Article 9 of the EU AI Act requires providers of high-risk AI systems to establish, implement, document, and maintain a risk management system throughout the entire lifecycle of their AI system. It is not a checklist or a one-time assessment — it is a continuous process that must evolve as the system and its deployment context change.
What Article 9 Actually Requires
Article 9(1) states that providers must establish, implement, document, and maintain a risk management system for high-risk AI systems. The requirement is not simply to produce a risk assessment document — it is to implement a functioning system of ongoing risk identification and mitigation.
Article 9(2) specifies that the risk management system must consist of a continuous and iterative process run throughout the entire lifecycle of a high-risk AI system. “Entire lifecycle” means from initial development through to decommissioning — including all updates, fine-tuning, and changes in deployment context that occur after the system enters service.
Article 9(7) adds a requirement that is often overlooked: providers must specifically consider reasonably foreseeable misuse when identifying risks.
The Four Steps Article 9 Requires
Article 9(2) establishes a four-part structure for the risk management process.
What “Continuous and Iterative” Means in Practice
The phrase “continuous and iterative” rules out a common compliance pattern: completing a thorough risk assessment at development time and treating the obligation as discharged.
- System changes: Any material change to the model, training data, feature set, or deployment configuration triggers a reassessment of the affected risk areas.
- Post-market monitoring findings: Article 9(2)(c) explicitly links the risk management system to data gathered from the post-market monitoring system.
- Deployment context changes: If the system is deployed in a new sector, jurisdiction, or use case — even without technical changes — the risk profile changes.
- New information: Published research, regulatory guidance, or incidents affecting similar AI systems can reveal risks not previously identified.
Residual Risk and the Acceptable Risk Threshold
Article 9(4) states that residual risks — risks that remain after mitigation measures have been applied — must be judged acceptable. Document the residual risk judgment explicitly in the risk management system file.
Document your Article 9 risk management system
Nytivo guides you through the 4-step risk management process and generates the documentation Section 4 of Annex IV requires.