AI System Audit
Full examination of an AI system in production: data, model, integrations, monitoring. Risk, robustness and compliance in a single dossier.
For whomThose who already have a live AI system and must prove it holds up.
We inspect your AI systems properly — risk, security, transparency, bias. When everything is in order we certify it, with documentation ready for authorities, clients and suppliers. When it isn't, we give you a prioritized remediation plan and a date.
We classify every AI system by the AI Act's risk category — prohibited, high, limited, minimal — and measure its real exposure, not the declared one.
We verify model explainability, data provenance and quality, logging and the technical documentation the Regulation requires.
EU AI Act + GDPR gap assessment with a prioritized remediation plan, owners and deadlines. Certifiable, black on white.
From a single model to your entire supplier base. Every audit closes with a navigable report and a remediation checklist — not a PDF that gathers dust.
Full examination of an AI system in production: data, model, integrations, monitoring. Risk, robustness and compliance in a single dossier.
For whomThose who already have a live AI system and must prove it holds up.
We evaluate the AI vendors and third-party models you use: contractual clauses, liability, upstream compliance. The risk you inherit, mapped.
For whomThose who integrate third-party AI and must answer for it downstream.
Where you stand against the Regulation and what's missing to get there. Distance measured, actions prioritized, owners and dates. The compass before inspections.
For whomThose who don't yet know where to start with compliance.
Statistical tests on datasets and outputs: disparities between groups, hidden proxies, drift. Documented, repeatable fairness metrics.
For whomHR-tech, credit, scoring and every decision that touches people.
Prompt injection, data leakage, adversarial input, hallucinations in critical contexts. We stress the system before others do.
For whomThose who expose AI to end users or sensitive data.
We put the technical documentation in order and produce the audit attestation: the proof, dated and signed, to show authorities, clients and tenders.
For whomThose who have fixed their systems and must prove it to third parties.
An audit isn't an opinion: it's a repeatable protocol. The same rigor for a chatbot and for a scoring system.
AI systems inventory, risk class, audit perimeter and evaluation criteria agreed. You know exactly what we'll look at.
Technical and documentary examination: data, model, logging, security, bias, governance. Evidence collected, not impressions.
Navigable report with findings classified by severity, gaps against the AI Act and a remediation plan with owners and dates.
Once gaps are closed, we issue the audit attestation and compliance documentation. 30-day recheck included.
The essential answers on what an AI audit is, what it produces and when you need it. If you can't find yours, write to us.
It's an independent, structured examination of an artificial-intelligence system: data, model, integrations, security, bias and documentation. We verify that the system does what it claims, within the AI Act's risk limits, and produce verifiable evidence.
It's not generic consulting: it's a protocol with declared criteria, classified findings and a measurable remediation plan.
For high-risk systems, Regulation (EU) 2024/1689 requires risk management, data quality, technical documentation, logging and human oversight. Enforcement starts on 3 August 2026. An audit is the most direct way to prove these requirements are met.
From 1 to 4 weeks depending on scope. We deliver a navigable report (30-50 pages) with findings by severity, gaps against the AI Act, a remediation plan with owners and dates, and — once gaps are closed — a signed audit attestation.
The audit looks at systems; training at people (art. 4 obligation). They're complementary: an audit often surfaces training needs, and a training path closes the human side of compliance.
Yes. With the Vendor & Supply Audit (A2) we evaluate the third-party models and AI vendors you integrate: clauses, liability and upstream compliance. The risk you inherit becomes visible and manageable.
It's an independent professional attestation: it documents method, criteria and evidence as of the audit date. It doesn't replace a notified-body certification where required, but it holds up before authorities, clients and tenders as proof of due diligence.
With the Gap Assessment (A3): in 2-3 weeks you know exactly where you stand against the AI Act and what to do, in priority order. It's the safest way not to waste the first euro in the wrong place.
A 30-minute call to define the scope and risk class. You leave with a clear quote and a date — not a generic PDF.