Go-Live Compliance Gate
All checks an AI system must pass before go-live – and how to complete them.
The Go-Live Compliance Gate automatically verifies whether an AI system is ready for production. Once all checks are green, the system is considered audit-ready. The gate updates in real time whenever data changes.
Information
While the gate shows BLOCKED, at least one mandatory item is missing. The buttons in the gate take you directly to where you need to enter the missing information.
Recommended order
Work through the gate most efficiently in this order:
- 1AI Inventory: fill in responsible person, oversight mechanism, and impact assessment
- 2Trust & Security Pack: fill in and save in the gate tab
- 3Controls & Policies: set all HIGH controls to IMPLEMENTED
- 4Run Policy Automation and close any resulting triggers
- 5Technical evidence: set all 4 types to FINAL
- 6Annex IV Dossier: complete all sections
- 7Governance: create evidence and set to APPROVED (admin required)
- 8Annex IV: click "Finalize" → gate switches to READY
Gate checks at a glance
The gate consists of up to 11 checks. High-risk systems have 3 additional checks.
Annex IV Dossier – FINAL
Documentation → Annex IV Dossier Builder
- ›Complete all 7 dossier sections (100% progress required)
- ›Workflow: Draft → Review → Approved → Finalize
- ›Prerequisite: at least 1 approved governance evidence item (see below)
- ›Then click "Finalize"
High-priority controls implemented
Documentation → Controls & Policies
- ›Open all controls marked as HIGH
- ›Set status to IMPLEMENTED or EVIDENCED
- ›Missing controls show a direct hint about the gap
Policy engine – no open actions
Documentation → Go-Live Gate tab
- ›In the gate tab, click "Run Policy Automation"
- ›The system automatically creates reassessment triggers for open gaps
- ›Then close these triggers in Operations & Monitoring
Operational findings closed
Documentation → Operations & Monitoring
- ›Set all open incidents to RESOLVED or CLOSED
- ›Mark all open reassessment triggers as DONE
Critical runtime signals resolved
Documentation → Operations & Monitoring → Runtime Signals
- ›Address all signals with severity HIGH or CRITICAL
- ›Set status to RESOLVED or close with justification
Trust & Security Pack complete
Documentation → Go-Live Gate tab → Trust & Security Pack
- ›Enter the Security Whitepaper URL (must be publicly accessible)
- ›Enter subprocessors – one per line (e.g. AWS Frankfurt, Stripe Inc.)
- ›Enter the Retention Policy URL
- ›Enter the date of the most recent penetration test (max 365 days old)
- ›Click "Save Trust Pack"
Technical evidence pack finalized
Documentation → Technical Evidence
- ›4 evidence types must be set to FINAL:
- ›→ Bias Assessment
- ›→ Data Lineage
- ›→ Model Update Log
- ›→ Risk Mitigation Measures
- ›Open each entry, fill in the data, and set status to FINAL
Additional checks for high-risk systems
Systems with risk category HIGH have 3 additional mandatory checks. These are managed directly in the AI inventory.
Accountability owner assigned
AI Inventory → Edit system
- ›Open the system in the AI inventory and click "Edit"
- ›Fill in the "Responsible Person" field (name)
- ›Fill in the "Responsible Email" field
- ›Save
Human oversight documented
AI Inventory → Edit system
- ›Open the system in the AI inventory and click "Edit"
- ›Select at least one oversight mechanism: Approval, Review, or Escalation
- ›Save
Core documentation complete
AI Inventory → Edit system
- ›Open the system in the AI inventory and click "Edit"
- ›Find the "Compliance Evidence" section
- ›Check "Impact assessment completed (DPIA / AI impact assessment on file)"
- ›Save
- ›Note: The "Documentation complete" flag is automatically set once Annex IV is finalized
Governance evidence for Annex IV finalization
Before Annex IV can be set to FINAL, at least one approved governance evidence item must exist. This is an intentional control: no final status without external confirmation.
- 1Go to "Governance" in the left navigation
- 2Select the same AI system
- 3Open the "Evidence Register" tab
- 4Click "Create new evidence"
- 5Object: select Annex IV dossier (pre-filled)
- 6Enter a title (e.g. "Annex IV – Risk management evidence")
- 7Choose evidence type (Note is the simplest)
- 8Click "Create evidence"
- 9Open the created entry in the list and set status to APPROVED
Important
Only users with the ADMIN role can set evidence to APPROVED. If you do not see this status option, your account lacks the required permission – ask a workspace admin.
