What SimpleAct covers in day-to-day compliance operations

This overview goes beyond feature lists. It explains the full operating flow: from AI system inventory and risk assessment to governance execution and audit-ready reporting.

Note: All content is available in German and English. Use the language switcher in the header.

What this documentation helps you achieve

Features in context

Every module explains when to use it, what input it requires, and what output it produces.

Clear working sequence

You get a recommended implementation order to move from an empty workspace to evidence-ready operations.

Built for operational teams

The content is written for Compliance, Legal, IT Security, and Product teams working together on EU AI Act obligations.

Platform capabilities at a glance

SimpleAct combines the key building blocks so your compliance operations do not rely on disconnected spreadsheets, emails, and isolated documents.

1) Inventory and classify

From complete AI system visibility to defensible risk classification.

AI inventory with ownership, use case context, and system details
Shadow AI visibility and traceable documentation
Rule-based risk assessment with automatic classification (Minimal/Limited/High Risk)
Checklist logic aligned to the assigned risk class

2) Build evidence and govern execution

Documentation, action tracking, and governance in one continuous process.

Technical evidence and supporting documentation per AI system
Annex IV dossier support for high-risk AI systems
Incident management with status flow and reassessment triggers
Audit playbook for action planning and execution control
Legal review cycle with cadence, reminders, and escalation paths

3) Scale safely in operations

Auditability, collaboration, and integrations for growing organizations.

Dashboard for metrics, open gaps, and activity visibility
Audit log with complete change history
User and role model (Admin, Editor, Viewer)
2FA for admins and OIDC/SSO support (Professional+)
API keys, webhooks, and white-label capabilities for Enterprise
PDF/DOCX export and versioning for reviews and audits

Recommended operating flow

The biggest value appears when modules are used as one connected operating model. This sequence helps teams build a sustainable compliance system.

Set up workspace and governance ownership

Create the workspace, store organizational context, assign roles, and establish your governance baseline.

Outcome: A working foundation with clear responsibilities.

Capture the full AI landscape

Inventory all production and experimental AI systems, including shadow-AI usage patterns.

Outcome: End-to-end transparency on real AI usage.

Assess risk and map obligations

Run the structured risk assessment per system and derive matching compliance tasks.

Outcome: Prioritized obligations by system and risk class.

Operate evidence, incidents, and reviews

Maintain documentation, track incidents, execute actions via playbooks, and run legal review cadence.

Outcome: A continuous and auditable improvement loop.

Export and communicate audit-ready outputs

Generate PDF/DOCX reports for internal approvals, external audits, and stakeholder reviews.

Outcome: Defensible, presentation-ready compliance evidence.

Role-based starting points

Different teams can start in different modules while still staying aligned with one shared process model.

Compliance lead

Start with inventory, risk assessment, and checklist execution. Then focus on dashboards and report readiness.

Legal / privacy

Start with legal review cycles and evidencing, then align findings with risk class and Annex IV expectations.

IT / security / platform

Start with role model, 2FA/SSO, and integrations. Then harden incident flow, auditability, and team handoffs.

Modules and documentation areas

Onboarding and core flow

Getting started

Registration, setup, and baseline configuration

AI inventory

Capture systems, structure ownership, and surface shadow AI

Risk assessment

Rule-based classification and prioritization

Compliance checklist

Execute obligations aligned to each risk class

Governance and evidence

Annex IV dossier

Technical documentation for high-risk AI systems

Incident management

Record incidents, manage status, trigger reassessment

Audit playbook

Plan and execute actions for audits

Legal review cycle

Cadence, escalations, and reminders for legal checks

Operations, collaboration, and reporting

Dashboard

Track status, metrics, gaps, and team activity

Users & roles

Admin/Editor/Viewer and cross-team collaboration

Export & reports

PDF/DOCX outputs for audits and governance reviews

Quick start

If you are starting from scratch, use this compact sequence:

1Create your workspace and define roles/ownership
2Capture all AI systems, including shadow AI
3Run and prioritize risk assessments per system
4Execute checklists, evidence tasks, and action plans
5Export audit-ready reports and run internal approval

Open getting started

Why this structure works

One connected operating model instead of isolated feature usage

Traceable decision and change history

Clear accountability across functions

Audit-ready evidence without fragmented manual documentation

Additional resources

SimpleAct app

Open the application

Back to landing page

Return to the homepage