人工智能风险管理指南（英文）

11November2025

GuidanceforRiskManagementofArtificialIntelligencesystems

2

Contents

Executivesummary 4

1Introduction 5

1.1Objective 5

1.2Scope 5

1.3Audience 6

2RiskManagementmethodology 7

3UnderstandingtheAIlifecycle 9

3.1DefinitionofanAIsystem 9

3.2LifecycleofanAIsystem 9

3.3ProcuringanAIsystem 11

4Interpretabilityandexplainabilityassinequanon 13

4.1.1Risk1:UninterpretableorunexplainableAIsystem 14

5RisksassociatedtomainDataProtectionPrinciples.15

5.1Principleoffairness 15

5.1.1Risk1:Biascausedbythelackofdataqualityintraining

personaldata 17

5.1.2Risk2:Biasintrainingpersonaldata 19

5.1.3Risk3:Overfittingtothetrainingpersonaldata 21

5.1.4Risk4:Algorithmicbias 22

5.1.5Risk5:Interpretationbias 24

5.2Principleofaccuracy 25

5.2.1LegalmeaningofaccuracyintheEUDPR 25

5.2.2StatisticalmeaningofaccuracyinAIdevelopment 25

5.2.3Risk1:Inaccuratepersonaldataoutput 25

5.2.4Specificexample:Inaccurateoutputduetodatadriftand

deteriorationofinputpersonaldataquality 27

5.2.5Risk2:UnclearinformationfromtheAIsystemprovider 28

5.3Principleofdataminimisation 30

5.3.1Risk1:Indiscriminatecollectionandstorageofpersonaldata 30

5.4Principleofsecurity 31

5.4.1Risk1:AIsystemoutputdisclosureoftrainingpersonaldata 32

5.4.2Risk2:Personaldatastorageandpersonaldatabreaches 34

3

5.4.3Risk3:Personaldataleakagethroughapplicationprogramming

interfaces 35

5.5Datasubject’srights 36

5.5.1Risk1:Incompleteidentificationofthepersonaldataprocessed

36

5.5.2Risk2:Incompleterectificationorerasure 38

6Conclusion 39

Annex1:Metrics 41

Annex2:Overviewofconcernsandrisks 47

Annex3:ChecklistperphaseoftheAIlifecycle

development 48

DevelopingandAIsystem 48

ProcuringanAIsystem 52

Executivesummary

Thedevelopment,procurementanddeploymentofAIsystemsinvolvingtheprocessingofpersonaldatabyEuropeanUnionInstitutions,Bodies,OfficesandAgencies(EUIs)raisessignificantriskstodatasubjects’fundamentalrightsandfreedoms,includingbutnotlimitedtoprivacyanddataprotection.AsthecornerstoneofRegulation2018/1725(EUDPR),

1

theprincipleofaccountabilityenshrinedinArticle4(2)(foradministrativepersonaldata)andArticle71(4)(foroperationalpersonaldata)requiresEUIstoidentifyandmitigatetheserisks,aswellastodemonstratehowtheydidso.ThisisallthemoreimportantforAIsystemsthataretheproductofintricatesupplychainsofteninvolvingmultipleactorsprocessingpersonaldataindifferentcapacities.

ThisGuidanceaimstoguideEUIsactingasdatacontrollersinidentifyingandmitigatingsomeoftheserisks.Morespecifically,theyfocusontheriskofnon-compliancewithcertaindataprotectionprincipleselicitedintheEUDPRforwhichthemitigationstrategiesthatcontrollersmustimplementcanbetechnicalinnature–namelyfairness,accuracy,dataminimisation,securityanddatasubjects’rights.Assuch,thetechnicalcontrolslistedinthisGuidancearebynomeansexhaustive,anddonotexemptEUIsfromconductingtheirownassessmentoftherisksraisedbytheirspecificprocessingactivities.Indoingso,itrefrainsfromrankingtheirlikelihoodandseverity.

