Once a system is high-risk, Article 9 is the engine room of compliance. It is not a document you write once — it is a continuous, lifecycle process. Here is what it actually demands, step by step.
Article 9 applies once a system is classified high-risk under Article 6. It is the first of the substantive obligations and, in practice, the one that exposes whether an organisation actually governs its models or merely lists them.
The opening requirement of Article 9 of Regulation (EU) 2024/1689 is short and uncompromising:
“A risk management system shall be established, implemented, documented and maintained in relation to high-risk AI systems.”
Regulation (EU) 2024/1689, Article 9(1)Four verbs, four obligations: establish (it must exist), implement (it must run, not sit in a binder), document (it must be evidenced), and maintain (it must keep going). A risk assessment performed once and filed away fails three of the four.
Article 9(2) is explicit that this is not a checkpoint. The risk management system is “a continuous iterative process planned and run throughout the entire lifecycle of the high-risk AI system,” requiring regular and systematic review and updating. A model that has drifted, been retrained, or been redeployed into a new context is a new risk picture — and the process has to catch it.
Within that continuous process, Article 9(2) names the steps it must comprise:
| # | Step | In practice |
|---|---|---|
| 1 | Identify and analyse known and reasonably foreseeable risks to health, safety and fundamental rights | What could go wrong, and to whom, when the system is used as intended |
| 2 | Estimate and evaluate risks from intended use and from reasonably foreseeable misuse | Includes off-label use a reasonable provider should anticipate |
| 3 | Evaluate other risks emerging from post-market monitoring data | The loop closes: live operational evidence feeds back in |
| 4 | Adopt appropriate and targeted risk management measures | Concrete controls addressing the risks found above |
Article 9 does not demand zero risk — it demands that residual risk be judged acceptable. Measures should, in order of preference: eliminate or reduce risks through design and development as far as technically feasible; where a risk cannot be eliminated, apply adequate mitigation and control measures; and provide the information required under Article 13 and, where appropriate, training to deployers.
This is also the hinge that connects Article 9 to human oversight (Article 14): oversight is one of the measures by which residual risk is brought to an acceptable level.
Two further requirements are easy to overlook:
For regulated industries. If you already run a model risk management framework — for example under SR 11-7 — Article 9 maps closely onto your existing validation and monitoring discipline. The Act permits integrating these obligations into existing internal risk management procedures rather than building a parallel system. See SR 11-7 to the EU AI Act.
A continuous, documented, per-system process is impossible to run on a spreadsheet. For every high-risk system you need a living record of the risks identified, the measures adopted, the test evidence, the residual-risk judgement, and the review cadence — with a history that shows the process actually ran over time. That record is anchored in your inventory: each system is the unit of risk management, and the inventory is where its risk story lives.
Model Inventory for Jira represents each AI system as a Jira work item and supports governance work items — reviews, validations and change requests — against it, with an immutable Jira change history. The risk management process becomes trackable work with assignees and due dates, instead of a document that ages quietly in a shared drive. The legal substance of your risk assessment stays yours; the structure to execute and evidence it lives in the Jira you already run.
See how it worksThis page is a practical explanation, not legal advice. Always confirm requirements against the official text of Regulation (EU) 2024/1689.