TODO.LAWAI SENTINEL

Compliance

Map your AI systems against leading regulatory frameworks. Track compliance status at the requirement level, attach evidence, and export compliance packages for regulators and auditors.

Supported Frameworks

AI SENTINEL ships with three pre-loaded frameworks. Each framework is broken down into articles, clauses, or functions with individual compliance tracking.

EU AI Act

Full article mapping covering Art. 5-62 and relevant annexes. The primary regulatory framework for AI systems in the European Union.

Articles, Annexes, Recitals

NIST AI RMF

The US National Institute of Standards and Technology AI Risk Management Framework. Four core functions with sub-categories.

GOVERN, MAP, MEASURE, MANAGE

ISO 42001

International standard for AI Management Systems. Covers organizational context, leadership, planning, support, and operations.

Clauses 4-10, Annex A Controls

Compliance Statuses

Each requirement can be independently assessed for every AI system. The status reflects the current compliance posture for that specific requirement.

CompliantPartially CompliantNon-CompliantNot ApplicableNot Assessed

Compliance Matrix

The compliance matrix provides a per-AI-system view of all requirements within a chosen framework. For each requirement, you can set the compliance status, add notes, and attach evidence documents.

Per-requirement tracking

  • • Compliance status (5 levels)
  • • Evidence attachments and notes
  • • Applicability filtering by risk level
  • • Responsible person assignment

Export capabilities

  • • CSV export for spreadsheet analysis
  • • PDF export for regulatory submissions
  • • Technical documentation packages (Art. 11 / Annex IV)
  • • Audit-ready compliance reports

Cross-Framework Mapping

Many requirements across the EU AI Act, NIST AI RMF, and ISO 42001 overlap conceptually. AI SENTINEL includes 41 pre-built cross-framework mappings so that one compliance effort can satisfy requirements across multiple frameworks simultaneously.

When you mark a requirement as Compliant or Partially Compliant, AI SENTINEL shows linked requirements from other frameworks and offers to propagate the status automatically.

For example, marking EU AI Act Art. 9 (Risk Management) as compliant can automatically update NIST GOVERN 1 (Risk Management Policies) and ISO 42001 Clause 6.1 (Actions to Address Risks) — because they cover the same obligation.

28

Equivalent mappings

12

Partial mappings

1

Related mapping

Auto-Generated Compliance Snapshot

When you classify an AI system's risk level (e.g., High Risk under the EU AI Act), AI SENTINEL automatically creates compliance mapping records for every applicable requirement across all three frameworks. You arrive at the compliance matrix with all relevant controls pre-populated — no manual setup needed.

For a High Risk system, this means 80+ requirements are instantly initialized across EU AI Act (Art. 6-62), NIST AI RMF (all 23 practices), and ISO 42001 (all 31 clauses), each set to “Not Assessed” and ready for evaluation.

Mapping Compliance

1

AI OfficerNavigate to Compliance

Go to Governance → Compliance from the top navigation.

2

AI OfficerSelect framework and AI system

Choose the framework (EU AI Act, NIST AI RMF, or ISO 42001) and the AI system to assess.

3

AI OfficerAssess each requirement

Work through the requirements list. For each, set the compliance status and add notes or evidence.

4

AI OfficerFilter by applicability

Use risk-level filtering to focus on requirements that apply to your system's classification (e.g., high-risk only).

5

AI OfficerExport documentation

Generate CSV or PDF reports for regulatory submissions, audits, or internal stakeholders.