First,thisdocumentprovidesanoverviewoftheriskmanagementmethodologyaccordingtoISO31000:2018(Section

2)

.Second,itoutlinesthetypicaldevelopmentlifecycleofAIsystemsaswellasthedifferentstepsinvolvedintheirprocurement(Section

3)

.Third,itexploresthenotionsofinterpretabilityandexplainabilityascross-cuttingconcernsthatconditioncompliancewithalltheprovisionscoveredinthisGuidance(Section4).Lastly,itbreaksdownthefourgeneralprincipleslistedabove,namelyfairness,accuracy,dataminimisationandsecurityintospecificrisks,eachofwhichisthendescribedandpairedwithtechnicalmeasuresthatcontrollerscanimplementtomitigatetheserisks(Section

5)

.

TheEDPSissuesthisguidanceinhisroleasadataprotectionsupervisoryauthorityandnotinhisroleasmarketsurveillanceauthorityundertheAIAct.ThisguidanceiswithoutprejudicetotheArtificialIntelligenceAct.

1Regulation(EU)2018/1725oftheEuropeanParliamentandoftheCouncilof23October2018ontheprotectionofnaturalpersonswithregardtotheprocessingofpersonaldatabytheUnioninstitutions,bodies,officesandagenciesandonthefreemovementofsuchdata,andrepealingRegulation(EC)No45/2001andDecisionNo1247/2002/EC[2018]OJL295/39

https://data.europa.eu/eli/reg/2018/1725/oj.

4

5

1Introduction

1.1Objective

ThisdocumentaimstoguideEUInstitutions,Bodies,OfficesandAgencies(EUIs)actingascontrollerswithinthemeaningofArticle3(8)ofRegulation(EU)2018/1725(EUDPR)inidentifyingandmitigatingsomeoftherisksfordatasubjects’fundamentalrightsraisedbytheprocessingofpersonaldatawhendeveloping,procuringanddeployingAIsystems.

2

ItisintendedtocomplementPartIIoftheAccountabilityonthegroundtoolkitonDataProtectionImpactAssessments&PriorConsultation.

3

ItalsocomplementstheEDPSOrientationsoftheuseofGenerativeAIbyEUIsforensuringdataprotectioncompliancewhenusingGenerativeAIsystemsissuedinJune2024,whichprovidespracticaladviceonhowEUIscanensurecompliancewiththeEUDPRwhendevelopingorusinggenerativeAIsystems.

4

Thepresentdocumentisbothbroader,asitencompassesalltypesofAIsystems,butalsonarrower,asitfocusesontechnicalratherthanlegalmitigationstrategies(seeSection

1.2)

.

ThisdocumentprovidesananalyticalframeworkforidentifyingandtreatingrisksthatmayariseinAIsystems,structuredaccordingtothedataprotectionprinciplespotentiallyaffected.Itdoesnotconstituteandshallnotberelieduponasasetofcomplianceguidelines.Thesolepurposeofthisdocumentistofacilitateasystematicassessmentofrisksfromadataprotectionperspective.Inotherwords,itdoesnotreplacethenecessarycomplianceassessmentofeachAIsystemtobedonebythecontroller,whomustensurethattherisksidentified(withthesupportofthisframework)aremanagedasnecessarytomeetalltheobligationsarisingundertheEUDPR.

TheEDPSissuesthisguidanceinhisroleasadataprotectionsupervisoryauthorityandnotinhisnewroleasmarketsurveillanceauthorityundertheAIAct.

1.2Scope

ForthepurposeofthisGuidance,andbuildingontheterminologyusedinISO31000:2018,

5

thenotionof“risk”isexpressedintermof“risksource”,“event”,“consequence”and“control”,wherethe“risksource”referstotheprocessingofpersonaldatainthecontextoftheprocurement,developmentordeploymentofanAIsystem,the“event”referstoasituationinwhichthatprocessingwouldimpedeondatasubjects’fundamentalrightsandfreedoms,the“consequence”referstothematerialornon-materialharmthismightcause

2Regulation(EU)2018/1725oftheEuropeanParliamentandoftheCouncilof23October2018ontheprotectionofnaturalpersonswithregardtotheprocessingofpersonaldatabytheUnioninstitutions,bodies,officesandagenciesandonthefreemovementofsuchdata,andrepealingRegulation(EC)No45/2001andDecisionNo1247/2002/EC[2018]OJL295/39

https://data.europa.eu/eli/reg/2018/1725/oj.

