Are people using tools to collect and manage evidence for EU AI Act compliance? Or doing it manually.
We're starting to scope our compliance program for the high-risk system requirements (updated December 2027 deadline). The framework obligations are clear enough. Then there's the evidence.
How are peoples collecting evidence from across the org in a way that maps to specific Articles without it becoming a massive manual exercise? And THEN how do make sure that it's current for every audit?
We've looked at a few GRC platforms but most of them bolt AI governance onto an existing framework and the AI-specific capabilities feel thin. The ones built specifically for AI governance seem more promising but....meh
So....What's working? Is anyone actually generating audit-ready evidence automatically or is everyone still doing it manually?