/

Regulation & Framework

/

EU AI Act

EXPERTISE

EU AI Act

The world's first comprehensive AI regulation — a risk-based framework with obligations that scale from transparency to strict conformity, for organisations that build or use AI.

What it is — and why it matters.

The EU AI Act establishes harmonised rules for artificial intelligence across the EU, using a risk-based approach. Practices deemed an unacceptable risk are prohibited outright. High-risk systems face strict requirements — risk management, data governance, technical documentation, human oversight, accuracy, and robustness. Limited-risk systems carry transparency obligations (telling people they're interacting with AI). Minimal-risk uses are largely unregulated. Providers and deployers each have distinct duties, and general-purpose AI (GPAI) models have their own dedicated rules. For most organisations the urgent question is no longer "if" but "which of our AI systems are in scope, and at what tier."

Who this affects.

Providers and deployers of AI systems placed on the EU market or used within the EU — including organisations established outside the EU. It is especially relevant if you build AI, embed it into products, or use it in higher-stakes contexts such as recruitment, credit, education, or critical infrastructure.

What's involved

How we help.

  • AI inventory & classification | Identify which systems are in scope, and at what risk tier.

  • AI governance | Accountability and oversight for how AI is built and used.

  • AI risk management | Risk management tailored to AI's specific failure modes.

  • Conformity readiness | Technical documentation and the evidence conformity requires.

  • Deployer obligations | Human-oversight design and the duties that fall on users of AI.

  • Aligned to AI Security & Compliance | Kept consistent with your broader safe-AI posture.

Compliance

Within your managed office.

The EU AI Act sits under Compliance and connects to Governance, Risk, and Architecture & Transformation. We manage it alongside your wider AI Security & Compliance topic so AI adoption stays both compliant and genuinely safe — part of one program, not a bolt-on.

Within your managed office.

The EU AI Act sits under Compliance and connects to Governance, Risk, and Architecture & Transformation. We manage it alongside your wider AI Security & Compliance topic so AI adoption stays both compliant and genuinely safe — part of one program, not a bolt-on.

CTRL Disrupt

Your Managed Security & Risk Office.
Based in the Netherlands.

EXPERTISE

ISO 27001

NIS2

BIO2.0

EU AI Act

AI Security & Compliance

Marshalllaan 2
2625 GZ Delft
The Netherlands

© 2026 CTRL Disrupt Consulting B.V. · KvK 87198983 · All rights reserved.