3EDPS,,AccountabilityonthegroundPartII:DataProtectionImpactAssessments&PriorConsultation,February2018,

https://www.edps.europa.eu/sites/default/files/publication/18-02-06_accountability_on_the_ground_part_2_en.pdf

4EuropeanDataProtectionSupervisor,GenerativeAIandtheEUDPR.OrientationsforensuringdataprotectioncompliancewhenusingGenerativeAIsystems.(Version2),28October2025,

https://www.edps.europa.eu/system/files/2025-10/25-

10_28_revised_genai_orientations_en.pdf

5InternationalOrganizationforStandardization,ISO31000:2018Riskmanagement—Guidelines,Edition2,2018,

/standard/65694.html.

6

todatasubjects,

6

andthe“control”referstothemitigationstrategiesthatcontrollerscanputinplacetoreducethelikelihoodofthatriskmaterialisingand/ortheimpactithasondatasubjectsshoulditmaterialise.

7

PursuanttoArticle1(2)EUDPR,theobjectiveoftheRegulationistoprotecttherightsandfreedomsofnaturalpersons,includingbutnotlimitedtoprivacyanddataprotectioninthecontextoftheprocessingoftheirpersonaldata.AccordingtoArticles4(2),26(1)and27(1),EUIsareresponsibleforidentifyingandmitigatingriskstotheserightsandfreedomsraisedbytheirprocessingactivities,andtodemonstratehowtheydidso.Thisisparticularlyimportantwhenitcomestotheprocurement,developmentanddeploymentofAIsystems,alltheadverseimpactsofwhichhavenotyetbeenassessed.Itisthereforecrucialforcontrollerstoproperlyidentifyandmitigate,foreachoftheirprocessingactivities,theriskstheseraiseforalldatasubjects’fundamentalrights.CompliancewiththeprovisionsexplicitlylaiddownintheEUDPRisaproxytoachievethatobjective.ThisGuidancethereforestickstoaconceptualisationoftheriskinwhichthe“event”isasituationofnon-compliancewithaprovisionexplicitlylaiddowninthetext.

Morespecifically,thisGuidancefocusesontheriskofnon-compliancewithaselectfewdataprotectionprinciplesforwhichthe“controls”thatcontrollersmustimplementcanbetechnicalinnature–namelyfairness,accuracy,dataminimisation,securityandcertaindatasubjects’rights.TheEDPSinsistsonthefactthatthelistofrisksandcountermeasuresoutlinedinthisGuidanceisnotexhaustive,butmerelyreflectssomeofthemostpressingissuesthatcontrollersmustaddresswhenprocuring,developinganddeployingAIsystems.

1.3Audience

TheintendedaudienceforthisdocumentisEUIs’staffinvolvedintheprocurement,developmentanddeploymentofAIsystems,includingsoftwaredevelopers,datascientists,ITengineers,ITprojectmanagers,DataProtectionOfficersandDataProtectionCoordinators.

