-60 minutes for a defensible v1.

Mini example: alert severity

EXEMPLE
Alert Severity Levels:
| Level | Criteria | Response Time |
|-------|----------|---------------|
| Critical | System down, accuracy <90%, discriminatory outcome | 15 minutes |
| High | Accuracy <95%, drift threshold exceeded | 4 hours |
| Medium | Approaching threshold, unusual pattern | 24 hours |
| Low | Minor metric movement, informational | Next business day |
Cartographie KLA

Comment KLA le génère (Gouvern / Mesure / Prouve)

Attachez l'artefact aux primitifs pour qu'il se convertisse.

Govern

  • Policy-as-code checkpoints that block or require review for high-risk actions.
  • Versioned change control for model/prompt/policy/workflow updates.

Measure

  • Risk-tiered sampling reviews (baseline + burst during incidents or after changes).
  • Near-miss tracking (blocked / nearly blocked steps) as a measurable control signal.

Prove

  • Hash-chained, append-only audit ledger with 7+ year retention language where required.
  • Evidence Room export bundles (manifest + checksums) so auditors can verify independently.

Ressources connexes

Human oversight playbookAudit log retention policy templateEvidence pack checklistAI model card template
FAQ

FAQ

Écrit pour gagner des réponses de style extrait.

Télécharger

Télécharger l'artefact

Markdown modifiable. Aucun courriel requis.

Download editable template