6Recital46EUDPRspecifiesthat“[t]therisktotherightsandfreedomsofnaturalpersons,mayresultfrompersonaldataprocessingwhichcouldleadtophysical,materialornon-materialdamage,inparticular:wheretheprocessingmaygiverisetodiscrimination,identitytheftorfraud,financialloss,damagetothereputation,lossofconfidentialityofpersonaldataprotectedbyprofessionalsecrecy,unauthorisedreversalofpseudonymisation,oranyothersignificanteconomicorsocialdisadvantage;wheredatasubjectsmightbedeprivedoftheirrightsandfreedomsorpreventedfromexercisingcontrolovertheirpersonaldata;wherepersonaldataareprocessedwhichrevealracialorethnicorigin,politicalopinions,religionorphilosophicalbeliefs,tradeunionmembership,andtheprocessingofgeneticdata,dataconcerninghealthordataconcerningsexlifeorcriminalconvictionsandoffencesorrelatedsecuritymeasures;wherepersonalaspectsareevaluated,inparticularanalysingorpredictingaspectsconcerningperformanceatwork,economicsituation,health,personalpreferencesorinterests,reliabilityorbehaviour,locationormovements,inordertocreateorusepersonalprofiles;wherepersonaldataofvulnerablenaturalpersons,inparticularofchildren,areprocessed;orwhereprocessinginvolvesalargeamountofpersonaldataandaffectsalargenumberofdatasubjects”.

7ISO31000:2018(section3.8)usestheterm“control”definedas“measurethatmaintainsand/ormodifiesrisk”.TheEUDPRusestheterm“measure”.Theremainderofthisdocumentwillusethetermmeasure.

7

2RiskManagementmethodology

AccordingtotheISO31000:2018,riskmanagementisaprocessbywhichanorganisationcancontroltherisks(see

Figure

1).Thecoreofthatactivityistheriskassessmentpart,duringwhichanorganisationsuccessivelyidentifies,analysesandevaluatestherisks.

8

Figure1:riskassessment

9

Riskidentificationinvolvessystematicallyrecognisingrisksthatcouldpotentiallyaffecttheorganisation’sobjectives.Thisstepfocusesonidentifyingthesourcesofrisk,theareasofimpact,andtheeventsorsituationsthatmightleadtouncertainty.Thegoalistocreateacomprehensiveriskregisterthatwillbefurtheranalysedinthefollowingsteps.AsalreadyhintedatinSection

1.2

,thisGuidanceassumesthattheobjectivepursuedbyEUIsistoensurethattheprocessingofpersonaldatawithregardtowhichtheyactascontrollersdoesnotimpedeondatasubjects’fundamentalrights.

Riskanalysisisthenextstep,duringwhichtheorganisationexaminestherisksidentifiedtounderstandtheirnature,theirsources,theirlikelihood,andtheirpotentialconsequences.Thisstepaimstodeterminethelikelihoodofeachriskmaterialisingitself,aswellasitsimpactondatasubjectsshouldithappen.Forqualitativeriskanalysis,thelevelsoflikelihoodandimpactcanbegradedonascalerangingfrom“Verylow”,“Low”,“Medium”,

8IsabelBarberá,AIPossibleRisks&Mitigations-NamedEntityRecognition,September2023,

https://www.edpb.europa.eu/system/files/2024-07/ai-risks_d1named-entity-recognition_edpb-spe-programme_en.pdf

IsabelBarberá,AIPossibleRisks&Mitigations-OpticalCharacterRecognition,September2023,

https://www.edpb.europa.eu/system/files/2024-06/ai-risks_d2optical-character-recognition_edpb-spe-

programme_en_2.pdf

9FromISO31000:2018.

“High”,and“Veryhigh”.

10

Onceeachoftheseelementsinthescaleisdefined,

11

theriskcanbeevaluatedastheproductofitslikelihoodandtheseverityofitsimpact(Risk=LikelihoodxImpact).Thisistypicallyrepresentedviaariskmatrix(see

Figure2)

.

Likelihood

VeryHigh

Medium

High

Veryhigh

Veryhigh

High

Low

High

Veryhigh

Veryhigh

Low

Low

Medium

High

Veryhigh

Unlikely

Low

Low

Medium

Veryhigh

Verylimited

Limited

Significant

Verysignificant

Severity

Figure2:qualitativematrixforrisk

12

Riskevaluationisthefinalstepoftheriskassessment,wheretheresultsoftheriskanalysisarecomparedagainsttheorganisation'sriskcriteria(suchasriskappetiteandtolerance)todeterminewhethereachriskisacceptableorrequirestreatment.Theoutcomeofthisevaluationhelpstheorganisationdecidewhethertoavoid,mitigate,transfer,oraccepttherisks,dependingontheirseverityandorganisationalgoals.

Aftertheriskassessmentcomestherisktreatment,thepurposeofwhichistoselectandimplementmeasurestomitigatetheseriskseffectively.Itisaniterativeprocessthatinvolvesseveralkeysteps.First,risktreatmentoptionsareformulatedandselected.Then,aplanisdevelopedandimplementedtoaddresstheidentifiedrisks.Afterimplementation,theeffectivenessofthemeasuresisassessedtodeterminewhetherithasmitigatedtherisksufficiently.Iftheremainingriskisdeemedacceptable,nofurtheractionisnecessary.However,iftheriskisstillunacceptable,additionalmeasuresaretakentofurtherreduceit.

ThisGuidancefocusontwospecificaspectsoftheriskmanagementprocess,namelyriskidentificationandrisktreatment;theriskanalysisandtheriskevaluationaspectsaretoodependentonthespecificprocessingcontextandtheirassessmentisbetterlefttoeachorganisationinlinewiththeirownriskcriteria.ThismeansthatEUIsshouldperformathoroughanalysisforeachAIsystemtheyplantouseinordertoalsoevaluatethelikelihoodandimpactoftherisks,anddecideonthemitigatingmeasurestoaddressthem,aswellas

10Incontrasttoquantitativeriskassessmentswhichrequiremeasurementswhichareoftendifficulttocollect.

11IsabelBarberá,AIPossibleRisks&Mitigations-NamedEntityRecognition,September2023,

https://www.edpb.europa.eu/system/files/2024-07/ai-risks_d1named-entity-recognition_edpb-spe-programme_en.pdf

12ibid

8

9

ontheresidualrisks.

13

ThisanalysiscouldevenleadtotheconclusionthattheEUIisunabletomitigatebyreasonablemeanstherisksposedbytheplannedAIsystemandthusadifferentsolutiontotheorganisation’sneedshastobefound.Inthatcase,theEUIwouldhavetopriorconsulttheEDPSpursuanttoArticle40(1)EUDPR.

3UnderstandingtheAIlifecycle

3.1DefinitionofanAIsystem

ForthepurposesofthisGuidance,anAIsystemisunderstoodwithinthemeaningofArticle3(1)ofRegulation2024/1689(AIAct)as“amachine-basedsystemdesignedtooperatewithvaryinglevelsofautonomy,thatmayexhibitadaptivenessafterdeploymentandthat,forexplicitorimplicitobjectives,infers,fromtheinputitreceives,howtogenerateoutputssuchaspredictions,content,recommendations,ordecisionsthatcaninfluencephysicalorvirtualenvironments”.

14

TheAIAct,however,doesnotcontainadefinitionofan“AImodel”.

15

ThetermsAIsystemandAImodelareoftenusedasiftheyweresynonyms,whentheyarenot.

AImodelsaremathematicalrepresentationsthatcapture,inasetofparameters,thepatternsunderlyingtheirtrainingpersonaldata.

16

AlthoughAImodelsareessentialcomponentsofAIsystems,theydonotconstituteAIsystemsontheirown,astheywillalwaysrequireothersoftwarecomponentstobeabletofunctionandinteractwithusersandthevirtualorphysicalenvironment.Infact,anAIsystemcanbecomposedofmorethanoneAImodel.Forexample,avoicetranslatorAIsystemcouldbecomposedofafirstmodeltranscribingvoicedataintotext,asecondmodeltranslatingthetextfromonelanguagetoanotherandathirdmodelproducingasoutputvoicedatafromthetranslatedtext.

3.2LifecycleofanAIsystem

RiskscanappearindifferentpartsofthedevelopmentlifecycleofanAIsystem.Thus,itisnecessarytounderstandthespecificitiesofthedevelopmentlifecycleofanAIsystemcomparedtoatraditionaldevelopmentlifecycle(fornon-AIsystems).

17

Differentrisksmayappearinthedifferentphasesofthedevelopmentlifecycle(seeSections

4

and

5)

.TheAIdevelopmentlifecycletypicallycomprisesthestepsdetailedin

Figure3

.

18

14Regulation(EU)2024/1689oftheEuropeanParliamentandoftheCouncilof13June2024layingdownharmonisedrulesonartificialintelligenceandamendingRegulations(EC)No300/2008,(EU)No167/2013,(EU)No168/2013,(EU)2018/858,(EU)2018/1139and(EU)2019/2144andDirectives2014/90/EU,(EU)2016/797and(EU)2020/1828(ArtificialIntelligenceAct)EC[2024]OJL2024/1689

http://data.europa.eu/eli/reg/2024/1689/oj.

15Althoughitdefinesageneral-purposeAImodelas“anAImodel,includingwheresuchanAImodelistrainedwithalargeamountofdatausingself-supervisionatscale,thatdisplayssignificantgeneralityandiscapableofcompetentlyperformingawiderangeofdistincttasksregardlessofthewaythemodelisplacedonthemarketandthatcanbeintegratedintoavarietyofdownstreamsystemsorapplications”(Article3(63)AIAct)

16ISO/IEC22989:2022definesanAImodelasa“physical,mathematicalorotherwiselogicalrepresentationofasystem,entity,phenomenon,processordata”.

17SeeISO/IEC15288,ISO/IEC12207andISO24748:2024.

18DetailsareprovidedinISO22989:2022

10

Inception/Analysis

Dataacquisitionand

preparation

Development

Verificationandvalidation

Deployment

Operationandmonitoring

Continuousvalidation

Re-evaluation

Retirement

1Inception/Analysis:ThisinitialstageinvolvesclearlydefiningtheproblemtheAIsystemisintendedtosolveandselectingtheAImodelarchitecture.

2Dataacquisitionandpreparation:TherequiredtrainingpersonaldatadependsontheobjectivesoftheAIsystem.Forexample,anAIsystemmeanttoprocessimageswillexpectimagesastrainingpersonaldata.Theseimagescancomefromvarioussources(internet,privatedatabasesetc.).ThetrainingpersonaldatatobefedtoaspecificAIsystemneedstobeformatted,checkedagainstapplicablequalityandlegalrequirements,andnormalisedbeforetheycanbeused.

3Development:AIsystemscanbeprogrammedandtrainedtofulfilspecificpre-definedlimitedfunctions.Thisstepincludesselectingappropriatealgorithms,trainingtheAIsystemontheprepareddata,testing(tocheckiftheAIsystemworksandisfreeofbugs)andtuningitshyperparameters(e.g.learningrate)toimproveitsperformance.BuildingtheAIsystemmightbedonewithacombinationof“libraries”(thatcouldbeprocured),acquiredpre-trainedmodelsandinternaldevelopment.

4Verificationandvalidation:Afterthedevelopmentphase,theAIsystemisrigorouslyverified("Arewebuildingtheproductcorrectly?")andvalidated("Arewebuildingtherightproduct?")toensureitmeetsthefunctionalandnon-functionalrequirementssetintheinceptionstage.ThisinvolvescheckingtheAIsystem'sstatisticalaccuracy,robustness,andgeneralisabilityusingtestandvalidationdatasets.IssuesrelatedtotheAImodelduringthisphaseareaddressedbyretrainingtheAIsystem.

Figure3:AIdevelopmentlifecycle

5Deployment:TheAIsystemcanbedeployedinitsfinalenvironment(whichcouldbeend-userdevices,servers,cars,etc.).

6Operationandmonitoring:Oncedeployed,theAIsystemisthenoperatedbyitsusersandneedscontinuousmonitoringtoensureitoperatesasexpected.Thisincludestrackingperformance,updatingtheAIsystemtomeetnewrequirements,andrefiningitbasedonfeedback.

7Continuousvalidation:WhenanAIsystemutilisescontinuouslearning,

19

theoperationandmonitoringphaseisextendedintoanadditionalphaseofcontinuousvalidation.Inthisphase,trainingisconductedcontinuouslywhilethesystemisliveinproduction.Thesystem’sperformanceisregularlyassessedusingtestdatatoensureproperfunctioning.Additionally,thetestdatamayneedtobeupdatedperiodicallytobetterreflectthecurrentproductiondata,ensuringamoreaccurateevaluationoftheAIsystem’scapabilities.

8Re-evaluation:Aftertheoperationandmonitoringphaseandthepossiblecontinuousvalidation,itmaybecomenecessarytoreassesstheAIsystembasedonitsperformanceresults.TheoperationalresultsofthesystemshouldbethoroughlyanalysedandcomparedagainsttheidentifiedrisksassociatedwiththeAIsystemtoverifyiftheidentifiedriskshavebeensuitablymitigated.Itispossiblethat,duringthisphase,risksthathavenotbeenpreviouslyidentifiedappear.ThesewouldneedtobetreatedinthenextcycleoftheriskmanagementprocesspresentedinSection

2

.

9Retirement:AnAIsystemshouldberesponsiblyandefficientlydecommissionedwhenitisnolongerneededorisreplacedbyamoreadvancedsolution.

3.3ProcuringanAIsystem

Ontopofthat,inmanycases,buildinganAIsystemrequiresexternalexpertiseortheacquisitionofacommercialproductcoveringpartofthefunctionality,thedata,thesecurity,etc.Inthosecasesitisalsoimportanttoacknowledge,alreadyintheprocurementcycle,makingariskevaluationbeforeanybudgetisactuallycommittedforasolutionthatwouldbringundesirableriskstotheorganisation.

Inthesecases,oneofseveralphasesareallocatedtotheAIexternalprovider(whowilltakecareoftheprovisionoftheAIsysteminwholeorinpart).TheEUIs’staffinvolvedintheprocurementofAIsystemswillneedtocoordinateeffortswiththeEUIs’staffinvolvedinthedeploymentoftheseAIsystems(e.g.ITengineers,ITprojectmanagers,DataProtectionOfficersorDataProtectionCoordinators)inordertodraftthetechnicalpartofthecallfortender,fortheselectionoftherightproductandtheexecutionoftheimplementationoftheAIsystem.

SeveralapproachescanbetakentointegrateaprocuredAIsystemintoanexistinginfrastructure.AsperRegulation2024/2509

20

,theprocessfollowedbyEUIsisthefollowing:

1.Publicationandtransparency(Article163):Ensuretheprinciplesofsoundfinancialmanagement,transparencyandequaltreatment.

2.Callfortenders(Articles167-169):Launchanopencallfortendersthatoutlinesallnecessaryspecifications.ThetenderspecificationsshouldcontainrequirementsastothecapabilityoftheprospectivetenderertoprocuretheplannedAIsystemandall

19Abilitytoadaptandimproveitsperformanceovertimebylearningfromnewdatawithoutneedingtoberetrainedfromscratch.

20Regulation(EU,Euratom)2024/2509oftheEuropeanParliamentandoftheCouncilof23September2024onthefinancialrulesapplicabletothegeneralbudgetoftheUnion(recast).

https://eur-lex.europa.eu/legal

-content/en/TXT/?uri=CELEX%3A32024R2509

11

relevanttechnicalandproceduralqualityguarantees.Amongothers,informationtoberequiredisdescribedinSection

5.3

.

3.Selectionandawardcriteria(Article170):Evaluateoffersbasedonpredefinedcriteria(e.g.price,quality,sustainability).

21

4.Execution(Article175):Monitorimplementationandensurecompliance.

Inthiscase,the“executionphase”willbecomprisedofphasessimilartosomeofthephasespresentedinSection

3.2

namely:

5.1Verificationandvalidation

5.2Deployment

5.3Operationandmonitoring

5.4Continuousvalidation

5.5Re-evaluation

5.6Retirement

SimilarlytowhathappensinthedevelopmentofAIsystems,differentrisksmayappearinthedifferentphasesoftheprocurementlifecycle(seeSections

4

and

5)

.Thed